never mind i’ll work around it
If your using jailkit you need to add everything to each jail, such as postfix, dovecot etc. Just out of interest why are using jailkit ?
You need to give us the actual error. It depends on how you’re sending mail, but most of the time something doesn’t work in the jail is just because you didn’t put the necessary software in the jail. A jailed user cannot run anything you didn’t explicitly give them access to, that’s the point of the jail.
Oh no!
You definitely do not want/need to do that, and it would be dangerous to do that, as both of those include suexec binaries.
never mind i’ll work around it
jailkiot keeps one apache user form being able to infect another apache user.
I have no idea. I’ve never heard of smtp2go.
You need to dig down into the logs and see what’s actually going on. “unable to instantiate mailsystem” is a meaningless error.
If it used to work with the jail enabled (are you sure?) then it seems like it must be a configuration issue. You should try using an IP address instead of a hostname to specify the SMTP server, if it’s sending via localhost, since making the hosts file work inside a jail is tricky. You may also want to add logging to your application to narrow down why it’s failing (i.e. check to be sure the hostname you’re trying to send to resolves, log what errors are returned when trying to connect, etc.).
No, it doesn’t.
It keeps users from being able to see other users on the system, and also limits which commands users can execute. It has nothing to do with Apache (Apache is not jailed), and your user code is never run by Apache in a properly configured system…the code is run by PHP-FPM which runs as the domain owner user and Apache proxies user requests to FPM. Apache is entirely independent of jailkit.
Jailkit is only marginally related to security. It may be able to limit the attack surface in the event a user account is compromise, if carefully deployed. On Debian/Ubuntu it can actually increase the risk of an exploit, as it does not use capabilities and instead has suid binaries (EL Jailkit packages use capabilities, instead, mostly removing that risk). At least that was true the last time I checked. But, it doesn’t really have anything to do with any system services.
To be clear, Apache cannot be exploited by users with or without jailkit. Users are not able to run code as the Apache user unless you have (against all of our advice and warnings) enabled mod_php, in which case Jailkit really can’t save you because Apache is not jailed. All application code runs as the domain owner user.
never mind i’ll work around it
They do not intercept mail. You are explicitly sending mail to them to be forwarded. If you’re not explicitly sending it to them, they can’t forward it.
I don’t know. I still don’t see errors I can do anything with. What is in the PHP and web server logs when you try to send email?
never mind i’ll work around it
The issue seems to be that lots of scripts use the mail() module
Below is the output of a small script I wrote to test PHP mailing. Jails breaks password reset scripts for Wordpress and anything using the default mail() as sendmail is excluded from the jail.
I’d like to fix this the correct way so thought I’d update this thread.
As soon as I disable the jail this send fine
Starting PHP mail() diagnostics…
mail() function is available.
sendmail_path: /usr/sbin/sendmail -t -i
SMTP: localhost
SMTP Port: 25
Sending test email to: support@somedomain.tld
Mail failed to send.
<?php
echo "<pre>"; // Format output for readability
echo "Starting PHP mail() diagnostics...\n";
// Check if mail function exists
if (function_exists('mail')) {
echo "✔ mail() function is available.\n";
} else {
echo "✖ mail() function is NOT available.\n";
exit("mail() function not available. Cannot proceed.\n");
}
// Display sendmail or SMTP configuration
$sendmailPath = ini_get('sendmail_path');
$smtp = ini_get('SMTP');
$smtpPort = ini_get('smtp_port');
echo "sendmail_path: " . ($sendmailPath ?: 'Not set') . "\n";
echo "SMTP: " . ($smtp ?: 'Not set') . "\n";
echo "SMTP Port: " . ($smtpPort ?: 'Not set') . "\n";
// Email parameters
$to = 'support@domainnamehere.tld;
$subject = 'PHP Mail Test';
$message = "This is a test email sent using PHP's mail() function.";
$headers = 'From: noreply@domainnamehere.tld' . "\r\n" .
'Reply-To: noreply@domainnamehere.tld' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
// Attempt to send mail
echo "\nSending test email to: $to\n";
$success = mail($to, $subject, $message, $headers);
if ($success) {
echo "✔ Mail sent successfully!\n";
} else {
echo "✖ Mail failed to send.\n";
}
echo "</pre>";
?>
some say jailkit introduces more headaches and issues than solving problems 
any chance you don’t really need jailkit … just a random thought here.
We already discussed why that fails.
You’re trying to send via localhost, and localhost is not resolving inside your jail. (You need some extra stuff, like /etc/hosts and some other stuff…nsswitch.conf, maybe? I don’t remember all the details…but, it’s simplest to just use 127.0.0.1)
If you have further questions, please make a new topic, as you’re using different tools from the original discussion (though the problem remains the same).