making postfix an open relay

To: debian-user@lists.debian.org
Subject: making postfix an open relay
From: Curtis Vaughan <curtis@npc-usa.com>
Date: Tue, 20 May 2003 15:17:03 -0700
Message-id: <[🔎] 3ECAA95F.40807@npc-usa.com>
Reply-to: curtis@npc-usa.com

Whereas people outside our LAN can't send mail to anywhere (except our
domain), I want to make it an open relay and then progressively tighten
it down.  Provided below is the output of postfinger.  I would have
thought that by commenting out the smtpd parameters, I would make it an
open relay, but apparently not.  What can I do to open my postfix
server to the world!

Thanks,

Curtis

--System Parameters--
mail_version = 1.1.11
hostname = atlantica.npc-usa.com
uname = Linux atlantica.npc-usa.com 2.4.18-14 #1 Wed Sep 4 13:35:50 EDT
2002 i686 i686 i386 GNU/Linux

--Packaging information--
looks like this postfix comes from a RPM package: postfix-1.1.11-5

--main.cf non-default parameters--
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
allow_untrusted_routing = yes
append_dot_mydomain = no
broken_sasl_auth_clients = yes
home_mailbox = Maildir/
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $mydomain, $myhostname, localhost.$mydomain, localhost
mydomain = vostok1.com
myhostname = atlantica.vostok1.com
mynetworks = 10.0.1.0/24, 10.0.0.0/24, 127.0.0.1/32
newaliases_path = /usr/bin/newaliases.postfix
readme_directory = /usr/share/doc/postfix-1.1.11/README_FILES
relay_domains =
sample_directory = /usr/share/doc/postfix-1.1.11/samples
sendmail_path = /usr/sbin/sendmail.postfix
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unknown_recipient_domain,
reject_unknown_sender_domain, reject_non_fqdn_recipient,
reject_non_fqdn_sender, reject_unauth_destination, permit
smtpd_sasl_auth_enable = yes

--master.cf--
2525    inet    n       -       n       -       -       smtpd
smtps     inet  n       -       n       -       -       smtpd
   -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
submission      inet    n       -       n       -       -       smtpd
   -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
pickup  fifo    n       -       y       60      1       pickup
cleanup unix    n       -       y       -       0       cleanup
qmgr    fifo    n       -       y       300     1       nqmgr
rewrite unix    -       -       y       -       -       trivial-rewrite
bounce  unix    -       -       y       -       0       bounce
defer   unix    -       -       y       -       0       bounce
flush   unix    n       -       y       1000?   0       flush
smtp    unix    -       -       y       -       -       smtp
showq   unix    n       -       y       -       -       showq
error   unix    -       -       y       -       -       error
local     unix  -       n       n       -       -       local
virtual unix    -       n       y       -       -       virtual
lmtp    unix    -       -       y       -       -       lmtp
cyrus     unix  -       n       n       -       -       pipe
   flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
uucp      unix  -       n       n       -       -       pipe
   flags=Fqhu user=uucp argv=uux -r -n -z -a$sender -
$nexthop!rmail.postfix ($recipient)
ifmail    unix  -       n       n       -       -       pipe
   flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
   flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
$recipient

Reply to:

Follow-Ups:
- Re: making postfix an open relay
  - From: Paul Johnson <baloo@ursine.dyndns.org>
- Re: making postfix an open relay
  - From: Nicolas Kratz <nick@ikarus.dyndns.org>
- Re: making postfix an open relay
  - From: Nico Meijer <nico.meijer@zonnet.nl>

Prev by Date: Re: Wireless LAN problems
Next by Date: Re: Wireless LAN problems
Previous by thread: Re: stripping email attachments ???
Next by thread: Re: making postfix an open relay
Index(es):
- Date
- Thread