HPE Community
Operating System - OpenVMS
1753934 Members
9225 Online
108810 Solutions
New Discussion юеВ

Re: OpenVMS Disable SMTP Listener but still send email

 
Bryan Ross
New Member

тАО04-24-2007 11:22 PM

тАО04-24-2007 11:22 PM

Re: OpenVMS Disable SMTP Listener but still send email

Maybe I'm missing the point, but the SMTP client is what sends mail.

The email "listener" is POP. Don't you just want to disable the POP server?
0 Kudos
Reply
Wim Van den Wyngaert
Honored Contributor

тАО04-24-2007 11:37 PM

тАО04-24-2007 11:37 PM

Re: OpenVMS Disable SMTP Listener but still send email

If you only want to disable access to the listener, check ucx help set servi/acc.
You can limit the access.

Wim
Wim
0 Kudos
Reply
Joseph Huber_1
Honored Contributor

тАО04-25-2007 12:16 AM

тАО04-25-2007 12:16 AM

Re: OpenVMS Disable SMTP Listener but still send email

Bryan,
the SMTP server is receiving the mail (and sends it to the destination mailbox).
POP has nothing to do with SMTP sending/receiving, it is a protocol to access user mailboxes on a remote node, wether it is a (the) SMTP or not.

http://www.mpp.mpg.de/~huber
0 Kudos
Reply
Steven Schweda
Honored Contributor

тАО04-25-2007 01:48 AM

тАО04-25-2007 01:48 AM

Re: OpenVMS Disable SMTP Listener but still send email

> [...] set servi/acc [...]

Why didn't _I_ think of that? No, wait, ...
0 Kudos
Reply
Joseph Huber_1
Honored Contributor

тАО04-25-2007 03:13 AM

тАО04-25-2007 03:13 AM

Re: OpenVMS Disable SMTP Listener but still send email


I stand claiming one can disable the SMTP receiver (TCPIP DISABLE SERVICE SMTP) at all, as long as the sender (the SMTP symbiont) is able to find a gateway.

I tried really hard on my system: removed general/alternate gateways, zone, local MX records, deassigned the TCPIP$SMTP_MX_IF_NOALTGATE logical: since my DNS server (not on VMS, so I can't remove it) still has an MX record, TCPIP$SMTP still can send.

The only question remains to be answered from Glyn after a test on his own system is: does it work like this ?

BTW: if there is no SMTP server on the sending system, then it should set a /substitute_domain, otherwise it sends out mails with un-replyable reply addresses.
http://www.mpp.mpg.de/~huber
0 Kudos
Reply
Joseph Huber_1
Honored Contributor

тАО04-25-2007 05:31 AM

тАО04-25-2007 05:31 AM

Re: OpenVMS Disable SMTP Listener but still send email

Rethinking, it even has nothing to do with gateways, TCPIP services SMTP sender will directly contact the destination on port 25.

Only if the destination address is an MX domain name, it must be able to translate to a node address.

But sending turns out to be independent of any SMTP service connected to port 25 of the senders node.

But I wonder why Glyn wants to disable mail receiving at all ?
http://www.mpp.mpg.de/~huber
0 Kudos
Reply
Richard W Hunt
Valued Contributor

тАО03-31-2008 09:08 AM

тАО03-31-2008 09:08 AM

Re: OpenVMS Disable SMTP Listener but still send email

I don't propose to speak for anyone else here, but having one-way SMTP is very common in an SMTP environment on a USA Dept. of Defense network, and it is done for security purposes.

I've got one for which the one-way setup was accomplished by our network team blocking STMP traffic coming towards my cluster at a firewall level. I have to use a mail relay server for outbound traffic and cannot pick up any inbound mail at all. It's a real pain, too, because the outbound relay servers remind me of cold molasses.

Before you ask... no, I don't know why they do that for OpenVMS, but then trying to tell a D.o.D. network guru that OpenVMS is not nearly as vulnerable as Windows is like talking to a brick wall. Except that the brick wall is probably far easier to recognize as such.
Sr. Systems Janitor
0 Kudos
Reply
Willem Grooters
Honored Contributor

тАО03-31-2008 09:25 PM

тАО03-31-2008 09:25 PM

Re: OpenVMS Disable SMTP Listener but still send email

Just a blind guess - I cannot check at this very moment, but it might just do what you need.

Sending mail is done via queue(s) SMTP. Leave that in place.

Receiving mail _might_ be handled by a procedure behind port 25: if $ TCPIP SHOW SERVICE/PORT=25 shows a commandprocedure, that will be the one to handle incoming messages. What you might do is edit this file, or replace it with one that does _nothing_ else but EXIT (or read HELO - you'll ghet who's calling - and then drop).

Blunt but effective.
Willem Grooters
OpenVMS Developer & System Manager
0 Kudos
Reply
Thomas Ritter
Respected Contributor

тАО04-01-2008 07:02 PM

тАО04-01-2008 07:02 PM

Re: OpenVMS Disable SMTP Listener but still send email

Just to add to Richard W Hunt's note...we also only allow outbound SMTP and block all inbound at the firewalls.

2 cents.
0 Kudos
Reply
Willem Grooters
Honored Contributor

тАО04-02-2008 09:50 AM

тАО04-02-2008 09:50 AM

Re: OpenVMS Disable SMTP Listener but still send email

On my previous mesage:

If a incoming coonect request is received on port 25, procedure TCPIP$SYSTEM:TCPIP$SMTP_RECV_RUN.COM is invoked (using TCPIP V 5.6) - in turn this runs program to process the message.
Not advisable - but you could think of changing this file, or replace it with another with the same name (or with another but you'd have to prepare TCPIP$CONFIGURE.COM for that. Not advisable either, for the same reason)).

If the system is behind a firewall, why not disable incoming mail on port 25, or transfer it to another port where you simply drop the message - or have no service defined at all. Big advantage: you don't have to mess around in the standard config ;)
Willem Grooters
OpenVMS Developer & System Manager
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.