Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#11 No mails in hosts.allow

open
nobody
None
5
2005-12-09
2005-12-09
No

I'd recommend that you do not send mails within the
hosts.allow file (ALL : ALL : spawn
(/usr/sbin/safe_finger -l @%h | /bin/mail -s "Port
Denial noted %d-%h" root) & : DENY).

Imagine what happens if you install sendmail, but
forget to add an entry in the hosts.allow file to
allow sendmail...

This exactly happened to me. I had tens of thousands
e-mails in the sendmail queue after an hour. Every
mail that was tried to be sent from within
hosts.allow caused another mail to be sent out, which
caused another one, which....

I'd prefer something like this:
ALL : ALL : spawn (/usr/sbin/safe_finger -l @%h
| /usr/bin/logger -p authpriv.warning -t
hosts.allow "Port Denial noted %d-%h" root) & : DENY

It would be great, if the user could choose, what
action has to be taken during the set-up of bastille
(send mail, log it to the syslogger, etc.)

Regards

James

Discussion