I have the sendmail daemon disabled (by setting DAEMON=no in /etc/sysconfig/sendmail). It is not listening on port 25.
Instead I'm using a custom SMTP server.
- Before: It listened on port 25. It accepted mail from outside and local mail, both (as I want). But bad to run as root.
- After: I just changed it to listen to port 25252, and used iptables to redirect traffic from 25 to 25252.
This works fine for other machines connecting to port 25; it's redirected to 25252.
However mail sent locally (e.g. cron, monit) is still trying to connect on port 25 and there is nothing there anymore.
To get local mail routed to my replacement SMTP server, it seems like the two choices are:
- Change local mail sends to connect to port 25252.
- Make iptables work on local traffic and redirect that from 25 to 25252, too.
I'd prefer 2 (if possible) because it's extending the same approach I'm already using (and sendmail mc files make my head spin). But either way, 1 or 2, I'd be grateful to anyone who can help me learn how to do this. Thank you.
Can you please try with:
Or with:
where IP is the IP which sendmail is using for listen. You can find it with:
Question: Can't you make the custom SMTP server bind in port 25/tcp as root and then drop its privileges?