diff options
author | gshapiro <gshapiro@FreeBSD.org> | 2002-05-22 16:37:32 +0000 |
---|---|---|
committer | gshapiro <gshapiro@FreeBSD.org> | 2002-05-22 16:37:32 +0000 |
commit | c4bd09146b324b0f5be1f06a341b194ce6ebb137 (patch) | |
tree | de24fee3c50388768353513e9b7040a24d2dd706 | |
parent | 25711d6191fb53f8be2fa8d35bbccba0a9772460 (diff) | |
download | FreeBSD-src-c4bd09146b324b0f5be1f06a341b194ce6ebb137.zip FreeBSD-src-c4bd09146b324b0f5be1f06a341b194ce6ebb137.tar.gz |
Add a warning regarding localhost-only listening daemons inside jails.
Apparently binding only to 127.0.0.1 inside of a jail actually binds
to the jail IP address as well (in effect, bind to all available
interfaces in the jail).
Submitted by: Helge Oldach <test-smtp@oldach.net>
MFC after: 1 day
pending RE approval
-rw-r--r-- | etc/mail/README | 11 | ||||
-rw-r--r-- | share/man/man8/rc.sendmail.8 | 3 |
2 files changed, 9 insertions, 5 deletions
diff --git a/etc/mail/README b/etc/mail/README index f3608fa..fd7c8f6 100644 --- a/etc/mail/README +++ b/etc/mail/README @@ -11,11 +11,12 @@ default) holds the mail if an MTA can not be contacted. To accomplish this, under the default setup, an MTA must be listening on localhost port 25. If the rc.conf sendmail_enable option is set to "NO", a sendmail daemon will still be started and bound only to the localhost -interface in order to accept command line submitted mail. If this is not -a desirable solution, it can be disabled using the sendmail_submit_enable -rc.conf option. However, if both sendmail_enable and sendmail_submit_enable -are set to "NO", you must do one of two things for command line submitted -mail: +interface in order to accept command line submitted mail (note that this +does not work inside jail(2) systems as jails do not allow binding to +just the localhost interface). If this is not a desirable solution, it +can be disabled using the sendmail_submit_enable rc.conf option. However, +if both sendmail_enable and sendmail_submit_enable are set to "NO", you +must do one of two things for command line submitted mail: 1. Designate an alternative host for the submission agent to contact by altering /etc/mail/freebsd.submit.mc (or setting SENDMAIL_SUBMIT_MC diff --git a/share/man/man8/rc.sendmail.8 b/share/man/man8/rc.sendmail.8 index 86783d4..50e6749 100644 --- a/share/man/man8/rc.sendmail.8 +++ b/share/man/man8/rc.sendmail.8 @@ -139,6 +139,9 @@ This is intended to allow local mail submission via a localhost-only listening SMTP service required for running .Xr sendmail 8 as a non-set-user-ID binary. +Note that this does not work inside +.Xr jail 2 +systems as jails do not allow binding to just the localhost interface. .It Va sendmail_submit_flags .Pq Vt str If |