Hi All, How can i secure my postfix mail server not to act as open relay. I am running squirrelmail aswell. Thanks Regards ___________________________________________________________________ For super low premiums, click here http://www.webmail.co.za/dd.pwm http://www.webmail.co.za the South African FREE email service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Saturday 2006-01-28 at 00:59 +0200, it clown wrote:
How can i secure my postfix mail server not to act as open relay.
It is to vague a question. You'd better read the docs, then ask precise questions, if you don't understand something. - -- Cheers, Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFD2rDltTMYHG2NR9URAmoJAJ9BPD78X6gbQcoclOe/hk3AoZdCWACdHaDx /ocvKyGvtekS71HW5ppCUs8= =Qaiu -----END PGP SIGNATURE-----
On Sat, 28 Jan 2006 00:46:36 +0100 (CET) "Carlos E. R." <robin1.listas@tiscali.es> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Saturday 2006-01-28 at 00:59 +0200, it clown wrote:
How can i secure my postfix mail server not to act as open relay.
It is to vague a question. You'd better read the docs, then ask precise questions, if you don't understand something.
- -- Cheers, Carlos Robinson
i can telnet into smtp and relay mail asif it comes from any domain for example: mail from: user@anydomain.com I would like to stop this from happening. How would i secure it. Im not comming right with the docs. ___________________________________________________________________ For super low premiums, click here http://www.webmail.co.za/dd.pwm http://www.webmail.co.za the South African FREE email service
On Friday 27 January 2006 19:55, it clown wrote:
On Sat, 28 Jan 2006 00:46:36 +0100 (CET)
"Carlos E. R." <robin1.listas@tiscali.es> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Saturday 2006-01-28 at 00:59 +0200, it clown wrote:
How can i secure my postfix mail server not to act as
open
relay.
It is to vague a question. You'd better read the docs, then ask precise questions, if you don't understand something.
- -- Cheers, Carlos Robinson
i can telnet into smtp and relay mail asif it comes from any domain for example:
mail from: user@anydomain.com
I would like to stop this from happening.
How would i secure it.
You mean like I sent this email from your ID?? That's pretty normal. You can make the from anything you like.... But users outside your local network will not be able to send mail from your machine unless you've changed something from the way SuSE distributes.
it clown wrote:
i can telnet into smtp and relay mail asif it comes from any domain for example:
mail from: user@anydomain.com
I would like to stop this from happening.
How would i secure it.
Im not comming right with the docs.
Since you haven't given any other details, here are some solutions: - shut down postfix. Problem solved! - set inet_interfaces = 127.0.0.0/8. Problem solved! - set mynetworks = . (empty value) Problem solved! - set smtpd_recipient_restrictions = reject_unauth_destinations. Problem solved! Honestly! How can you expect serious advice if you don't tell what your configuration looks like now. Probably you also used localhost or a client on your internal network to telnet to your server. Those are trusted in the default configuration. The Postfix documentation at www.postfix.org/documentations.html is very detailed and has enough examples to get a basic understanding how to configure postfix in a secure way. Post the output of "postconf -n", that will give us the most important parameters of your configuration. Then explain who you want to enable to use your server as a relay, who should be able to deliver mail to your server and who should be rejected immediately. Sandy -- List replies only please! Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com
On Sat, 2006-01-28 at 02:55 +0200, it clown wrote:
On Sat, 28 Jan 2006 00:46:36 +0100 (CET) "Carlos E. R." <robin1.listas@tiscali.es> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Saturday 2006-01-28 at 00:59 +0200, it clown wrote:
How can i secure my postfix mail server not to act as open relay.
It is to vague a question. You'd better read the docs, then ask precise questions, if you don't understand something.
- -- Cheers, Carlos Robinson
i can telnet into smtp and relay mail asif it comes from any domain for example:
mail from: user@anydomain.com
I would like to stop this from happening.
How would i secure it.
Im not comming right with the docs. Look through the docs for a parameter called $mydomains. I think that determines which domains are allowed to send email through your server. There is also a parameter called $mynetwork, I think.
-- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998
Ken Schneider wrote:
On Sat, 2006-01-28 at 02:55 +0200, it clown wrote:
On Sat, 28 Jan 2006 00:46:36 +0100 (CET) "Carlos E. R." <robin1.listas@tiscali.es> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Saturday 2006-01-28 at 00:59 +0200, it clown wrote:
How can i secure my postfix mail server not to act as
open
relay.
It is to vague a question. You'd better read the docs, then ask precise questions, if you don't understand something.
- -- Cheers, Carlos Robinson
i can telnet into smtp and relay mail asif it comes from any domain for example:
mail from: user@anydomain.com
I would like to stop this from happening.
How would i secure it.
Im not comming right with the docs.
Look through the docs for a parameter called $mydomains. I think that determines which domains are allowed to send email through your server. There is also a parameter called $mynetwork, I think.
Ummm... Postfix will not relay by default. If it is currently functioning as an open relay (which you can verify by going to www.abuse.net/relay.html) then you have a problem with your configuration. I would start with that. - herman
Ken Schneider wrote:
i can telnet into smtp and relay mail asif it comes from any domain for example:
mail from: user@anydomain.com
I would like to stop this from happening.
How would i secure it.
Im not comming right with the docs.
Look through the docs for a parameter called $mydomains. I think that determines which domains are allowed to send email through your server. There is also a parameter called $mynetwork, I think.
Please don't confuse him any more than he already is. (^-^) mydomain: just a parameter to make things easier for the following values myorigin (= $mydomain) (postfix attaches this value to non FQDN recipients. mydestination list of domains that postfix is the final destination for, the local domains. mynetworks the ip addresses or networks that postfix trusts to relay Sandy -- List replies only please! Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Saturday 2006-01-28 at 02:55 +0200, it clown wrote:
i can telnet into smtp and relay mail asif it comes from any domain for example:
mail from: user@anydomain.com
So? You are doing it from inside... that's normal. - -- Cheers, Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD4DBQFD29dhtTMYHG2NR9URAoEkAJoCKkBWVAOMxWr94jiayaQMIBVL7QCXRufH Xvvhjt2N6LmxWk+HWk3jPA== =Doa/ -----END PGP SIGNATURE-----
participants (5)
-
Carlos E. R. -
Herman Knief -
it clown -
Ken Schneider -
Sandy Drobic