info about a postfix problem
in [Postfix]
|
Prev: Transport table gone ?
Next: hi
From: Stefano Villa on 8 Mar 2010 05:54 Hi to all! I've a problem with Postfix. I've two Red-Hat virtual machine Postfix (version 2.3.3). My purpose is configure the relaying to another mail server (with any recipient) but from six sender domain only (domain.a, domain.b, domain.c, domain.d, domain.e, domain.f) I set up main.cf as follow: --- mydestination = $myhostname, localhost.$mydomain, localhost, relay1.domain.a relay_domains = $mydestination, domain.a, domain.b, domain.c, domain.d, domain.e, domain.f smtpd_sender_restrictions = hash:/etc/postfix/sender_access, reject_unknown_sender_domain smtpd_reject_unlisted_sender = yes relay_recipient_maps = hash:/etc/postfix/relay_recipients relayhost = smtp.domaintarget.g --- The sender_access file is as follow: --- domain.a ok --- The relay_recipients is as follow: --- @domain.a ok --- I made those tests: - send mail from: user(a)fakedomain.com (i.e user(a)sdfgsdfhsdh.com): 450 4.1.8 <user(a)sdfgsdfhsdh.com>: Sender address rejected: Domain not found - send mail from:user(a)gmail.com (or another domain - yahoo ecc ecc and domain.a, domain.b, domain.c, domain.d, domain.e, domain.f too) to any domain: Mar 8 11:47:54 relay1 postfix/smtp[28029]: 66B7258056: to=<user(a)domain.d>, relay=smtp.domaintarget.g[10.244.33.32]:25, delay=189, delays=189/0.02/0.03/0.09, dsn=2.6.0, status=sent (250 2.6.0 <20100308104459.66B7258056(a)relay1.domain.a> Queued mail for delivery). I would like to permit relaying only from *@domain.a/domain.b/domain.c/domain.d/domain.e/domain.f to any destination, and not any to any. How can I set up my postfix? Thanks!! -- Stefano Villa
From: Noel Jones on 8 Mar 2010 10:25 On 3/8/2010 4:54 AM, Stefano Villa wrote: > Hi to all! I've a problem with Postfix. > I've two Red-Hat virtual machine Postfix (version 2.3.3). > > My purpose is configure the relaying to another mail server (with any > recipient) but from six sender domain only (domain.a, domain.b, > domain.c, domain.d, domain.e, domain.f) > > I set up main.cf as follow: > --- > mydestination = $myhostname, localhost.$mydomain, localhost, relay1.domain.a > relay_domains = $mydestination, domain.a, domain.b, domain.c, > domain.d, domain.e, domain.f > smtpd_sender_restrictions = hash:/etc/postfix/sender_access, > reject_unknown_sender_domain > smtpd_reject_unlisted_sender = yes > relay_recipient_maps = hash:/etc/postfix/relay_recipients > relayhost = smtp.domaintarget.g > --- > > The sender_access file is as follow: > --- > domain.a ok > --- > > The relay_recipients is as follow: > --- > @domain.a ok > --- > > I made those tests: > - send mail from: user(a)fakedomain.com (i.e user(a)sdfgsdfhsdh.com): > 450 4.1.8<user(a)sdfgsdfhsdh.com>: Sender address rejected: Domain not found > > - send mail from:user(a)gmail.com (or another domain - yahoo ecc ecc and > domain.a, domain.b, domain.c, domain.d, domain.e, domain.f too) to any > domain: > Mar 8 11:47:54 relay1 postfix/smtp[28029]: 66B7258056: > to=<user(a)domain.d>, relay=smtp.domaintarget.g[10.244.33.32]:25, > delay=189, delays=189/0.02/0.03/0.09, dsn=2.6.0, status=sent (250 > 2.6.0<20100308104459.66B7258056(a)relay1.domain.a> Queued mail for > delivery). > > I would like to permit relaying only from > *@domain.a/domain.b/domain.c/domain.d/domain.e/domain.f to any > destination, and not any to any. > > How can I set up my postfix? > > Thanks!! Use something like smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access permit_auth_destination reject If this server isn't used for incoming email, you can remove permit_auth_destination. Your use of a wildcard in relay_recipient_maps disables recipient validation. I can't stress how important it is that you use a real list of valid recipients. This will come back and bite you. -- Noel Jones
From: Stefano Villa on 9 Mar 2010 03:27 It works!!! Thanks! Stefano > Use something like > smtpd_sender_restrictions = > check_sender_access hash:/etc/postfix/sender_access > permit_auth_destination > reject > > If this server isn't used for incoming email, you can remove > permit_auth_destination. > > Your use of a wildcard in relay_recipient_maps disables recipient > validation. I can't stress how important it is that you use a real list of > valid recipients. This will come back and bite you. > > -- Noel Jones > -- Stefano Villa
|
Pages: 1 Prev: Transport table gone ? Next: hi |