Re: [SLE] Postfix setting
From: Richard Bos (radoeka_at_xs4all.nl)
Date: 03/31/05
- Previous message: Aldrik KLEBER: "[SLE] Use of PERSISTENT_NAME"
- In reply to: John Andersen: "Re: [SLE] Postfix setting"
- Next in thread: Theo v. Werkhoven: "Re: [SLE] Postfix setting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: suse-linux-e@suse.com Date: Thu, 31 Mar 2005 18:53:34 +0200
Op zaterdag 26 maart 2005 23:37, schreef John Andersen:
> > Sandy
>
> The problem is that mynetworks does not appear in /etc/sysconfig/postfix
> so they have no way to set this via yast. You have to know this
> in advance. Perhaps it will be fixed in 9.2 or 9.3.
I received this from the postfix maintainer:
> The problem is that mynetworks does not appear in /etc/sysconfig/postfix
> so they have no way to set this via yast. You have to know this
> in advance. Perhaps it will be fixed in 9.2 or 9.3.
echo POSTFIX_ADD_MYNETWORKS_STYLE=host >> /etc/sysconfig/postfix
or
echo POSTFIX_ADD_MYNETWORKS_STYLE=subnet >> /etc/sysconfig/postfix
or
echo POSTFIX_ADD_MYNETWORKS_STYLE=class >> /etc/sysconfig/postfix
and
SuSEconfig -module postfix
see
#
# POSTFIX_ADD_*
# You may add any existing postfix parameter here. Just execute the
# postconf command to get a complete list. You then have to uppercase
# the parameter and prepend POSTFIX_ADD_.
# Example:
# Let's say you want to add the postfix parameter mailbox_size_limit.
# Then just add
# POSTFIX_ADD_MAILBOX_SIZE_LIMIT=0
# POSTFIX_ADD_MESSAGE_SIZE_LIMIT=30000000
in /etc/sysconfig/postfix
> Without the ability to set mynetworks via yast, postfix defaults mynetworks
to
> use mynetworks-style, and THAT in turn defaults to mynetworks_style = subnet
> which means anyone with the same subnet can relay thru your box. In my case
> someone appearing to be (in reality, probably forged IP) on the same ISP was
> able to connect and relay.
See above.
> So the upshot is, that unless you know to check the main.cf, postfix
> will install insecurely if you accept smtp connections from
> remote and you configure it with Yast2.
That depends on your personal situation.
I agree, that there's room for improvement.
> Of course this was fairly easy to dig out after the fact, but
> with my machine filling my bandwidth with spam I was in
> a big hurry to get the problem solved, and learning postfix
> under the barrel of a gun was mot something I wanted
> to do, and not something I expected to do after years of
> installing sendmail securely with Yast.
I'm not aware of the fact that sendmail behaved different in the past.
-- Richard Bos Without a home the journey is endless -- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
- Previous message: Aldrik KLEBER: "[SLE] Use of PERSISTENT_NAME"
- In reply to: John Andersen: "Re: [SLE] Postfix setting"
- Next in thread: Theo v. Werkhoven: "Re: [SLE] Postfix setting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
