From owner-freebsd-ports@freebsd.org Thu Apr 21 15:39:31 2016 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id ECA6FB1411A for ; Thu, 21 Apr 2016 15:39:31 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.117.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7607C135D for ; Thu, 21 Apr 2016 15:39:31 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from ox-dell39.ox.adestra.com (unknown [85.199.232.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: m.seaman@infracaninophile.co.uk) by smtp.infracaninophile.co.uk (Postfix) with ESMTPSA id C4DDF11AA8 for ; Thu, 21 Apr 2016 15:39:20 +0000 (UTC) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=none header.from=FreeBSD.org Authentication-Results: smtp.infracaninophile.co.uk/C4DDF11AA8; dkim=none; dkim-atps=neutral Subject: Re: Mailman in a jail To: freebsd-ports@freebsd.org References: <5718F000.7010405@ohlste.in> From: Matthew Seaman Message-ID: <2b0e0db1-baf4-b455-249b-382f3d205a75@freebsd.org> Date: Thu, 21 Apr 2016 16:39:06 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.0 MIME-Version: 1.0 In-Reply-To: <5718F000.7010405@ohlste.in> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="Nqg0qCrUa26T6KRlkCXGeWOC6w1QtAUF4" X-Virus-Scanned: clamav-milter 0.99.1 at smtp.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-0.4 required=5.0 tests=BAYES_00,RDNS_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on smtp.infracaninophile.co.uk X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Apr 2016 15:39:32 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --Nqg0qCrUa26T6KRlkCXGeWOC6w1QtAUF4 Content-Type: multipart/mixed; boundary="xSBxEI66vrDCFXoU4trfAcbVTvbQG1lph" From: Matthew Seaman To: freebsd-ports@freebsd.org Message-ID: <2b0e0db1-baf4-b455-249b-382f3d205a75@freebsd.org> Subject: Re: Mailman in a jail References: <5718F000.7010405@ohlste.in> In-Reply-To: <5718F000.7010405@ohlste.in> --xSBxEI66vrDCFXoU4trfAcbVTvbQG1lph Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 04/21/16 16:21, Jim Ohlstein wrote: > I'm trying to get Mailman working in a 10.3 amd64 jail. Everything > works, except Mailman doesn't talk to Postfix. Incoming mail works and > posts to the list's archives but no outgoing email is sent. I asked in > the Mailman list and they seem to think it's related to running in a ja= il. >=20 > If anyone's gotten this running in a jail I'd appreciate some input. I'= m > not married to Postfix - willing to use a different MTA. Does mailman try and communicate with postfix over a network socket bound to the loopback address? That's a common gotcha in jails. There isn't an accessible loopback address in a jail[*], but the kernel intercepts connection attempts and redirects things via the jail's primary address. So an application that tries to bind to 127.0.0.1 ends up binding to 192.0.2.1 or whatever the jail address is. Most of the time you'll get away with this. However some more security aware applications (like postfix) realise something dodgy is going on and refuse to play. The answer is basically to configure mailman to talk to postfix by the jail's IP explicitly. Cheers, Matthew [*] Unless you're using VIMAGE jails, but that's a topic for another day.= =2E. --xSBxEI66vrDCFXoU4trfAcbVTvbQG1lph-- --Nqg0qCrUa26T6KRlkCXGeWOC6w1QtAUF4 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJXGPQaAAoJEABRPxDgqeTn69QQAJqDTf5TxFuPZCJDvye3rdWS 3C+KoM2+qTZ7Sm/jk/97wAKfAVuWt+25NFVbaLJoRdf/x+BIH2mCAvMT7jWIBEp9 trwPXnX+TkSCbfo087iPxbCZlQlzf3/YCl3NaS+c/1v99ndP503tDZEsSjCGy6pS OGjkz4qf7B9UIj3TyYPnWp8vYFk3+MjcN6L3UT+r55jNKxI8ydS+Dvre5zOVnmhD TGqyKvfgUgws/4Mquw/T8UIn2bTmMUxVc7E8AcLlmlDye4xMybTAqp6lt1RvQeOX J3v5MWebTVKR0u3Aj+lWQTH0cpTnjKpTGL0LoeA2CNFf9M3YI2PrPBqzB0jsHB6U 9O9/UNWEbVD92IbczAy1nq+7YO8r4Sttfmjee0J7Xi5f/HwCYar07C5pA0qMWW3B j5ek2TInu/R4DaYJhRuxDvz04PHV0RVaTK8mX7yvq8NERGB9ijfY6oitFMYPUesJ gFetSJN9eOoR3XeUC79Q9M+4qCfY6vGac1uWvTDDX0XfFf0lQBK8EWKxMNcruTna OyxmwgSHVAS2WUEXE+jKTE5a1wOyydDsPpiPCRiktOr3vf35WwauoF90yDVqrsn1 5jtU+zrn2+EBZqKekXzgFIVg6sbhcj2q3JKMmBCUZvrfE3tRoQucTMzA5pRRIIgs aUeYvBoo1NZGS2z22Wgn =bbMl -----END PGP SIGNATURE----- --Nqg0qCrUa26T6KRlkCXGeWOC6w1QtAUF4--