[Gllug] Sendmail, Firewalls, SSL...

Formi formi at blueyonder.co.uk
Tue Jun 25 07:06:50 UTC 2002 


 Hello, 

 collection of questions for those with time and will.

 Situation = RH 7.3(1) and Sendmail(1)

 Problem 1: Crap admin, always high on Mate.
 Solution: none in the short term.

 Well, seriously, I have set up IMAP so I can get my mail and
 the server's owner piped through SSL. I know nothing about
 Sendmail, that bit is not messed up by me. 

 Actually every user can use IMAPS, but it is not required.
 
 I want to be able to have the mail passed through procmail, 
 but only for my domains and the server's owner accounts. 
 Not the normal POP3 users. Is that possible?

 Issue 2: I have setup the firewall with giptables, even made my
 own webmail module. It prevents spoofing, xmas packets, odd 
 fragmented ones... Where can I find info to decript what 
 the firewall logs actually mean? I know wich ports are being
 blocked, but I want to know why.  

 I don't actually have the time to check the TCP/IP RFCs.
 So something in the "for dummies" fashion will be appreciated.

Jun 25 07:09:47 ns kernel: giptables-drop-src-norule: IN=eth0 OUT= MAC=00:a0:24:5a:bf:c6:02:30:cd:00:07:bd:08:00 
SRC=204.123.28.33 DST=62.190.132.170 LEN=57 TOS=0x00 PREC=0x00 TTL=13 ID=3618 PROTO=UDP SPT=3663 DPT=53 LEN=37 
 

 Stupid Issue 3: The machine has only one nic, and a virtual eth1.
 Should I run all services on 127.0.0.1 or on the nic's ips?
 
 Right now I have a mixture and it works, but sendmail takes more
 time that what the other servers on other machines. 

 Issue 3: Fecthmail, when polling the imaps server tells me something
 Server Commonname Mismatch "localhost.localdomain != mail.mydomain.net" 
 but it works. It pops up during the ssl negotation.

 Where can I change that?

 Issue 4: I tried syslog-ng to filter just the firewall output to another
 file, no luck making it work. What can I use instead of syslog??

 
 Thanks for your patience, 

                                      Formi. 


(1) Not my cup of Yerba Mate.

-- 
				
    V   
   . .                              Formi		
    v 
   / \ GZ           MDK 8.2 ThinkPad 560E
  // \\/   
 /( _ )     Linux Registered User #235743
  ^   ^  	     	



-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug

More information about the GLLUG mailing list