From c4bd09146b324b0f5be1f06a341b194ce6ebb137 Mon Sep 17 00:00:00 2001 From: gshapiro Date: Wed, 22 May 2002 16:37:32 +0000 Subject: Add a warning regarding localhost-only listening daemons inside jails. Apparently binding only to 127.0.0.1 inside of a jail actually binds to the jail IP address as well (in effect, bind to all available interfaces in the jail). Submitted by: Helge Oldach MFC after: 1 day pending RE approval --- etc/mail/README | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'etc/mail') diff --git a/etc/mail/README b/etc/mail/README index f3608fa..fd7c8f6 100644 --- a/etc/mail/README +++ b/etc/mail/README @@ -11,11 +11,12 @@ default) holds the mail if an MTA can not be contacted. To accomplish this, under the default setup, an MTA must be listening on localhost port 25. If the rc.conf sendmail_enable option is set to "NO", a sendmail daemon will still be started and bound only to the localhost -interface in order to accept command line submitted mail. If this is not -a desirable solution, it can be disabled using the sendmail_submit_enable -rc.conf option. However, if both sendmail_enable and sendmail_submit_enable -are set to "NO", you must do one of two things for command line submitted -mail: +interface in order to accept command line submitted mail (note that this +does not work inside jail(2) systems as jails do not allow binding to +just the localhost interface). If this is not a desirable solution, it +can be disabled using the sendmail_submit_enable rc.conf option. However, +if both sendmail_enable and sendmail_submit_enable are set to "NO", you +must do one of two things for command line submitted mail: 1. Designate an alternative host for the submission agent to contact by altering /etc/mail/freebsd.submit.mc (or setting SENDMAIL_SUBMIT_MC -- cgit v1.1