-1

Nmaping my server I got theses results :

PORT      STATE    SERVICE
25/tcp    filtered smtp
80/tcp    open     http

On the server-side :

netstat -lpn
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      2301/sendmail-mta     
tcp        0      0 127.0.0.1:587           0.0.0.0:*               LISTEN      2301/sendmail-mta
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1803/apache2

I would like to close sendmail from listening on the internet connected interface, to be protected if a security issue is discovered later for example.

Name
  • 1
  • 1
  • I don't want to use Iptables nor uninstall sendmail to do this job, just modifying sendmail configurations to achieve that, I don't care if I can't receive e-mail after this change. – Name Jun 30 '16 at 01:15
  • Use iptables. That is the definitive way to do this. It is true that you shouldn't have services listening on ports unless you need them to do that, but you should *always* have a restrictive set of firewall rules on all of your machines. – EEAA Jun 30 '16 at 02:57
  • What is the exact network configuration? Is there some kind of firewall next to the server? – Tero Kilkanen Jun 30 '16 at 13:57

1 Answers1

0

Your sendmail is listening ONLY on local/loopback interface (127.0.0.1).

It makes sendmail unable to receive/accept connection from outside without "help" (e.g. redirects in iptables).

AnFi
  • 6,103
  • 1
  • 14
  • 27
  • Then why I see a filtered port on my nmap scan ? I don't want to see this port anymore. I don't care if it is ONLY listening on the local/loopback interface, I want it appear as a closed port for the outside world (internet) – Name Jun 30 '16 at 03:34
  • Have you tried to run the scan **from another computer**? It should report the port as closed. – AnFi Jun 30 '16 at 03:57
  • Generally I always run the scan from another computer for accurate results, and the port don't appear as closed but filtered. – Name Jun 30 '16 at 06:45