Hello Chris,

Chris Fortune schrieb/wrote:

> /etc/services
> smtp 25/tcp mail
> smtp 25/udp mail
> smtp-backdoor xxxxx/tcp mail
>
> /etc/exim.conf
> daemon_smtp_port = smtp-backdoor

OK, that should make exim listen on port xxxxx.

> But I did give it a chance exactly as recommended, and it didn't work on my
> system, Exim choked on restart. I upgraded to the
> latest stable version of Exim, turned off antirelayd, mailman, spamassassin
> spamd, and the -oX SSL command switch, and retried the
> backdoor daemon per your instructions, this time changing the backdoor port
> number to a 5 digit address. Surprise, this time it
> works!!!!

I suppose, with "a 5 digit", you mean a port number > 10000?

> Ten minutes later, WHM determined that Exim was down, so it
> automatically restarted Exim using the -oX SSL port command
> line switch and started antirelayd .... and the backdoor daemon still works!

But WHM has obvously launched another instance of exim, hasn't it?

> The problem was either with mailman, spamd, the port
> number of 125, or the previous version of Exim.
>
>
>> What does "WHM" mean?
>> Can't you change the options it is invoked with?
>>
>
> WHM is Cpanel Web Host Manager, a common web control panel helper app for
> Linux RedHat web hosts.

Well, I don't like these configuration tools, because they (obviously)
sometimes do things that you don't want them to do...

[..]
> Security through obscurity I guess? I just run a cron job to killall spamd
> and antirelayd processes after the scheduled update.

That means fighting the symptoms and not their causes...
spamd can be used by exim (when built with the exiscan-acl patch) - so
I wouldn't kill the corresponding process. You can addirionally bind
spamd to your loopback interface...
And I suppose that what "antirelayd" does can also be done by exim
directly.
"Keep it simple" in a security context does also mean that you should
use as few programs as possible... ;-)

Regards,
Christian
--
Christian Schmidt | Germany | ChriSchmiLi@gmx.de
PGP Key ID: 0x28266F2C