Now, as far as I can tell, this means that the localhost is refusing to send the mail, right?
This is not sendmail
telling you it's refusing to send the mail. "Connection refused" is a standard message you get from the OS whenever you try to access a closed port (service may not be running, or you could be hitting a firewall).
It looks like your have things configured to connect to localhost to send outgoing mail. For this to work, you must have a sendmail daemon listening on port 25. You can check if you do like this: netstat -an | grep LISTEN | grep 25
Do you have a process listening on port 25? If you do, you could also have a firewall configured (misconfigured?) to block access to port 25 from localhost.
I am not a sendmail expert. Not even a neophyte either, when it comes to configuring it. But I do know, that for outgoing mail only, you do not need to have the port 25 listener (the daemon) running. Except if you have other configuration (or applications) that expects it to be running.
Instead of calling mail
, why don't you call sendmail
directly? It's simpler, and safer.
cat message | /usr/lib/sendmail -t
The file "message" that you are cat'ing to sendmail must contain the "To: " line of recipients.
This is safer because sendmail reads the recipients from the message file, so people can't play tricks as easy as with the mail command.
You can see this coding security hole with a website example. Lots of people ask for a recipient email address on their website and then do something like system("cat file_to_send | mail email@example.com")
. The end user specified "firstname.lastname@example.org" in a form on your website. But what if this user had entered their email address as gotcha; rm -rf *
Your resulting email command would then have been:
cat file_to_send | mail gotcha; rm -rf *
Think about that for a moment. Besides being destructive like the above, a hacker could use this to inspect your system from the inside. Not a good security scenerio.
If you use sendmail ( with -t ) directly, it reads the recipient from the cat'ed fail and thus semicolons and other shell special characters are meaningless. Sendmail has enough security holes in it's history. You don't need to add more by using mail just to access sendmail.
Besides, if you abandon mail and go for direct sendmail, your problem of "Connection refused" might just dissappear. Maybe, maybe not - but it doesn't hurt to try the simple things first.