Find the answer to your Linux question:
Results 1 to 2 of 2
Hi, We have just setup a new postfix server to act as an antispam gateway in our network. Under smtpd_recipient_restrictions, we have the following configuration: smtpd_recipient_restrictions = reject_unknown_sender_domain reject_unknown_recipient_domain permit_mynetworks ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jun 2012
    Posts
    1

    Postfix mynetwork open relay


    Hi,

    We have just setup a new postfix server to act as an antispam gateway in our network.
    Under smtpd_recipient_restrictions, we have the following configuration:

    smtpd_recipient_restrictions =

    reject_unknown_sender_domain

    reject_unknown_recipient_domain

    permit_mynetworks

    reject_unauth_destination

    reject_unauth_pipelining

    reject_invalid_hostname

    reject_non_fqdn_helo_hostname

    reject_non_fqdn_sender

    reject_non_fqdn_recipient

    permit



    mynetwork has the following values 127.0.0.0/8 and 192.168.0.0/24 which is the network subnet for the LAN.

    According to this settings, the computer on the LAN, would be able to send emails even if they type an invalid

    domain on RCPT TO as permit_mynetworks is before reject_unknown_recipient_domain.
    But the thing is that with this settings, the server is acting as an open relay and all the computers out on the

    Internet are able to relay mail through it (to domains that are not listed inside /etc/postfix/relay_domains).

    If we remove the network segment for the LAN on mynetwork, then no computer is able to send email to the server.

    I donīt know if is relevant, but we have a firewall with NAT to redirect the traffic on port 25 to the private IP of the server.

    It would be great if someone could give us a hand or correct the configuration of the main.cf if there is something wrong

    Thanks very much in advance

  2. #2
    Linux Enthusiast scathefire's Avatar
    Join Date
    Jan 2010
    Location
    Western Kentucky
    Posts
    626
    Are you certain you are an open relay? Check an Open Relay
    linux user # 503963

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •