How to make sendmail accept connections from localhost only

email spam sendmail

I need to secure the server by making sendmail-mta accept only local connections (from localhost), so that any external (potential spam) connections are denied.

I use Debian 7.0 currently.


Solution 1:

The following line in your m4 config generation file will cause sendmail to listen to port 25 only on 127.0.0.1:

DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

Solution 2:

I decided to do it in another way. Instead of trying to tune the the sendmail-mta itself (which I did not succeed in) or recompiling it with the built-in options, I used a simple iptables rule:

iptables -A INPUT -i eth0 -p tcp --dport 25 -j DROP

This rule blocks all incoming connections on eth0 interface. The connections to the lo interface remain untouched. Of course, this is not a solution by means of the sendmail-mta, but it turned out to be much more simple to solve this particular problem this way.

Related

why apt is not installing dependencies on Wheezy?
svnserve seems to write files as root. How can I give access to the same repository via svnserve and apache?
RHEL: What happens when memory starts to fail?
How can I delete all messages from a certain address from the mailqueue?
redis "No route to host" when pinging a remote redis host
What happens when RDS freeable memory runs out?
How light is a ping?
Using git to deploy
Avoiding duplicate code in my nGinx configuration
Difference between Computer config and User config in GPO
How to disable 1 version of PostgreSQL server without uninstalling it
Change ssh ControlPath with host-specific declaration