Re: Exim config (was Re: turning off smtp and sunrpc services)
On Sun, Nov 21, 1999 at 03:52:04PM -0500, Salman Ahmed wrote
> >>>>> "l" == lists <firstname.lastname@example.org> writes:
> l> You can use the fuser command to find out which processes are
> l> opening those ports.
> Ok. I checked these services using fuser and here is what I got:
> @phoenix:[/home/ssahmed] fuser -vn tcp 25
> USER PID ACCESS COMMAND
> 25/tcp root 139 f.... exim
> @phoenix:[/home/ssahmed] fuser -vn tcp 111
> USER PID ACCESS COMMAND
> 111/tcp root 121 f.... portmap
> For now, I am more concerned about smtp. I checked /etc/inetd.conf and
> smtp is not being run from there. So, when exim is being started up, it
> is being started up in a mode where it accepts smtp connections. This is
> not I want since when I configured exim, I selected the option to "set
> it up for local delivery of mail only". I checked /etc/init.d/exim and
> exim is being started up with the command line arguments "-bd
> -q30m". The "-bd" tells exim to accept smtp connections.
> How do I change this behaviour so that exim is run only for local
> delivery of mail but not for smtp mail/services ?
> Any exim experts out there with suggestions ??
The definitive answer will depend on the particular exim package you're
running; these comments relate to slink systems, but you should be able
to figure out the differences for your (presumably, potato) setup.
Firstly, it's probably not a bad idea to run an smtp server even if you're
not on a network and only delivering mail locally; some mail programs don't
provide an alternative to smtp for sending mail, so depending on your MUA
it may be necessary for sending mail to other users.
If you just want to make sure it doesn't accept connections from other
machines and it's not being run under inetd, then make sure that your
/etc/exim.conf file contains the directives
sender_host_accept = 127.0.0.1
If you have any other addresses that point to your localhost (e.g., a
network card), add them to make a colon-separated list of addresses.
Exim will now only accept SMTP connections from those addresses.
If you don't even want to offer an smtp service to the localhost,
you (obviously) have to find out where it is being started.
Exim may get run three ways:
- From /etc/init.d/exim;
- By inetd.conf;
- By cron;
In the default 'slink' install, /etc/init.d/exim has the statements
# Usually this is disabled and exim runs from /etc/inetd.conf
somewhere near the top; if your /etc/init.d/exim doesn't, then run
"/etc/init.d/exim stop" and verify that exim is no longer running,
then add those lines (or some like them) to /etc/init.d/exim.
If you've commented the smtp service out of /etc/inetd.conf, bear
in mind that you have to send inetd a SIGHUP to re-load the
configuration file; on slink, you can do this conveniently by running
Lastly, in slink there is a file at /etc/cron.d/exim that by default
runs the exim queue once every 15 minutes, with the command
if [ -x /usr/sbin/exim ]; then /usr/sbin/exim -q >/dev/null 2>&1; fi
It's possible that someone, sometime has edited this file to add the
"-b" file to the exim invocation.
"Oh - I - you know - my job is to fear everything." - Bill Gates in Denmark