Date: Fri, 27 Feb 2009 15:54:58 -0300 From: Mikhail Goriachev <mikhailg@webanoide.org> To: Kirk Strauser <kirk@strauser.com> Cc: freebsd-questions@freebsd.org Subject: Re: Disabling inbound email in a jail Message-ID: <49A83702.90901@webanoide.org> In-Reply-To: <200902270949.22494.kirk@strauser.com> References: <200902270949.22494.kirk@strauser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Kirk Strauser wrote: > I only want sendmail in a jail to do one thing: forward nightly reports from root@localhost to a real account on another > machine. What's the proper way to configure this? Edit /etc/mail/aliases. All reports are pointed to root. But you can point it anywhere you want: root: someaccount@example.org After that execute: # newaliases and you're done. No sendmail_enable is required or whatsoever in the /etc/rc.conf. By default, sendmail_enable="NO" in /etc/rc.conf still gives a > running sendmail that accepts mail from other hosts: > > me@realhost$ echo foo | mail me@jail.example.com This shouldn't have worked. By default you should've received "stat=Deferred: Connection refused by jail.example.com". This is the case if you're sending from a physically different machine to another machine's jail. By default sendmail listens only on localhost and doesn't accept outside connections. It is only used for internal submission, such as daily reports. If you're sending from a host to its jail, then this is another story. In most cases you'll get some unexpected results. > me@jail.example.com$ tail -f /var/log/maillog > Feb 27 09:43:37 jail.example.com sm-mta[86832]: n1RFhbBp086832: from=<me@realhost>, size=735, class=0, > nrcpts=1, msgid=<20090227154335.877A442071@realhost>, bodytype=7BIT, proto=ESMTP, daemon=Daemon0, > relay=jail.example.com [10.0.5.70] > Feb 27 09:43:37 jail.example.com sm-mta[86833]: n1RFhbBp086832: to=<me@jail.example.com>, delay=00:00:00, > xdelay=00:00:00, mailer=local, pri=30983, relay=local, dsn=2.0.0, stat=Sent > > However, if I set sendmail_enable="NONE", then I can't send outbound email either: > > me@jail.example.com$ echo foo | mail me@realhost > me@jail.example.com$ tail -f /var/log/maillog > Feb 27 09:37:37 jail.example.com sendmail[86513]: n1RFbbg3086513: from=me, size=28, class=0, nrcpts=1, > msgid=<200902271537.n1RFbbg3086513@jail.example.com>, relay=me@localhost > Feb 27 09:37:37 jail.example.com sendmail[86513]: n1RFbbg3086513: to=me@realhost, ctladdr=me (1001/1001), > delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30028, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, > stat=Deferred: Connection refused by [127.0.0.1] > > What's the happy medium between "sendmail wide open" (eg sendmail_enable="NO" (WTF?)) and "disabled mail > system" (eg sendmail_enable="NONE")? sendmail_enable="YES" accepts outside and local connections sendmail_enable="NO" (the default) accepts local connections only sendmail_enable="NONE" doesn't start the daemon, sendmail is off Have a look at /etc/rc.d/sendmail for further hints. Regards, Mikhail
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49A83702.90901>