On 10/9/2010 9:11 PM, ramrunner wrote:
Hey list!
a) opensmtpd kicks ass! thanks!
b) i managed to chroot it (didn't find that on any list though) so
here is a short descr.
i have the following setup.
a chrooted sshd running on a high port that auths some jailed users.
i wanted to make the smtpd that runs outside the chroot to deliver
mails inside, but
stuck in a procmailrc hell. so i figured why not to chroot the whole smtpd?
Just for the record, there's not a lot of benefit from chrooting the
whole smtpd
as all processes that are exposed to user input are chrooted. The only
processes
that are not chrooted are those who open mailbox/maildirs/external mda
or that
do lookups.
c) files you need in the chroot: /etc/hosts /etc/resolv.conf
/etc/mail/ /etc/mail.rc (for the mail command)
and binaries: procmail , smtpd , smtpctl, sendmail (and mutt for me )
also in libexec: libexec/smtpd/ , libexec/lockspool , libexec/mail.local .
what do you think of the setup idea?
Not much outside of the fun and educational factor ;-)
Gilles
