Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 10 Mar 2003 09:08:26 +0000
From:      Matthew Seaman <m.seaman@infracaninophile.co.uk>
To:        freebsd-questions@freebsd.org
Subject:   Re: (send)mailing from jail-host to jail
Message-ID:  <20030310090826.GB89038@happy-idiot-talk.infracaninophi>
In-Reply-To: <20030309165946.F94847-100000@mail.econolodgetulsa.com>
References:  <20030309165946.F94847-100000@mail.econolodgetulsa.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Mar 09, 2003 at 05:09:09PM -0800, Josh Brooks wrote:
>=20
> First off, thank you for your help.  Here is what I did:
>=20
> first, I edited /etc/mail/freebsd.mc and made it look like this:
>=20
> dnl Uncomment both of the following lines to listen on IPv6 as well as
> dnl DAEMON_OPTIONS(`Name=3DIPv4, Family=3Dinet')
> dnl DAEMON_OPTIONS(`Name=3DIPv6, Family=3Dinet6')
> FEATURE(no_default_msa)
> DAEMON_OPTIONS(`Name=3DIPv4, Addr=3D10.10.2.10, Family=3Dinet')
> DAEMON_OPTIONS(`Name=3DIPv4, Addr=3D127.0.0.1, Family=3Dinet')
> DAEMON_OPTIONS(`Name=3DMSA, Addr=3D10.10.2.10, Port=3D587, M=3DE')
> DAEMON_OPTIONS(`Name=3DMSA, Addr=3D127.0.0.1, Port=3D587, M=3DE')
> DAEMON_OPTIONS(`Name=3DIPv6, Addr=3D::1, Family=3Dinet6')
>=20
> Then I did:
>=20
> cd /etc/mail
> make all
> make install
>=20
> And I verified that it went into sendmail.cf by looking at these lines
> that are now in sendmail.cf:
>=20
> # SMTP daemon options
>=20
> O DaemonPortOptions=3DName=3DIPv4, Addr=3D10.10.2.10, Family=3Dinet
> O DaemonPortOptions=3DName=3DIPv4, Addr=3D127.0.0.1, Family=3Dinet
> O DaemonPortOptions=3DName=3DMSA, Addr=3D10.10.2.10, Port=3D587, M=3DE
> O DaemonPortOptions=3DName=3DMSA, Addr=3D127.0.0.1, Port=3D587, M=3DE
> O DaemonPortOptions=3DName=3DIPv6, Addr=3D::1, Family=3Dinet6
>=20
> Then I:
>=20
> /bin/sh /etc/rc.sendmail restart
>=20
>=20
> And there was no change in the behavior.  When I send mail from the
> jail-host to the jail, I get a return mail saying "MX record for jail
> points back to jail-host" (which by the way, is patently WRONG - the mx
> record for jail resolves to X, and X is NOT jail-host...)

Hmmm... The point with the DAEMON_OPTIONS stuff is to make sendmail
bind to just the IP numbers for the host system and not to the
jails. What do you get from running:

    % sockstat | grep sendmail

I've got a jailed setup much like the one you want to set up, and I get:

    % sockstat | grep sendmail
    root     sendmail 17330    4 tcp4   81.2.69.218:25        *:*
    root     sendmail 17330    5 tcp4   127.0.0.1:25          *:*
    root     sendmail 17330    6 tcp4   81.2.69.218:587       *:*
    root     sendmail 17330    7 tcp4   127.0.0.1:587         *:*
    root     sendmail 17330    8 tcp6   ::1:25                *:*
    smmsp    sendmail 62897    3 dgram  syslogd[62885]:3
    root     sendmail 17330    3 dgram  syslogd[98]:3
    smmsp    sendmail 17329    3 dgram  syslogd[98]:3

Where PID 62897 is the sendmail MSP queue runner in the jail.  Note
that in this setup, nothing binds to and listens on any network ports
=66rom within the jail.

> Also, I noticed in /var/log/maillog that when sendmail starts, it does
> a reverse lookup on all the IPs on the system, and it fails on one of them
> - leaving me a:
>=20
> Mar  9 16:44:25 www sm-mta[10541]: gethostbyaddr(10.10.2.12) failed: 1
>=20
> And this shows that sendmail is not doing what I tell it to in freebsd.mc-
> because if it was, it would NOT CARE AT ALL about that other IP on the
> system and whether or not it can reverse it, since as far as sendmail
> should be concerned, that IP does not exist.

Hmmm... I also have:

    define(`confDOMAIN_NAME', `smtp.infracaninophile.co.uk')dnl

in my .mc file: that may stop sendmail trying to reverse lookup all
it's interfaces in an attempt to work out what its FQDN is. =20

> But, as you can see, it is continuing to care about other IPs on the box,
> such that it complains about an unrelated IP not being reversible, and
> continues to complain that the mx list for jail points back to jail-host
> (presumably because what jail _does_ resolve to is an IP it sees itself as
> owning...)

That can be because sendmail finds itself unexpectedly receiving the
message it thinks it is sending off to the next hop for further
processing.  It usually means that the /etc/mail/local_host_names file
needs to be adjusted, but that may not be the case here.
=20
> So ... is there any way to get this to work ?The only way I can find is to
> unconfig the network interface for the IP of `jail` and then start
> sendmail, and then reconfig the jail IP. That works, but it is incredibly
> lame.

Well, it works for me.  I'd be interested to find out if the
confDOMAIN_NAME thing is significant.  If so, then it seems that I
must have lucked out to have stumbled on that accidentally.

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030310090826.GB89038>