[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What is required to deliver system mail locally ???

Andreas Janssen <andreas.janssen@bigfoot.com> [2003:11:15:18:34:36+0100] scribed:
> Hello
> 
> Jacob S. (<stormspotter@6texans.net>) wrote:
> 
> > On Sat, 15 Nov 2003 08:27:28 -0600
> > Michael D Schleif <mds@helices.org> wrote:
> > 
> > <snip>
> > 
> >> I have rerun eximconf, and told it to use option #4, that this
> >> computer is *not* on the Internet, and to only deliver local mail. 
> >> Of course, now nothing is listening on port 25 ;>
> > <snip>
> > 
> > Are you sure nothing's listening on port 25? I just checked with a
> > telnet <name> 25 to one of the machines on my network running exim
> > that I configured with the same option #4 and got the usual SMTP
> > greeting identifying itself as Exim 3.35.
> > 
> > I think option #4 just skips asking you details about how to send and
> > receive e-mail from the internet because you told it you only want
> > mail delivered locally. However, it still listens to port 25 because
> > you said you *do* want mail delivered locally, by selecting #4.
> 
> Running eximconfig and selecting local delivery doesn't affect on which
> port exim is listening. With the default settings, exim is started by
> inetd, which listens on /all/ interfaces, no matter what you tell exim
> to do. Even if you tell exim to do local delivery only.
> 
> If you switch off inetd manually or switch off smtp in inetd.conf,
> eximconfig will not change this (at least if you select option 4).
> However, if you switch off smtp in inetd.conf and you still have the
> init scripts for exim, exim will automatically start in standalone mode
> the next time you reboot.

Yes, I did this, after eximconfig:

   sudo update-inetd --disable smtp

Yes, I know that I can run any number of MTA's, including exim, qmail,
&c.  However, my point is that there are boxen on which *only* local,
system mail is appropriate.  Mine is one of those.

In this case, what is the Debian way to run an absolutely minimum MTA,
the smallest possible footprint, least likely setup to disrupt apt-get'd
applications, and as secure as possible.

So far, I have not seen any response address this.  Or, am I missing
something?

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--

Attachment: pgpjMnFa7uoDF.pgp
Description: PGP signature

Reply to: