From owner-freebsd-security  Sun May  5 20:29: 4 2002
Delivered-To: freebsd-security@freebsd.org
Received: from horsey.gshapiro.net (horsey.gshapiro.net [209.220.147.178])
	by hub.freebsd.org (Postfix) with ESMTP id B4C2337B407
	for <freebsd-security@FreeBSD.ORG>; Sun,  5 May 2002 20:29:01 -0700 (PDT)
Received: from horsey.gshapiro.net (gshapiro@localhost [IPv6:::1])
	by horsey.gshapiro.net (8.12.3/8.12.3) with ESMTP id g463T0Sd009218
	(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO);
	Sun, 5 May 2002 20:29:01 -0700 (PDT)
Received: (from gshapiro@localhost)
	by horsey.gshapiro.net (8.12.3/8.12.3/Submit) id g463T0HA009215;
	Sun, 5 May 2002 20:29:00 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <15573.63612.505244.465190@horsey.gshapiro.net>
Date: Sun, 5 May 2002 20:29:00 -0700
From: Gregory Neil Shapiro <gshapiro@FreeBSD.ORG>
To: Albert Everett <freebsd@webintl.com>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: jails and sendmail
In-Reply-To: <a05111701b8fba133ba60@[192.168.123.20]>
References: <a05111701b8fba133ba60@[192.168.123.20]>
X-Mailer: VM 7.00 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

freebsd> Is it necessary to tell sendmail inside a jail to listen only on that 
freebsd> jail's IP? If so, how is this done? I'm hoping a line or two in the 
freebsd> .mc file will do it, but I'm new to editing these files.

No, but you need to make sure that the "host" system's sendmail isn't
listening on the jail's IP addresses using DAEMON_OPTIONS().

I run a jail system which houses 1 "host" system and three jails.  Each of
the jail's .mc files are pretty much the same as /etc/mail/freebsd.mc.  The
"host" system (zim.gshapiro.net is it's hostname) .mc file is:

OSTYPE(`freebsd4')dnl
define(`confDONT_PROBE_INTERFACES', `True')dnl
DAEMON_OPTIONS(`Name=gshapiro.net, Addr=zim.gshapiro.net, Family=inet')dnl
DAEMON_OPTIONS(`Name=localhost, Addr=localhost, Family=inet')dnl
FEATURE(`no_default_msa')dnl
MAILER(`local')dnl
MAILER(`smtp')dnl

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message