Linux on PowerPC FAQ-O-Matic : Applications :
fetchmail complains about smtp daemon
> Anyone know where to get this? Couldn't find this as a package, figured
> it was just part of one.
>
> Pete Pawlowski
Try the 'sendmail' package.
Also, depending on how you use "fetchmail" you may not really need this
in which case you can just ignore the error by using "--nodeps" on the install.
------------------------------------------------------------------------
Gary Thomas |
(as seen on a mailing list)
mwest@nyx.net
Fetchmail goes out onto the net and queries your mailbox. Once it has the mail, it then tries to hand them off to the local mailer on your system with the appropriate headers reflecting the local site. This "local mailer" (or MTA [mail transportation agent]) is this "smtp daemon".
What is a smtp daemon?
An smtp daemon is a little program that listens to port 25. It speaks 'smtp' - the simple mail transport protocol. When another MTA wants to send mail to your machine, it contacts this smtp daemon via port 25 tcp.
Fetchmail is no different as an MTA when it wants to send mail to the same system it is running on. It needs something listening to port 25 so it can send the mail to the system it is running on. Once it hands the mail off, it's up to the smtp daemon to actually deliver the mail.
For a long time, the program sendmail was used for this. Fortunatly, there are numerous replacements that have come on the scene that address some of sendmail's limitations. One of these is qmail and another is exim.
When you install these programs, you generally have an option as to how it listens to port 25. It may do it directly, running as a deamon while the system is up, or it may be invoked by the inetd super daemon. I prefer the latter because it is more secure and my site rarely receives mail directly. Keep in mind that any connections to port 25 - and if inetd is bound to that address - will cause the MTA to be envoked. This may or may not be a good thing depending upon your set up. For if your major use of the mailer is local mail, then having it listen to port 25 opens up a security hole - anyone can try to send your system mail. While the MTA may refuse this, any connection like this is a possible problem and it is safer to not have them if at all possible.
Fetchmail contacts the smtp daemon/MTA via the local interface ("localhost", "lo", 127.0.0.1) and if fetchmail is the main way your site receives email, there is no reason to have the daemon listening to your internet interface where it is open for probing. There are probably ways to do this in the mailer's configuration, but I personally just use ipchains (Kernel 2.2) and deny access to that port on that particular interface.
eg:
IP_ADDR=209.12.122.30 ipchains -A input -p tcp -i eth0 -s 0.0.0.0/0 -d $IP_ADDR 25 -j DENY
This effectivly stops the possibility of anyone probing port 25 from the internet.
If you want to invoke the daemon via inetd, read about inetd.conf and inetd in general and update /etc/inetd.conf . You'll probably have to change some options on the command line for the MTA inetd envokes.
Elizabeth
coalition_for_national_day_care@yahoo.com
How do I fix Netscape's Backspace Key?