Innopac Archive Index (by Date)

[ List Archives Home ] [ Thread index for 2008 ] [ Date index for 2008 ] [ Author index for 2008 ]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Date: Fri, 1 Aug 2003 11:56:03 -0400 (EDT)
From: Martha Driscoll <driscoll@xxxxxxxxxx>
Subject: Re: Blocking inbound port 25 on Innopac?

Jon, 
You should be able to block inbound email to your innopac with no
problem provided you make sure there is some place for the incoming
bounces/replies to go.  Your campus has a mail hub that accepts mail for
the rit.edu domain.  If you tweak sendmail on the innopac to strip the
hostname from outgoing messages, then all bounces would be addressed to
circadm@xxxxxxxxxx which will go to the campus mail hub.  You then need an
account on that machine or an alias to send the mail to yet another
machine.

The sendmail tweak is done in the "Who I masquerade as" definition. For
example:

  # who I masquerade as (null for no masquerading) (see also $=M)
  DMnoblenet.org

It goes without saying that you need appropriate accounts or aliases on
your mail server for any account that is likely to send mail from the
innopac.  

If someone tries to send mail to innopac.rit.edu (or whatever your innopac
is called), then that will be undeliverable (because you blocked port 25).  
You need an MX record in the campus DNS tables to define which host will
be accepting the mail for innopac.rit.edu. This will be important if you
have given vendors email addresses which include the system name.

You'll want to think this through and consult your campus DNS/Sendmail 
guru.  Don't forget to test! 

--
Martha Driscoll, Systems Manager
North of Boston Library Exchange (NOBLE)
driscoll@xxxxxxxxxx
Ph: 978-777-8844  Fax: 978-750-8472

On Thu, 31 Jul 2003, Jon Jiras wrote:

> Hello Innovative software only sites:
> 
> Our computer center wants us to block inbound port 25 (the port used for
> sendmail) on our Innopac.
> 
> The only trouble I can see with this is for bounced email messages.  
> 
> Has any software only site been able to block port 25 inbound on your
> Innopac.
> 
> I know that the III firewall FAQ says that that port 25 should be open
> for inbound connections, but perhaps there is a workaround?
> 
> If, for example, all mail coming out our innopac had an account on a
> different machine listed in the "From" field, then maybe bounced mail
> would get returned to the address in the "From" field and there would be
> no need to have port 25 open for inbound connections?
> 
> If you are a software only site that has successfully figured out a way
> to block inbound port 25, I'd sure like to hear from you.
> 
> Thanks,
> Jon Jiras
> Library Software Specialist
> Wallace Library
> Rochester Institute of Technology
> Rochester, NY 14623
> 585-475-7737
> 
> 
> 
> 
> 
> --- StripMime Report -- processed MIME parts ---
> multipart/alternative
>   text/plain (text body -- kept)
>   text/html
> ---
> --
> This message was distributed through the Innovative Users Group INNOPAC list
> Public replies:  INNOPAC@xxxxxxxxxx
> Update your subscription options: http://innopacusers.org/list/listinfo/innopac
>

References:
- Blocking inbound port 25 on Innopac?
  - From: "Jon Jiras" <jjjwml@xxxxxxxxxx>

Prev by Date: question regarding permissions for WAM
Next by Date: HTTP Access Administration
Prev by thread: Blocking inbound port 25 on Innopac?
Next by thread: RE: Blocking inbound port 25 on Innopac?
Index(es):
- Date
- Thread

Re: Blocking inbound port 25 on Innopac?