Mailinglist Archive: opensuse (3232 mails)

< Previous Next >
Re: SPAM: Re: [SLE] SPAM: MailScanner & Postfix
  • From: Sandy Drobic <suse-linux-e@xxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Sun, 6 Aug 2006 18:40:04 +0000 (UTC)
  • Message-id: <44D63783.20400@xxxxxxxxxxxxxxxxxxxxxxx>
JDP wrote:
-----Original Message-----

I would suggest you start without chroot, then set up a test environment wher you can test your installation without dead line pressure.


Thanks for your help. I am getting somewhere. I have a test mail sitting in the postfix queue. How to I tell Postfix to relay to certain domains? For example, we have three domains on our mail server. I want Postfix to send mail to that server, but not relay to anyone else. How do I accomplish this?
It would help if you described your setup a bit more detailed. At the moment I assume the following setup:

Internet <-> Postfix-Gateway <-> internal Mailserver

All Mails are running through the Postfix server either from outside or inside. If you have three domains that postfix should accept mails for and then relay to the internal server you should set up the domains as relay domains.


/etc/postfix/main.cf:

# internal trusted net that is allowed to relay
mynetworks = 192.168.1.0/24, 127.0.0.0/8
# domains that postfix should accept mails for from the internet
relay_domains = domain1.example.com, domain2.example.com, domain3.example.com
# reject not listed recipients as invalid, otherwise mail would bounce later
relay_recipient_maps = hash:/etc/postfix/relay_recipients
# accept mails for relay_domains and relay for mynetworks
smtpd_recipient_restrictions =
permit_mynetworks,
reject_unauth_destination
# send mail for special domains to the servers within:
transport_maps = hash:/etc/postfix/transport

/etc/postfix/transport:
# brackets to suppress mx lookup
domain1.example.com: relay:[192.168.1.13]
domain2.example.com: relay:[192.168.1.13]
domain2.example.com: relay:[192.168.1.13]

/path/to/file/with/valid/addresses:
address1@xxxxxxxxxxxxxxxxxxx OK
address2@xxxxxxxxxxxxxxxxxxx OK
address1@xxxxxxxxxxxxxxxxxxx OK
address2@xxxxxxxxxxxxxxxxxxx OK
address1@xxxxxxxxxxxxxxxxxxx OK
address2@xxxxxxxxxxxxxxxxxxx OK
....

This should give you a working installation without any whistles and bells. If you don't have a list with valid addresses then you either need to extract it (use an automated script later), use address verification ( postfix asks the internal server if the address is valid), or, worst case, disable recipient validation. That would lead to bounces, so I advise against it.

If you want to get startet as fast as possible set "relay_recipient_maps = ", that will disable the recipient validation.

All files with hash: in the beginning need to be converted to databases with the postmap command after every change:

postmap /etc/postfix/transport
postmap /etc/postfix/relay_recipients

Once you have the transport file set up you can use "postsuper" to tell postfix to reevaluate the transport settings:
postsuper -r ALL

That will requeue the mails.

If you have further questions, please send the output of "postconf -n" and the log lines where the problem occurs. Use example.com and private ip addresses if you want to hide sensitive data. Don't show real mail addresses here in the mailing list, the spammers like to harvest the web archives for mail addresses. (^-^)


Again, I cannot thank you enough.

By the way, I am not sure what took down the old server. The harddrive was incredibly hot, but the MB may have been the problem too. At any rate, I was looking forward to getting this set up on a Suse system, although I was hoping for a more leisurely pace. Oh well.

~James

Heat the enemy number one of most computers. Even my workstation that I am writing the mail here has a hardware raid. (^-^)

Sandy

--
List replies only please! Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com


< Previous Next >
References