IPTables Newbie
Bill Horne
bill at billhorne.homelinux.org
Mon Nov 24 22:26:45 EST 2003
On Mon, Nov 24, 2003 at 02:14:38PM -0600, Michael White wrote:
> Hello All,
>
[snip]
> I'm building an RH9 firewall/mailserver combo box for a small
> client. Sendmail appears to be running correctly in that I'm able
> to telnet to port 25 from an internal system. However, after
> performing the following commands, I'm unable to telnet to the same
> port from and external IP:
> IPTABLES -A INPUT -p tcp --dport 25 -j ACCEPT
> IPTABLES -A INPUT -p ucp --dport 25 -j ACCEPT
>
> Am I going about this all wrong? Should I be entering the command
> differently?
It's probably not an iptables issue. The default setup for sendmail
restricts it to listening for connections from the "localhost" only,
since it's usually used only for outgoing mail.
Check the /etc/mail/sendmail.mc file, and search for the loopback
address, which is "127.0.0.1". If you find it, remove the
"Addr=127.0.0.1" option (it's a good idea to copy the line, and
put "dnl" in front of the original to "comment it out", and then
make your changes to the copy).
You'll need to do a "make" after the change; just follow the
example at the top of the file. After you create the new
sendmail.cf, restart sendmail and you should be set.
HTH.
Bill Horne
More information about the Discuss
mailing list