[Scottish] mail server issues

[Colin McKinnon]

On Friday 25 April 2008 12:25, Roland Ward wrote:
> scottish-request at mailman.lug.org.uk wrote:
> > Does anyone know of a way of achieving this or have any other
> > suggestions? My only other alternative is to enable sendmail but
> > restrict it to only accept connections on the loopback address, however
> > this may have implications as our security teams may have asked for
> > sendmail to be disabled by default (I'm looking into this).
>
> I'd go with the perl script already mentioned or look at installing
> something like SSMTP on the server. 

I've previously used nullmailer - although since every unix in the world comes 
with sendmail as a default install option its kind of a no brainer to use 
that - you only need to change one line in the sendmail.cf file:

DS

to

DSroute.mail.through.this.address

If you want to block other people using sendmail its probably possible via 
sendmail.cf. Easier to do it with iptables.

(I'd used nullmailer a long time ago when a megabyte cost megabucks)

BTW its a really dumb thing to just check the permissions on /tmp. There are 
so many things that could go wrong.

>
> Also consider using something like nagios or even just the logger
> command to send out the information to a central monitoring host.

Yes - I can't believe they do this in my work too - remote, headless servers 
with no mail delivery set up - and then expect them to be managable. Still at 
least they are starting to replace telnet and ftp.

Nagios is more suited to event polling rather than notification and monitoring 
performance / availability over time rather than the cause of this particular 
incident which you have to make sure never happens again. A better solution 
here might be a host based IDS which checks file permissions - or, hell, 
install MAC and don't anyone mess with anything (particularly anyone who 
describes themselves as a DBA).

That's not to say Nagios is not a good idea though.

C.