Disabling inbound email in a jail

Matthew Seaman m.seaman at infracaninophile.co.uk
Fri Feb 27 10:51:12 PST 2009 

Kirk Strauser wrote:
> I only want sendmail in a jail to do one thing: forward nightly reports from root at localhost to a real account on another 
> machine.  What's the proper way to configure this?  By default, sendmail_enable="NO" in /etc/rc.conf still gives a 
> running sendmail that accepts mail from other hosts:
> 
> me at realhost$ echo foo | mail me at jail.example.com
> 
> me at jail.example.com$ tail -f /var/log/maillog
> Feb 27 09:43:37 jail.example.com sm-mta[86832]: n1RFhbBp086832: from=<me at realhost>, size=735, class=0, 
> nrcpts=1, msgid=<20090227154335.877A442071 at realhost>, bodytype=7BIT, proto=ESMTP, daemon=Daemon0, 
> relay=jail.example.com [10.0.5.70]
> Feb 27 09:43:37 jail.example.com sm-mta[86833]: n1RFhbBp086832: to=<me at jail.example.com>, delay=00:00:00, 
> xdelay=00:00:00, mailer=local, pri=30983, relay=local, dsn=2.0.0, stat=Sent
> 
> However, if I set sendmail_enable="NONE", then I can't send outbound email either:
> 
> me at jail.example.com$ echo foo | mail me at realhost
> me at jail.example.com$ tail -f /var/log/maillog
> Feb 27 09:37:37 jail.example.com sendmail[86513]: n1RFbbg3086513: from=me, size=28, class=0, nrcpts=1, 
> msgid=<200902271537.n1RFbbg3086513 at jail.example.com>, relay=me at localhost
> Feb 27 09:37:37 jail.example.com sendmail[86513]: n1RFbbg3086513: to=me at realhost, ctladdr=me (1001/1001), 
> delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30028, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, 
> stat=Deferred: Connection refused by [127.0.0.1]
> 
> What's the happy medium between "sendmail wide open" (eg sendmail_enable="NO" (WTF?)) and "disabled mail 
> system" (eg sendmail_enable="NONE")?

Here's a possible solution:

http://lists.freebsd.org/pipermail/freebsd-questions/2007-March/145682.html

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20090227/5086047a/signature.pgp

More information about the freebsd-questions mailing list