In the send, sendto and sendmsg system calls, the description for an EPERM result is:
The process using a SOCK_RAW socket was jailed and thesource address specified in the IP header did not match the IP address bound to the prison.
While this is probably true (I haven't checked), a far more common reason for getting EPERM is that the firewall denied the packet. If you attempt to use send, sendto or sendmsg and the firewall denies the packet, you'll get EPERM.
You can test this by firewalling some IP address and then trying to ping it from the same machine. You'll get "sendto: permission denied" out of ping.
I propose the wording be changed to something like:
The packet was rejected for sending due to firewall rules on the local machine, or the process using a SOCK_RAW socket was jailed and the source address specified in the IP header did not match the IP address bound to the prison.
For bugs matching the following criteria:
Status: In Progress Changed: (is less than) 2014-06-01
Reset to default assignee and clear in-progress tags.
Mail being skipped