[TriLUG] Sendmail doesn't send mail on first attempt?...
brian at strutmasters.com
Tue Dec 12 16:56:18 EST 2006
Well, at any rate, that doesn't seem to be the problem, either.
However, this does reveal that smmsp does not have read permissions to
Could this be one of those inaccurate error-message situations?
rwx------ root mail /var/spool/mqueue
would it be safe and/or recommended to add g+rx to /var/spool/mqueue and
put smmsp in the mail group?
Daniel Sterling wrote:
> Brian Henning wrote:
>> iptables doesn't have per-user ability, does it? I thought it only
>> examined packet headers, which I didn't think had any info about local
>> user in them..
> iptables has access to any information the kernel has about the packet,
> and can indeed route packets based on user id. For example, to set up a
> transparent proxy, I've got the following rule:
> $ sudo /sbin/iptables -t nat -L
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
> REDIRECT tcp -- anywhere anywhere ! OWNER UID
> match proxy tcp dpt:www redir ports 3128
> Which redirects port 80 to port 3128 for all packets except packets
> generated by the proxy user.
>> I can't access a shell from that account (which is sensible)
> You should be able to with e.g.
> sudo su smmsp -s /bin/bash
> -- Dan
>> I can, however, telnet to strutmasters.net:25 from a
>> standard unprivileged account.
> cool, does this work? another thing you can do is fire up your favorite
> packet sniffer and see what's going out on the wire.
> -- Dan
Brian A. Henning
More information about the TriLUG