Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Sendmail/ tcpwrappers
Top Forums UNIX for Advanced & Expert Users Sendmail/ tcpwrappers Post 51817 by skotapal on Wednesday 2nd of June 2004 11:48:29 AM
Old 06-02-2004
Sendmail/ tcpwrappers
Hi All

I am running Redhat Linux 8 (kernel version 2.4.18). Sendmail version sendmail-8.12.8-9.80. I am also running portsentry on this box that is serving as a mail + App server (Apache + Jserv).

I run into this message off and on in the maillog section of my LogWatch report...

**Unmatched Entries**
STARTTLS=client, relay=mail.xxx.com., version=TLSv1/SSLv3, verify=FAIL, cipher=DES-CBC3-SHA, bits=168/168: 115 Time(s)
tcpwrappers (mxr01.nyc02.dsl.net, 65.84.81.240) rejection: 3 Time(s)
tcpwrappers (mxr01.hvn01.dsl.net, 209.87.64.79) rejection: 2 Time(s)
tcpwrappers (content119b.lga2.nytimes.com, 199.239.138.72) rejection: 1 Time(s)
...

I checked in the /etc/hosts.deny file and found these rejected IP addresses in it. So, I guess portsentry is putting these IPs in there as there may have been some scanning from there.

I did some digging and found that if I update /et/hosts.allow with:
sendmail: ALL

This will allow all to use sendmail. Should this cause some security concerns for me? Does this message mean that someone is trying to send an e-mail and is getting rejected? Or is someone trying to use my smtp server for spam??

Also can someone explain the meaning of this message:

STARTTLS=client, relay=mail.xxx.com., version=TLSv1/SSLv3, verify=FAIL, cipher=DES-CBC3-SHA, bits=168/168: 115 Time(s)

Thanks!

KS
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

sendmail

Hello Everyone! Can anyone help me with this problem. When root sends mail from my sun to our exchange server the from field looks like this"root@server.domain.com but i would like it to look like this "root.server@domain.com" or somthing like that. I dont wont the "server" after the @. i like... (2 Replies)
Discussion started by: dozy
2 Replies

2. UNIX for Dummies Questions & Answers

sendmail.cf

Dear All , I have Linux Red Hat 6.1 , and i have sendmail (8.11.6 ) . i have big problem with spammers , i was looking in sendmail.cf configuration file and i saw this option , i tried it but it failed : the option is : # file containing known spammers by email,domain,ip Kjunk hash... (1 Reply)
Discussion started by: tamemi
1 Replies

3. UNIX for Dummies Questions & Answers

Sendmail

Am runnning sendmail on a Linux box that has connection to 2 ISP. I use on ISP to send external email. How do i restrict sendmail to using the link to my email isp even when i have set my default gateway to my nonemail isp on the linux box? (0 Replies)
Discussion started by: skykay
0 Replies

4. Programming

sendmail

hi, i am using sendmail function to send the mail for mail client. when i am sending mime content with attaching with body for the images. the image is not displaying in the mail box. all the mime content stuff is displaying. all the headers are proper. hope the reply for this (0 Replies)
Discussion started by: nagineni
0 Replies

5. UNIX for Advanced & Expert Users

Sendmail

HI CAN ANYBODY HELP ME? I HAVE COME ACROSS A PROBLEM. I AM USING SENDMAIL IN HP-UX IN THE FOLLOWING MANNER /usr/sbin/sendmail -t someone@someplace.com < /path/to/file.log BUT THE RECEIPIENT DOESNOT GET THE ADDRESS IN THE TO: SECTION OF THE MAIL. ALSO I HAVE NOT FOUND ANY OPTION TO PUT A... (6 Replies)
Discussion started by: cobroraj
6 Replies

6. Shell Programming and Scripting

Sendmail Help

Hi All, Can anyone help me out to know how can a mail be sent from sendmail command. I tried the below command sendmail -f user-host@xyz.com -s "Some Message" -t abcd@xyz.com It throwed a message -s... User unknown Message... User unknown Some... User unknown But this did not work... (1 Reply)
Discussion started by: ganga.dharan
1 Replies

7. Linux

Sendmail

How do i see all incoming mail's and outgoing mail's for a particular user and how do i list folders of sendmail (mailbox) (1 Reply)
Discussion started by: sagar824u
1 Replies

8. UNIX for Advanced & Expert Users

Sendmail questions, SCO 5.0.6 sendmail 8.11.0

I am running SCO 5.0.6 and using sendmail 8.11.0 and having issues with smtp authentication. When trying to send mail the following message will kick back. (reason: 530 5.7.1 Authentication required) 530 5.7.1 Authentication required Not sure what needs to be tweeked in sendmail.cf but I... (1 Reply)
Discussion started by: ziggy6
1 Replies

9. UNIX for Advanced & Expert Users

Sendmail

Hi, I have sendmail running in my server. I would like to know the vendor of this sendmail running in the server. I read in a blog that there are many vendors for sendmail. Please advise me how could I identify the vendor for this? Thanks, Poovalingam. (4 Replies)
Discussion started by: poova
4 Replies

10. Solaris

Clarifying sendmail configuration - sendmail-client offline

Hi all, I have read about sendmail running as 2 separate process. 1 as a MSP, and the other as the real daemon or MTA. In my current configuration, the sendmail-client is disabled. Both submit.cf and sendmail.cf are left as default untouch I do not specified any mailhost... (3 Replies)
Discussion started by: javanoob
3 Replies

LEARN ABOUT REDHAT

ssl_cipher_get_bits

SSL_CIPHER_get_name(3)						      OpenSSL						    SSL_CIPHER_get_name(3)

NAME

       SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description - get SSL_CIPHER properties

SYNOPSIS

	#include <openssl/ssl.h>

	const char *SSL_CIPHER_get_name(SSL_CIPHER *cipher);
	int SSL_CIPHER_get_bits(SSL_CIPHER *cipher, int *alg_bits);
	char *SSL_CIPHER_get_version(SSL_CIPHER *cipher);
	char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int size);

DESCRIPTION

       SSL_CIPHER_get_name() returns a pointer to the name of cipher. If the argument is the NULL pointer, a pointer to the constant value "NONE"
       is returned.

       SSL_CIPHER_get_bits() returns the number of secret bits used for cipher. If alg_bits is not NULL, it contains the number of bits processed
       by the chosen algorithm. If cipher is NULL, 0 is returned.

       SSL_CIPHER_get_version() returns the protocol version for cipher, currently "SSLv2", "SSLv3", or "TLSv1". If cipher is NULL, "(NONE)" is
       returned.

       SSL_CIPHER_description() returns a textual description of the cipher used into the buffer buf of length len provided. len must be at least
       128 bytes, otherwise a pointer to the the string "Buffer too small" is returned. If buf is NULL, a buffer of 128 bytes is allocated using
       OPENSSL_malloc(). If the allocation fails, a pointer to the string "OPENSSL_malloc Error" is returned.

NOTES

       The number of bits processed can be different from the secret bits. An export cipher like e.g. EXP-RC4-MD5 has only 40 secret bits. The
       algorithm does use the full 128 bits (which would be returned for alg_bits), of which however 88bits are fixed. The search space is hence
       only 40 bits.

       The string returned by SSL_CIPHER_description() in case of success consists of cleartext information separated by one or more blanks in the
       following sequence:

       <ciphername>
	   Textual representation of the cipher name.

       <protocol version>
	   Protocol version: SSLv2, SSLv3. The TLSv1 ciphers are flagged with SSLv3.

       Kx=<key exchange>
	   Key exchange method: RSA (for export ciphers as RSA(512) or RSA(1024)), DH (for export ciphers as DH(512) or DH(1024)), DH/RSA, DH/DSS,
	   Fortezza.

       Au=<authentication>
	   Authentication method: RSA, DSS, DH, None. None is the representation of anonymous ciphers.

       Enc=<symmetric encryption method>
	   Encryption method with number of secret bits: DES(40), DES(56), 3DES(168), RC4(40), RC4(56), RC4(64), RC4(128), RC2(40), RC2(56),
	   RC2(128), IDEA(128), Fortezza, None.

       Mac=<message authentication code>
	   Message digest: MD5, SHA1.

       <export flag>
	   If the cipher is flagged exportable with respect to old US crypto regulations, the word "export" is printed.

EXAMPLES

       Some examples for the output of SSL_CIPHER_description():

	EDH-RSA-DES-CBC3-SHA	SSLv3 Kx=DH	  Au=RSA  Enc=3DES(168) Mac=SHA1
	EDH-DSS-DES-CBC3-SHA	SSLv3 Kx=DH	  Au=DSS  Enc=3DES(168) Mac=SHA1
	RC4-MD5 		SSLv3 Kx=RSA	  Au=RSA  Enc=RC4(128)	Mac=MD5
	EXP-RC4-MD5		SSLv3 Kx=RSA(512) Au=RSA  Enc=RC4(40)	Mac=MD5  export

BUGS

       If SSL_CIPHER_description() is called with cipher being NULL, the library crashes.

       If SSL_CIPHER_description() cannot handle a built-in cipher, the according description of the cipher property is unknown. This case should
       not occur.

RETURN VALUES

       See DESCRIPTION

SEE ALSO

       ssl(3), SSL_get_current_cipher(3), SSL_get_ciphers(3), ciphers(1)

0.9.7a								    2001-02-15						    SSL_CIPHER_get_name(3)
All times are GMT -4. The time now is 09:56 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy