Sendmail and Jails

Jack Stone antennex at
Mon Mar 27 17:47:50 UTC 2006

>From: "David Robillard" <david.robillard at>
>To: "FreeBSD Questions Mailing List" <freebsd-questions at>
>CC: "Jack Stone" <antennex at>
>Subject: Re: Sendmail and Jails
>Date: Mon, 27 Mar 2006 10:44:29 -0500
>Message: 23
>Date: Sat, 25 Mar 2006 19:32:01 -0500
>From: Anish Mistry <mistry.7 at>
>Subject: Re: Sendmail and Jails
>To: freebsd-questions at
>Cc: Jack Stone <antennex at>
>Message-ID: <200603251932.11154.mistry.7 at>
>Content-Type: text/plain; charset="iso-8859-1"
>On Saturday 25 March 2006 18:42, Jack Stone wrote:
> > I have been setting up jails on various production servers on
> > FBSD-6.0 & 4.11.
> >
> > I was wondering how/where to configure & avoid the port conficts
> > for sendmail as follows:
> >
> > - main host - all sendmail services in & out (or at least out)
> > - jail - just outgoing services
> >
> > I gather I will need to configure one or the other on a non-std
> > port as both will try to grab the same ports: 25 & 587
> >
> > Any tips appreciated.
>Hi Jack,
>Since all jails and the main host have their own IP address, it is
>quite easy to do the setup you ask for. The idea here is to tell
>sendmail(8) on which IP it should bind to. No need to fuss around with
>ports or anything like that :o)
>For the sake of example, let's say we have this:
>On the main host, make sure you have
>in /etc/rc.conf. This will tell sendmail to run and listen for outside 
>Next, edit the /etc/mail/`uname -n`.mc file (make sure the uname(1)
>command is enclosed in back-ticks).
>sudo vi /etc/mail/`uname -n`.mc
>Include whatever sendmail(8) MC macro configuration you need and make
>sure you have this line which tells sendmail(8) to listen on
> on TCP port 25.
>DAEMON_OPTIONS(`Port=25, Addr=, Name=MTA, Family=inet')dnl
>Save the `uname -n`.mc file and restart sendmail:
>cd /etc/mail
>sudo make install restart
>Make sure you check /var/log/maillog for any errors.
>Now for the jails, you only have to configure sendmail in whatever way
>you need and have this
>in /etc/rc.conf. This tells sendmail to process mail only if it is
>originating from the localhost. I would recommend configuring each
>jails as a sendmail null client to your main host. For example:
>FEATURE(`nullclient', `')dnl
>Which will cause all jails to "punt" their mail directly to your
> machine.
>If you're not sure about which ports are opened by sendmail in the
>main host or the jails, run the sockstat(1) command.
>Also, sendmail relies on DNS for everything, so make sure your DNS
>systems is on par with the various hostnames you use. Otherwise,
>you'll end up with long boot time and a whole bunch of broken mail
>Finally, make sure you upgrade sendmail to version 8.13.6 because
>previous versions contain a vulnerability. Install port mail/sendmail.
>(this is my sendmail configuration in make.conf)
>sudo vi /etc/make.conf
>.if ${.CURDIR:M*/mail/sendmail}
>cd /usr/ports/mail/sendmail
>sudo make install
>sudo make mailer.conf
>sudo make clean
>Check if you're using the right one:
>sendmail -bt -d0.1 < /dev/null
>Let me know if you need more assistance. Of course, YMMV.
>David Robillard
>UNIX systems admin, CISSP

David: Thank you so much for this detailed "howto" on my question of 
configuring sendmail to handle both the main host and a jail on the same 
ports -- the info I found in the sendmail readme said to use different 
ports, (like 925 & 987) but if you advice works, this is great!

I wondered how I was going to use a bunch of jails without jumping thru 

Thanks again.

Don’t just search. Find. Check out the new MSN Search!

More information about the freebsd-questions mailing list