Disabling inbound email in a jail
Matthew Seaman
m.seaman at infracaninophile.co.uk
Fri Feb 27 10:51:12 PST 2009
Kirk Strauser wrote:
> I only want sendmail in a jail to do one thing: forward nightly reports from root at localhost to a real account on another
> machine. What's the proper way to configure this? By default, sendmail_enable="NO" in /etc/rc.conf still gives a
> running sendmail that accepts mail from other hosts:
>
> me at realhost$ echo foo | mail me at jail.example.com
>
> me at jail.example.com$ tail -f /var/log/maillog
> Feb 27 09:43:37 jail.example.com sm-mta[86832]: n1RFhbBp086832: from=<me at realhost>, size=735, class=0,
> nrcpts=1, msgid=<20090227154335.877A442071 at realhost>, bodytype=7BIT, proto=ESMTP, daemon=Daemon0,
> relay=jail.example.com [10.0.5.70]
> Feb 27 09:43:37 jail.example.com sm-mta[86833]: n1RFhbBp086832: to=<me at jail.example.com>, delay=00:00:00,
> xdelay=00:00:00, mailer=local, pri=30983, relay=local, dsn=2.0.0, stat=Sent
>
> However, if I set sendmail_enable="NONE", then I can't send outbound email either:
>
> me at jail.example.com$ echo foo | mail me at realhost
> me at jail.example.com$ tail -f /var/log/maillog
> Feb 27 09:37:37 jail.example.com sendmail[86513]: n1RFbbg3086513: from=me, size=28, class=0, nrcpts=1,
> msgid=<200902271537.n1RFbbg3086513 at jail.example.com>, relay=me at localhost
> Feb 27 09:37:37 jail.example.com sendmail[86513]: n1RFbbg3086513: to=me at realhost, ctladdr=me (1001/1001),
> delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30028, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0,
> stat=Deferred: Connection refused by [127.0.0.1]
>
> What's the happy medium between "sendmail wide open" (eg sendmail_enable="NO" (WTF?)) and "disabled mail
> system" (eg sendmail_enable="NONE")?
Here's a possible solution:
http://lists.freebsd.org/pipermail/freebsd-questions/2007-March/145682.html
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20090227/5086047a/signature.pgp
More information about the freebsd-questions
mailing list