Mailinglist Archive: opensuse-security (359 mails)

< Previous Next >
Re: [suse-security] Postfix question
  • From: Sven 'Darkman' Michels <sven@xxxxxxxxxx>
  • Date: Sun, 20 Jul 2003 01:15:39 +0200
  • Message-id: <3F19D11B.7080507@xxxxxxxxxx>
Theo v. Werkhoven wrote:

Is it possible to set up postfix in the following way, so that it would permit sending mail with unathorized access from internal private network, and at the same time serve as secured password-authorized
SMTP to external public network
in other words: if i would like to send mail from internal netwrok, i just specify my server as usual SMPT without auth, and if i want to use it from outside, i configure my mail client to use it with SSL enabled and with user/password auth.
Any ideas will be highly welcomed!


Create another instance of Postfix, which handles the un-authenticated
mail for the LAN.
http://advosys.ca/papers/postfix-instance.html

Kanons on birds ;) it's not needed to have two instances:
setup sasl to do the auth stuff for external users, set:
mynetworks = 10.0.0.0/24, 127.0.0.0/8

smtpd_recipient_restrictions = reject_non_fqdn_recipient,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
permit_mynetworks,
permit_sasl_authenticated,
check_relay_domains

And you'll get what you need.

(thats just a example, you need the order of permit_mynetworks
and sasl_authenticated to get what you want)

Of course you have to setup sasl to do that.

Regards,
Sven


< Previous Next >
Follow Ups