Re: SPAM: Re: [SLE] SPAM: MailScanner & Postfix

---

• From: JDP <jdp1024@xxxxxxxxxxxxx>
• Date: Sun, 6 Aug 2006 12:34:08 -0700 (GMT-07:00)

---

Internet <-> Postfix-Gateway <-> internal Mailserver

All Mails are running through the Postfix server either from outside or
inside. If you have three domains that postfix should accept mails for
and then relay to the internal server you should set up the domains as
relay domains.

Yes, this is correct; Internet -> Postfix/MailScanner -> Internal MailServer

/etc/postfix/main.cf:

# internal trusted net that is allowed to relay
mynetworks = 192.168.1.0/24, 127.0.0.0/8
# domains that postfix should accept mails for from the internet
relay_domains = domain1.example.com, domain2.example.com,
domain3.example.com
# reject not listed recipients as invalid, otherwise mail would bounce later
relay_recipient_maps = hash:/etc/postfix/relay_recipients

This is interesting; how to I tell Postfix to check the internal mailserver (Exchange) for address verification?

# accept mails for relay_domains and relay for mynetworks
smtpd_recipient_restrictions =
permit_mynetworks,
reject_unauth_destination
# send mail for special domains to the servers within:
transport_maps = hash:/etc/postfix/transport

/etc/postfix/transport:
# brackets to suppress mx lookup
domain1.example.com: relay:[192.168.1.13]
domain2.example.com: relay:[192.168.1.13]
domain2.example.com: relay:[192.168.1.13]

/path/to/file/with/valid/addresses:
address1@xxxxxxxxxxxxxxxxxxx OK
address2@xxxxxxxxxxxxxxxxxxx OK
address1@xxxxxxxxxxxxxxxxxxx OK
address2@xxxxxxxxxxxxxxxxxxx OK
address1@xxxxxxxxxxxxxxxxxxx OK
address2@xxxxxxxxxxxxxxxxxxx OK
....

This should give you a working installation without any whistles and
bells. If you don't have a list with valid addresses then you either
need to extract it (use an automated script later), use address
verification ( postfix asks the internal server if the address is
valid),

This is very promising. How does this work against an Exchange server?

or, worst case, disable recipient validation. That would lead to

bounces, so I advise against it.

If you want to get startet as fast as possible set "relay_recipient_maps
= ", that will disable the recipient validation.

All files with hash: in the beginning need to be converted to databases
with the postmap command after every change:

postmap /etc/postfix/transport
postmap /etc/postfix/relay_recipients

Okay, when running postmap I get an error of,

postmap: warning: /etc/postfix/transport, line 274: record is in "key: value" format; is this an alias file?

Should I drop the colon after the doamin name?

Thank you,

~James





--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@xxxxxxxx

---

• Follow-Ups:
  • Re: SPAM: Re: [SLE] SPAM: MailScanner & Postfix
    • From: Sandy Drobic
  • Re: SPAM: Re: [SLE] SPAM: MailScanner & Postfix
    • From: Per Jessen

• Prev by Date: [SLE] Re: MSOE
• Next by Date: Re: SPAM: Re: [SLE] SPAM: MailScanner & Postfix
• Previous by thread: Re: SPAM: Re: [SLE] SPAM: MailScanner & Postfix
• Next by thread: Re: SPAM: Re: [SLE] SPAM: MailScanner & Postfix
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: [SLE] SMTP authentication ... So eventhough my local SMTP server dials up to the internet with a certain username and password, that same username and password would not be used as authentication between my local SMTP server and the ISP's one, should it be used as a relay? ... either defer all outgoing mails until you connect to the internet, then flush out all the mails in the queue. ... Your local server would use an external program like fetchmail to poll the mailserver of your ISP, download the mails and feed them to Postfix. ... The test does NOT say "All clients must be in mynetworks, ... (SuSE) Re: [SLE] SMTP authentication ... So eventhough my local SMTP server dials up to the internet with a certain username and password, that same username and password would not be used as authentication between my local SMTP server and the ISP's one, should it be used as a relay? ... either defer all outgoing mails until you connect to the internet, then flush out all the mails in the queue. ... Postfix should not accept mails directly from the internet in that case. ... The test does NOT say "All clients must be in mynetworks, ... (SuSE) Re: [opensuse] Postfix does not seem to be logging ... Postfix is not logging to /var/log/mail itself, ... You probably need to set up smtp auth for Postfix to allow relaying from ... server providers mail relay server, ... (SuSE) exchange2k spam infected? disable relay agent? pls help ... Open the properties of the Default SMTP Virtual Server ... On the Access tab, click Relay. ... be some information in the non delivery message - you ... >mails r delayed. ... (microsoft.public.exchange2000.win2000) Re: Postfix issue ... Could anyone tell me what entry I should make in postfix configuration ... currently rejecting mails from servers on a dynamic ip address - so I ... They do not have the right to access private server systems unless ... primarily residential they will not even allow fixed IPs at any price. ... (freebsd-questions)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(17)