jail open port smtp (25)

F

folivora

Hi.

I am running two jails. They have identical configurations (except ip_address) and also other jail isn't running sshd. I wonder why the other jail has smtp/25 open, also the jail which is listening smtp/25 is sending mail for local jail root-user, and doing portaudit ect.

Question goes why it has port 25 open, even when I have disabled it.

Here are the configuration files.

host_os:

Code: 
ifconfig_em0_alias0="inet 10.10.10.3 netmask 255.255.255.255"
ifconfig_em0_alias1="inet 10.10.10.4 netmask 255.255.255.255

#JAIL
jail_enable="YES"
jail_list="jail_1 jail_2"
jail_set_hostname_allow="NO"
jail_interface="em0"
jail_procfs_enable="NO"
#JAIL IRSSI
jail_jail_1_rootdir="/usr/jail/jail_1"
jail_jail_1_hostname="jail_1"
jail_jail_1_ip="10.10.10.3"
jail_jail_1_devfs_enable="YES"
jail_jail_1_devfs_ruleset="devfsrules_jail"
#JAIL DNS
jail_jail_2_rootdir="/usr/jail/jail_2"
jail_jail_2_hostname="jail_2"
jail_jail_2_exec_start="/usr/local/sbin/pdnsd -d"
jail_jail_2_ip="10.10.10.4"
jail_jail_2_devfs_enable="YES"
jail_jail_2_devfs_ruleset="devfsrules_jail"

jail_1 configuration:

Code: 
hostname="jail_1"
ifconfig_em0="inet 10.10.10.3 netmask 255.255.255.255"
defaultrouter="10.10.10.2"
rpcbind_enable="NO"
clear_tmp_enable="YES"
sendmail_enable="NO"
sshd_enable="YES"

jail_2 configuration:

Code: 
hostname="jail_2"
ifconfig_em0="inet 10.10.10.4 netmask 255.255.255.255"
defaultrouter="10.10.10.2"
rpcbind_enable="NO"
clear_tmp_enable="YES"
sendmail_enable="NO"
pdnsd_enable="YES"
pdnsd_flags=""
sshd_enable="NO"

I can't see what makes the difference, so other one is listening smtp/25 ect.

Here is nmap's info.

Code: 
"nmap 10.10.10.3  Starting Nmap 5.21 ( [url]http://nmap.org[/url] ) at 2010-10-17 15:21 EEST Nmap scan report for 10.10.10.3 Host is up 
(0.00020s latency). Not shown: 998 filtered ports PORT   STATE SERVICE 22/tcp open  ssh 25/tcp open  smtp"

Code: 
"10.10.10.4  Starting Nmap 5.21 ( [url]http://nmap.org[/url] ) at 2010-10-17 15:25 EEST Nmap scan report for 10.10.10.4 Host is up 
(0.00019s latency). Not shown: 999 filtered ports PORT   STATE SERVICE 53/tcp open  domain"


Thanks for the answers

Folivora
 
Hi,

If you do a
Code: 
cat /etc/defaults/rc.conf | grep sendmail

You can find all sendmail related default startup options. There's a shortcut, however.

I have this single line in /etc/rc.conf to turn every sendmail service off:
Code: 
sendmail_enable="NONE"


good luck!
 
Hey,

I added this to my rc.conf and stopped sendmail daemon.
Code: 
sendmail_enable="NO"

One thing is what I am trying to figure out. That if I want to run sendmail in jail, is it possible to run so sendmail isn't listening smtp/25. So sendmail will just send notification mails to jails root user.

Folivora
 
You must log in or register to reply here.
Back
Top