Re: asmtp 587 - quickie faq submission

From: Greg Panula (greg.panula@dolaninformation.com)
Date: 09/10/02


Date: Tue, 10 Sep 2002 08:54:13 -0500
From: Greg Panula <greg.panula@dolaninformation.com>
To: freebsd-security@FreeBSD.ORG

Hmm, this original email/question is a good example why a
security-questions@freebsd.org mail-list might be a good thing.
Anyways, to help balance this thread away from noise and towards
signal... here is a quickie faq submission for this thread. :)

Q: What is ASMTP?
A: Authenicated SMTP, explained in RFC 2554

Q: What is ASMTP good for?
A: Allow the SMTP server to authenicate users before allowing them to
use the smtp service for sending mail. Useful if you have roaming users
that connect from foreign networks(e.g. hotel somewhere).

Q: How do I or my users make use of ASMTP?
A: The user's email client needs to be configured to authenicate
themselves to the smtp server. Earthlink has a FAQ section explaining
various email client configurations at
http://support.earthlink.net/mu/1/psc/img/walkthroughs/Help_FAQ/7280.psc.html

Q: Why does Sendmail listen on Port 587?
A: For compliance with RFC 2476 which states that seperating the
different parts of mail handling(submissions&transfers) is a good thing
and port 587 was deemed to be the port for handling submissions.
Sendmail 8.10.0 introduced DaemonPortOptions to support this. Checkout
http://www.sendmail.org/~gshapiro/8.10.Training/DaemonPortOptions.html
for some quick info about DaemonPortOptions.

Q: How do I turn off the Message Submission Agent aka stop listening on
port 587?
A: Add FEATURE(`no_default_msa') your cf.m4 config file and recreate
your sendmail.cf file.

Someone might want to verify the information above; I haven't done any
of it and stopped using&admin'ing sendmail a year or two ago. :)

Cheers,
  Greg

Hans Zaunere wrote:
>
> --- Lyndon Nerenberg <lyndon@orthanc.ab.ca> wrote:
> > >>>>> "Jose" == Jose Esteban Esquer Biskofski
> > <jose.esteban@plazanetwork.com> writes:
> >
> > Jose> Hello, Ive been looking for information on what sendmail's
> > Jose> asmtp (port 587) is exactly, and how to close it. Ive had
> > no
> > Jose> luck, could someone please tell me how to get rid of it?
> > Jose> Thanks.
> >
> > Port 587 is the Mail Submission service (RFC 2476), and instead of
> > turning it off you should learn what it's for and then configure
> > your MUAs to use it.
>
> I disagree. I've been through docs/RFCs/etc and I have yet to see it's
> purpose. As far as I can tell, it's just sendmail listening on another
> port.
>
> The pertinent line in /etc/mail/sendmail.cf:
>
> 0 DaemonPortOptions=Port=587, Name=MSA, M=E
>
> and I've commented it out. If someone can tell me how I'm supposed to
> talk to it, I'd be interested - otherwise I see it just as an immature
> default. And, if it's setup for MUAs, why does it listen on all IPs?
> Just localhost, no?
>
> Thanks,
>
> Hans
>
> >
> > --lyndon
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-security" in the body of the message
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Finance - Get real-time stock quotes
> http://finance.yahoo.com
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message



Relevant Pages

  • Re: Mail sent through IIS virtual SMTP server not arriving
    ... This class is new in the .NET Framework version 2.0. ... //to change the port, ... view the Properties of the Default SMTP Server; ... Juan T. Llibre, asp.net MVP ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Mail sent through IIS virtual SMTP server not arriving
    ... //to change the port, ... view the Properties of the Default SMTP Server; ... anything about the virtual SMTP server on my IIS 5.1. ... ' Create a new blank MailMessage ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: HELP: Linux telnet smtp server fails, Works from MS Windows
    ... The router/firewall is not blocking port 25, ... on the SAME network and that computer has no problem telneting to port ... The linux box can PING the smtp server. ... > What you are saying is that the cable modem is a hub and the wireless ...
    (comp.os.linux.setup)
  • Re: Mail sent through IIS virtual SMTP server not arriving
    ... Read my previous post and test using a different port. ... Juan T. Llibre, asp.net MVP ... I got the smtp server log as follows. ...
    (microsoft.public.dotnet.framework.aspnet)
  • RE: unblock port 25
    ... Im not sure what smtp server you are using, if it's sendmail, ... netstat -i shows me that port 25 is listening only for local ... Connection closed by foreign host. ...
    (RedHat)