[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The mailq service

> Maybe it's a stupid question, but how do I stop remote machines to connect
> to port 174/TCP when running zmailer? I definitely don't want people to
> look at the mail queue on the local server. 
> How do I tell zmailer not to accept any connections to that port (at least
> from the outside, I still want the mailq command to work locally)

With  tcpd  by controlling access to facility:

	mailq : ALL@
	smtp-receiver : ALL


Hmm.. scheduler's man-page does not mention it; INSTALL neither..
I will add comments about it into  scheduler.8,  and smtpserver.8

A new .SH section on  scheduler(8):

       If the ZMailer system is configured with tcp-wrapper code,
       then service-id "mailq" is looked for all those  addresses
       that are allowed to do queries.

       Usually  files hosts.allow, and hosts.deny contain follow-
       ing kind of entries:

        mailq : ALL@
        smtp-receive: ALL@ALL
        ALL : ALL@ALL

       (Do note that smtpserver(8) has also tcp-wrapper  support,
       which  becomes active simultaneously with scheduler's tcp-
       wrapper code!)

> regards, marek

/Matti Aarnio <mea@nic.funet.fi>