Allowing remote sendmail connections I'm in the process of creating some gate and clones for an internal project. Part of the
gate maintenance requires mail to be sent to a specific host such that a checkin kicks of
some sanity checks. I've got a working example on another host. But I can't get mine to work.
First we need to make sure that sendmail is running on the target box:
> svcs -a | grep smtp
online Jun_04 svc:/network/smtp:sendmail
> netstat -a | grep smtp
localhost.smtp *.* 0 0 49152 0 LISTEN
Okay, it appears to be up. Can we confirm that from a remote host?
> telnet kanigix 25
Trying 192.168.2.XXX...
telnet: connect to address 192.168.2.XXX: Connection refused
> sudo nmap kanigix
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2007-06-06 10:51 CDT
Interesting ports on kanigix.XXX (192.168.2.XXX):
Not shown: 1676 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
2049/tcp open nfs
4045/tcp open lockd
MAC Address: 00:03:47:B1:6E:45 (Intel)
Nmap finished: 1 IP address (1 host up) scanned in 45.244 seconds
Okay, internally it appears up and externally it appears down. Further, a google doesn't
yield anything interesting. Time to check the man pages for sendmail:
On an unmodified system, access to sendmail by remote
clients is enabled and disabled through the service manage-
ment facility (see smf(5)). In particular, remote access is
determined by the value of the local_only SMF property:
svc:/network/smtp:sendmail/config/local_only = true
A setting of true, as above, disallows remote access; false
allows remote access. The default value is true.
The following example shows the sequence of SMF commands
used to enable sendmail to allow access to remote systems:
# svccfg -s svc:/network/smtp:sendmail setprop config/local_only = false
# svcadm refresh svc:/network/smtp:sendmail
Okay, what is the current value of the property?
> svccfg -s svc:/network/smtp:sendmail listprop config/local_only
config/local_only boolean true
Time to correct it:
> sudo svccfg -s svc:/network/smtp:sendmail setprop config/local_only = false
> sudo svcadm refresh svc:/network/smtp:sendmail
And what do we see now? Nothing changed. Try this:
> sudo svcadm restart svc:/network/smtp:sendmail
And we see some changes start:
> netstat -a | grep smtp
*.smtp *.* 0 0 49152 0 LISTEN
*.smtp *.* 0 0 49152 0 LISTEN
*.smtp *.* 0 0 49152 0 LISTEN
And from the client:
> telnet kanigix 25
Trying 192.168.2.XXX...
Connected to kanigix.
Escape character is '^]'.
220 kanigix.XXX ESMTP Sendmail 8.14.1+Sun/8.14.1; Wed, 6 Jun 2007 11:12:54 -0500 (CDT)
^]
telnet> q
Connection closed.
Okay, that wasn't intuitive. And neither was the control for remote access being buried in a property.
I will say that the man page was helpful.
