Date: Thu, 26 Jul 2007 23:15:20 +0200 From: Ernst de Haan <znerd@FreeBSD.org> To: freebsd-jail@freebsd.org Subject: Mails from jails Message-ID: <F3EEF171-8B44-47CC-AF0B-8012D8D3D362@FreeBSD.org>
next in thread | raw e-mail | index | archive | help
I want to restrict my jail sandboxes to sending mail only. Could anyone give me some advice? This is for a web-/applicationserver that needs to be able to send mail, but should never be running any mail service on external network interfaces. My preference is a minimalistic approach; I was thinking of creating one specialized sandbox that only provides mail sending functionality for the other sandboxes: - make it listen for SMTP connections on the loopback device (e.g. 127.0.0.5), only allowing incoming connections from the other sandboxes (127.0.0.255); - forward the mail to a 'real' SMTP server using mail/ssmtp, via a secure (SSL) connection, with authentication; Does anyone have experience with such an approach? If so, what would you use for the SMTP forwarding? Any advice? Cheers, Ernst
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F3EEF171-8B44-47CC-AF0B-8012D8D3D362>