Re: [SLE] Stopping open mail relay in SuSE standard server.
Bruce Marshall wrote:
On Saturday 24 July 2004 08:42 pm, James Knott wrote:
I'm trying to set up a mail server for a small company. According to the O'Reilly Postfix book, it is already configured to not relay, but it apparently is relaying. At the moment, I'm just going by what the status displays show, as the server is about 25 miles away and only physically accessable during business hours. I plan to go in and verify what's happening, with ethereal.
Have you read all the comments in /etc/postfix/main.cf ?? I just took a quick read and there is a lot of info there for dealing with relaying....
I have, but I can certainly go through it again.
* James Knott;
Bruce Marshall wrote:
Have you read all the comments in /etc/postfix/main.cf ?? I just took a quick read and there is a lot of info there for dealing with relaying....
I have, but I can certainly go through it again.
As far as I can understand your problem is in the following areas. http://netmirror.org/mirror/postfix.org/documentation.html mynetworks_style (default: subnet) The method to generate the default value for the mynetworks parameter. This is the list of trusted networks for relay access control etc. * Specify "mynetworks_style = host" when Postfix should "trust" only the local machine. * Specify "mynetworks_style = subnet" when Postfix should "trust" SMTP clients in the same IP subnetworks as the local machine. On Linux, this works correctly only with interfaces specified with the "ifconfig" command. * Specify "mynetworks_style = class" when Postfix should "trust" SMTP clients in the same IP class A/B/C networks as the local machine. Don't do this with a dialup site - it would cause Postfix to "trust" your entire provider's network. Instead, specify an explicit mynetworks list by hand, as described with the mynetworks configuration parameter. proxy_interfaces (default: empty) The network interface addresses that this mail system receives mail on by way of a proxy or network address translation unit. This feature is available in Postfix 2.0 and later. You must specify your "outside" proxy/NAT addresses when your system is a backup MX host for other domains, otherwise mail delivery loops will happen when the primary MX host is down. Example: proxy_interfaces = 1.2.3.4 Network design however I would consider a rethinking as this is what causes most of the problems right now. Hope this helps -- Togan Muftuoglu | Unofficial SuSE FAQ Maintainer | Please reply to the list; http://susefaq.sf.net | Please don't put me in TO/CC. Nisi defectum, haud refiecendum
participants (2)
-
James Knott
-
Togan Muftuoglu