[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bad exim configuration (was: fetchmail gives me headache)

On 24, aug, 2000 at 09:05:35 +0200, Andreas Hetzmannseder wrote:
> Morten Liebach wrote:
<lots'a snippage>
> nmap now gives me the following list:
> 
> Open ports on woof (127.0.0.1):
> Port Number Protocol Service
>  25         tcp      smtp
> 111         tcp      sunrpc
> 515         tcp      printer
> 
> ...though I still don't know what sunrpc is good for.

Script-kiddies like it (or so I've heard)! :-)
On Potato, and probably Slink,  you can disable it with the command:

	/usr/sbin/update-rc.d -f portmap remove

It will remove the symlinks to the  /etc/init.d/portmap[1] script, which
is the script that starts the portmapper on port 111 (and call it
sunrpc, which, I believe, stands for Sun Remote Procedure Call).

Iff only your own machine should connect to services on it, you can put
the line:

	ALL: ALL

in the file /etc/hosts.deny, that way all connections from outside will
be deny'ed for programs compiled with TCP-wrappers (everything you start
from inetd, + a few others).

If you do these things you box should be very secure.

<more snippage>
 
> By entering 'andy' I have got messages from my system delivered to
> /var/spool/mail/andy.
> I have to explain that this isn't really local delivery as I have a
> standalone PC with no LAN. It just goes from localhost to localhost.
> This happened several times and I felt nothing bad about it.
> Isn't this common practice? If not, what else should I enter?

This is as it should be. And it is ``local delivery''.

> > > Well, at least I know that exim works for _local deliveries_ [...]
> > 
> > So it is just a broken inetd.conf.
> 
> Shouldn't inetd.conf have been updated during the installation of exim?

I think it should, but I don't know about Slink, I only know Potato.

> Perhaps it is a bug in the exim package, but I haven't checked the bug
> report yet.
> 
> > Fix it as per above, and do a ``killall -HUP inetd''.
>
> And so I did. Mail is now delivered to /var/spool/mail/andy just like
> I thought. Thank you very much again.
> The next thing will be setting up mutt.
> > 
> > > > [...] Look at my homepage [...]
> 
> I will have a thorough look at your .muttrc...

Remember, it is for version 1.2.5i, and it is not at all compatible with
1.0.* or earlier versions.
You can get the source from
ftp://ftp.mutt.org/pub/mutt/mutt-1.2.5i.tar.gz (1927KB). tar -zxvf
mutt-1.2.5i.tar.gz, cd mutt-1.2.5 and read the README and the INSTALL,
and do as they say: ./configure <arguments> ; make ; (as root) make
install.

This is very simple advice, but your setup is also rather simple, so I
think it'll work.

BTW, if you need a later X than the one from Slink it might be possible
to download the debs from Potato and install them. Check the archives,
ask this list; I don't know whether it would be easier to do a
distupgrade or this (but with a distupgrade you get a lot of new and
improved stuff ... your call).

> Cheers,
> Andreas.

Take care, Have fun
			Morten


PS: Standard disclaimer: I _only_ know Debian Potato, I've used it
    allmost exclusively for the last 4-5 months, and I have no
    experience with Slink whatsoever.
    I've allmost forgotten how it is to use RedHat and SuSE. ;-)

[1]: Browse around in the /etc/rc.* dirs, and look at it, it tells you a
     lot about what's going on at init(8).
     /usr/sbin/update-rc.d is the tool you use to change the symlinks
     there the Debian Way(TM), which is a good way! Read update-rc.d(8).


-- 
UNIX, reach out and grep someone!
Reply to: