From owner-freebsd-questions@FreeBSD.ORG Fri Feb 27 15:49:28 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 641F51065678 for ; Fri, 27 Feb 2009 15:49:28 +0000 (UTC) (envelope-from kirk@strauser.com) Received: from kanga.honeypot.net (kanga.honeypot.net [IPv6:2001:470:a80a:1:21f:d0ff:fe22:b8a8]) by mx1.freebsd.org (Postfix) with ESMTP id 24A0E8FC08 for ; Fri, 27 Feb 2009 15:49:28 +0000 (UTC) (envelope-from kirk@strauser.com) Received: from localhost (localhost [127.0.0.1]) by kanga.honeypot.net (Postfix) with ESMTP id 8E3264530A for ; Fri, 27 Feb 2009 09:49:27 -0600 (CST) X-Virus-Scanned: amavisd-new at honeypot.net Received: from kanga.honeypot.net ([127.0.0.1]) by localhost (kanga.honeypot.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KPERXQCI4wsx for ; Fri, 27 Feb 2009 09:49:25 -0600 (CST) Received: from athena.localnet (athena.daycos.com [IPv6:2001:470:c054:1:221:9bff:fe00:de3f]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by kanga.honeypot.net (Postfix) with ESMTPSA id 6C081450BF for ; Fri, 27 Feb 2009 09:49:25 -0600 (CST) From: Kirk Strauser To: freebsd-questions@freebsd.org Date: Fri, 27 Feb 2009 09:49:22 -0600 User-Agent: KMail/1.11.0 (Linux/2.6.27-11-generic; KDE/4.2.0; x86_64; ; ) MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200902270949.22494.kirk@strauser.com> Subject: Disabling inbound email in a jail X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Feb 2009 15:49:28 -0000 I only want sendmail in a jail to do one thing: forward nightly reports from root@localhost to a real account on another machine. What's the proper way to configure this? By default, sendmail_enable="NO" in /etc/rc.conf still gives a running sendmail that accepts mail from other hosts: me@realhost$ echo foo | mail me@jail.example.com me@jail.example.com$ tail -f /var/log/maillog Feb 27 09:43:37 jail.example.com sm-mta[86832]: n1RFhbBp086832: from=, size=735, class=0, nrcpts=1, msgid=<20090227154335.877A442071@realhost>, bodytype=7BIT, proto=ESMTP, daemon=Daemon0, relay=jail.example.com [10.0.5.70] Feb 27 09:43:37 jail.example.com sm-mta[86833]: n1RFhbBp086832: to=, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=30983, relay=local, dsn=2.0.0, stat=Sent However, if I set sendmail_enable="NONE", then I can't send outbound email either: me@jail.example.com$ echo foo | mail me@realhost me@jail.example.com$ tail -f /var/log/maillog Feb 27 09:37:37 jail.example.com sendmail[86513]: n1RFbbg3086513: from=me, size=28, class=0, nrcpts=1, msgid=<200902271537.n1RFbbg3086513@jail.example.com>, relay=me@localhost Feb 27 09:37:37 jail.example.com sendmail[86513]: n1RFbbg3086513: to=me@realhost, ctladdr=me (1001/1001), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30028, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1] What's the happy medium between "sendmail wide open" (eg sendmail_enable="NO" (WTF?)) and "disabled mail system" (eg sendmail_enable="NONE")? -- Kirk Strauser