making postfix an open relay
Whereas people outside our LAN can't send mail to anywhere (except our
domain), I want to make it an open relay and then progressively tighten
it down. Provided below is the output of postfinger. I would have
thought that by commenting out the smtpd parameters, I would make it an
open relay, but apparently not. What can I do to open my postfix
server to the world!
Thanks,
Curtis
--System Parameters--
mail_version = 1.1.11
hostname = atlantica.npc-usa.com
uname = Linux atlantica.npc-usa.com 2.4.18-14 #1 Wed Sep 4 13:35:50 EDT
2002 i686 i686 i386 GNU/Linux
--Packaging information--
looks like this postfix comes from a RPM package: postfix-1.1.11-5
--main.cf non-default parameters--
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
allow_untrusted_routing = yes
append_dot_mydomain = no
broken_sasl_auth_clients = yes
home_mailbox = Maildir/
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $mydomain, $myhostname, localhost.$mydomain, localhost
mydomain = vostok1.com
myhostname = atlantica.vostok1.com
mynetworks = 10.0.1.0/24, 10.0.0.0/24, 127.0.0.1/32
newaliases_path = /usr/bin/newaliases.postfix
readme_directory = /usr/share/doc/postfix-1.1.11/README_FILES
relay_domains =
sample_directory = /usr/share/doc/postfix-1.1.11/samples
sendmail_path = /usr/sbin/sendmail.postfix
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unknown_recipient_domain,
reject_unknown_sender_domain, reject_non_fqdn_recipient,
reject_non_fqdn_sender, reject_unauth_destination, permit
smtpd_sasl_auth_enable = yes
--master.cf--
2525 inet n - n - - smtpd
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
submission inet n - n - - smtpd
-o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
pickup fifo n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr fifo n - y 300 1 nqmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
flush unix n - y 1000? 0 flush
smtp unix - - y - - smtp
showq unix n - y - - showq
error unix - - y - - error
local unix - n n - - local
virtual unix - n y - - virtual
lmtp unix - - y - - lmtp
cyrus unix - n n - - pipe
flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender -
$nexthop!rmail.postfix ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
$recipient
Reply to: