From owner-freebsd-questions@FreeBSD.ORG  Fri Feb 27 18:51:12 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 1EBBC106564A
	for <freebsd-questions@freebsd.org>;
	Fri, 27 Feb 2009 18:51:12 +0000 (UTC)
	(envelope-from m.seaman@infracaninophile.co.uk)
Received: from smtp.infracaninophile.co.uk (gate6.infracaninophile.co.uk
	[IPv6:2001:8b0:151:1::1])
	by mx1.freebsd.org (Postfix) with ESMTP id 93A848FC23
	for <freebsd-questions@freebsd.org>;
	Fri, 27 Feb 2009 18:51:11 +0000 (UTC)
	(envelope-from m.seaman@infracaninophile.co.uk)
Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [IPv6:::1])
	(authenticated bits=0)
	by smtp.infracaninophile.co.uk (8.14.3/8.14.3) with ESMTP id
	n1RIp5uD044762; Fri, 27 Feb 2009 18:51:06 GMT
	(envelope-from m.seaman@infracaninophile.co.uk)
X-DKIM: Sendmail DKIM Filter v2.8.2 smtp.infracaninophile.co.uk n1RIp5uD044762
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
	d=infracaninophile.co.uk; s=200708; t=1235760666;
	bh=Vsnh3LEUQm+0v81QqFazmvI8yL4AnyBM3Y2Ec777XZY=;
	h=Message-ID:Date:From:MIME-Version:To:CC:Subject:References:
	In-Reply-To:Content-Type:Cc:Content-Type:Date:From:In-Reply-To:
	Message-ID:Mime-Version:References:To;
	z=Message-ID:=20<49A83613.4020701@infracaninophile.co.uk>|Date:=20F
	ri,=2027=20Feb=202009=2018:50:59=20+0000|From:=20Matthew=20Seaman=
	20<m.seaman@infracaninophile.co.uk>|Organization:=20Infracaninophi
	le|User-Agent:=20Thunderbird=202.0.0.19=20(X11/20090218)|MIME-Vers
	ion:=201.0|To:=20Kirk=20Strauser=20<kirk@strauser.com>|CC:=20freeb
	sd-questions@freebsd.org|Subject:=20Re:=20Disabling=20inbound=20em
	ail=20in=20a=20jail|References:=20<200902270949.22494.kirk@strause
	r.com>|In-Reply-To:=20<200902270949.22494.kirk@strauser.com>|X-Eni
	gmail-Version:=200.95.6|Content-Type:=20multipart/signed=3B=20mica
	lg=3Dpgp-sha256=3B=0D=0A=20protocol=3D"application/pgp-signature"=
	3B=0D=0A=20boundary=3D"------------enigE45287847DEC40E8AA77C92E";
	b=1WDqYZN/A7K81FiDy59ylWFFjV0bJtpXiRT3Cxss74zChbEwwfbM/oD/5agqRRrfp
	dk7sXqlUc56lH+LqGtfEyK34xZbKSoMPBo+br059L6QtgHQFmcYTLNRab3r/NP/E5q
	P1Gf7qmiobaYUMSvfY+kKePnvQj/Qrlyw+NSCwO4=
X-Authentication-Warning: happy-idiot-talk.infracaninophile.co.uk: Host
	localhost [IPv6:::1] claimed to be
	happy-idiot-talk.infracaninophile.co.uk
Message-ID: <49A83613.4020701@infracaninophile.co.uk>
Date: Fri, 27 Feb 2009 18:50:59 +0000
From: Matthew Seaman <m.seaman@infracaninophile.co.uk>
Organization: Infracaninophile
User-Agent: Thunderbird 2.0.0.19 (X11/20090218)
MIME-Version: 1.0
To: Kirk Strauser <kirk@strauser.com>
References: <200902270949.22494.kirk@strauser.com>
In-Reply-To: <200902270949.22494.kirk@strauser.com>
X-Enigmail-Version: 0.95.6
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature";
	boundary="------------enigE45287847DEC40E8AA77C92E"
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0.1
	(smtp.infracaninophile.co.uk [IPv6:::1]);
	Fri, 27 Feb 2009 18:51:06 +0000 (GMT)
X-Virus-Scanned: ClamAV 0.94.2/9054/Fri Feb 27 09:02:52 2009 on
	happy-idiot-talk.infracaninophile.co.uk
X-Virus-Status: Clean
X-Spam-Status: No, score=-3.0 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED,
	DKIM_VERIFIED,NO_RELAYS autolearn=ham version=3.2.5
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
	happy-idiot-talk.infracaninophile.co.uk
Cc: freebsd-questions@freebsd.org
Subject: Re: Disabling inbound email in a jail
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Feb 2009 18:51:12 -0000

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigE45287847DEC40E8AA77C92E
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable

Kirk Strauser wrote:
> I only want sendmail in a jail to do one thing: forward nightly reports=
 from root@localhost to a real account on another=20
> machine.  What's the proper way to configure this?  By default, sendmai=
l_enable=3D"NO" in /etc/rc.conf still gives a=20
> running sendmail that accepts mail from other hosts:
>=20
> me@realhost$ echo foo | mail me@jail.example.com
>=20
> me@jail.example.com$ tail -f /var/log/maillog
> Feb 27 09:43:37 jail.example.com sm-mta[86832]: n1RFhbBp086832: from=3D=
<me@realhost>, size=3D735, class=3D0,=20
> nrcpts=3D1, msgid=3D<20090227154335.877A442071@realhost>, bodytype=3D7B=
IT, proto=3DESMTP, daemon=3DDaemon0,=20
> relay=3Djail.example.com [10.0.5.70]
> Feb 27 09:43:37 jail.example.com sm-mta[86833]: n1RFhbBp086832: to=3D<m=
e@jail.example.com>, delay=3D00:00:00,=20
> xdelay=3D00:00:00, mailer=3Dlocal, pri=3D30983, relay=3Dlocal, dsn=3D2.=
0.0, stat=3DSent
>=20
> However, if I set sendmail_enable=3D"NONE", then I can't send outbound =
email either:
>=20
> me@jail.example.com$ echo foo | mail me@realhost
> me@jail.example.com$ tail -f /var/log/maillog
> Feb 27 09:37:37 jail.example.com sendmail[86513]: n1RFbbg3086513: from=3D=
me, size=3D28, class=3D0, nrcpts=3D1,=20
> msgid=3D<200902271537.n1RFbbg3086513@jail.example.com>, relay=3Dme@loca=
lhost
> Feb 27 09:37:37 jail.example.com sendmail[86513]: n1RFbbg3086513: to=3D=
me@realhost, ctladdr=3Dme (1001/1001),=20
> delay=3D00:00:00, xdelay=3D00:00:00, mailer=3Drelay, pri=3D30028, relay=
=3D[127.0.0.1] [127.0.0.1], dsn=3D4.0.0,=20
> stat=3DDeferred: Connection refused by [127.0.0.1]
>=20
> What's the happy medium between "sendmail wide open" (eg sendmail_enabl=
e=3D"NO" (WTF?)) and "disabled mail=20
> system" (eg sendmail_enable=3D"NONE")?

Here's a possible solution:

http://lists.freebsd.org/pipermail/freebsd-questions/2007-March/145682.ht=
ml

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW


--------------enigE45287847DEC40E8AA77C92E
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.10 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEAREIAAYFAkmoNhkACgkQ8Mjk52CukIw1sgCgi3j3e3opXUhrppxFEaMnk9AS
+m0An2cvLqppLH7fFc/pCj26Ys5Nqk9N
=rATX
-----END PGP SIGNATURE-----

--------------enigE45287847DEC40E8AA77C92E--