Port 25
Derek Winkler
dwinkler at ALGORITHMICS.COM
Wed Jun 25 14:46:07 IST 2003
RedHat's sendmail config by default only listens on 127.0.0.1
Try doing...
netstat -an | grep :25
and see what addresses sendmail is listening on.
To modify this, look at /etc/mail/sendmail.mc
-----Original Message-----
From: mikea [mailto:mikea at mikea.ath.cx]
Sent: Wednesday, June 25, 2003 9:41 AM
To: MAILSCANNER at jiscmail.ac.uk
Subject: Re: Port 25
On Wed, Jun 25, 2003 at 08:30:06AM -0500, Steve Douglas wrote:
> I am running RedHat version 9 with f-prot, dcc, and razor. I am using
> MailScanner version 4.21-9.
>
> When I started I use the command check_MailScanner and receive the
following
> results in my mail log:
> - MailScanner child caught a SIGH
> - MailScanner child caught a SIGH
> - MailScanner E-Mail Virus Scanner version 4.21-9 starting...
> - Enabling SpamAssassin auto-whitelist functionality...
> - Using locktype = flock
>
> I get the above for each instance of child process that is running (five
> MailScanner instances when I do a "ps -A"
>
> My firewall is completely off for the moment to remove any potential
> barriers and scanning does not show port 25. In addition, when I send a
> test email nothing is forwarded.
Try doing `telnet <name-of-machine> 25`. If something answers and
puts up a banner, then there's a listener on 25, which probably is
your MTA. The banner will tell you what's there.
Mine gives this:
$ telnet 127.0.0.1 25
220- ESMTP
220-
220-
220-It is a violation of applicable law to send spam
220-to this server, and such violations may be prosecuted.
220-
220 Be aware: Oklahoma has Long Arm clauses in its computer crime
statute.
but I'm paranoid and nasty, and longer banners tend to do ugly things to
badly-written ratware. I'm willing to do what I can to break ratware.
If you don't get a connection, then probably sendmail (or exim or
postfix or other_MTA) is not running, and you need to investigate that.
Try the "ps" command; on FreeBSD it would be something like
`ps awwwwux | grep -i mail`
(without the "`") to catch all processes that have the character
string "mail" in any combination of upper/lower case.
If you get a connection but no banner, then *something* is listening
on port 25, but it may not be an MTA. That *definitely* merits serious
investigation, and the "netstat" command can be a great help.
--
Mike Andrews
mikea at mikea.ath.cx
Tired old sysadmin since 1964
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20030625/9dfa43ba/attachment.html
More information about the MailScanner
mailing list