ETRN support in MailScanner required

John Rudd jrudd at UCSC.EDU
Sun Aug 15 17:10:39 IST 2004


<x-flowed>
If you REALLY need ETRN on your secondary MX, then here's what I would
do:

0) compile your sendmail with libwrap, if you haven't already

1) there are two sendmail's that you run under mailscanner, the one
that normally as the "-bd" option (that should also have the noetrn
directive), and then one that has the "-q15m" (or some number besides
15).  Take the _SECOND_ one (that normally doesn't run with daemon
mode), and run it with daemon mode on a port other than 25.  Pick a
really obscure port, not one of the standard alternate ports.  This is
going to require that you do a bit of extra work (two different .cf
files, for starters, probably separate access_db's, etc.).

2) set up your libwrap (and/or access_db for the 2nd sendmail) so that
the other port is only accessible from your primary MX.  This way you
wont get random people submitting messages on this other port (which
would bypass mailscanner).

3) when you want to start the ETRN process, you'll need to do it by
connecting to that obscure port.  You probably want to do this via a
specific process, and not set up your primary to generally use that
obscure port (so that it is only connecting to that port for ETRN, and
not for general mail delivery to the secondary).


Hope that all makes sense.  If you don't fully understand all of the
work involved (like what needs to go into that second .cf file), then
you shouldn't even think about trying to do this.  It's not something
that should be done by someone who doesn't REALLY understand what's
going on at the different interacting levels (which is why I haven't
given specific directives about how to set up that second cf file, and
wont: if you can't figure it out on your own, don't do it at all).

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
</x-flowed>



More information about the MailScanner mailing list