auth + sendmail ident

Mark Stewart Mark.Stewart at bacs.co.uk
Wed Feb 5 17:39:13 GMT 2003 

thanks for the reply - great info, out of interest what do you set your
max childs to on sendmail ? is 500 about right ?

-----Original Message-----
From: Matthew Seaman [mailto:m.seaman at infracaninophile.co.uk]
Sent: 05 February 2003 13:35
To: freebsd-users at uk.freebsd.org
Subject: Re: auth + sendmail ident


On Wed, Feb 05, 2003 at 11:59:38AM -0000, Mark Stewart wrote:
> does anyone know how to stop the auth service running on port 113 as
sendmail is hammering my firewall with auth requests.

Generally I use a rule like:

    add 1300 reset tcp from any to 81.2.69.218 113 setup in recv de0

to refuse external mailers to communicate with my mailer's ident
service.  You want to 'reset' rather than 'deny' the connection, or
mail transfer will stall for ages while the attempted connection times
out.

Similarly, to prevent the local sendmail from making ident (RFC1413)
requests, all you need do is set:

    Timeout.ident=3D0

in sendmail.cf. That is best done by:

    define(`confTO_IDENT', `0')dnl

in /etc/mail/`hostname`.mc

You may need to apply similar changes to /etc/mail/submit.mc and
/etc/mail/submit.cf --- I can't remember off hand if the sm-msp uses
ident lookups or not.

Applying these changes will prevent the '$_' macro being set, which is
usually only used in Received: headers. =20

	Cheers

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK


-----------------------------------------------------

You can find us at www.bacs.co.uk=20

*****************************************************
This communication is confidential and intended for=20
the exclusive use of the addressee only. You should=20
not disclose its contents to any other person.
If you are not the intended recipient please notify=20
the sender named above immediately.

BACS Limited, registered in England, No 1023742,=20
3 De Havilland Road, Edgware, Middlesex, HA8 5QA
*****************************************************

More information about the Ukfreebsd mailing list