UPDATE: Relaying restrictions cont.

To: matthew@weierophinney.net, Debian User List <debian-user@lists.debian.org>
Subject: UPDATE: Relaying restrictions cont.
From: Curtis Vaughan <curtis@npc-usa.com>
Date: Thu, 10 Oct 2002 15:28:20 -0700
Message-id: <[🔎] 3DA5FF04.9050409@npc-usa.com>
Reply-to: curtis@npc-usa.com



In addition to what I have written below:

It turns out I was wrong about those changes. In fact, it was stillrelaying. Since then I made the following changes and now it seems to beworking more or less.


Changes:

smtpd_client_restrictions = check_relay_domains, reject_unknown_client
relay_domains = $mydestination, $virtual_domains
virtual_domains = domain1.com, domain2.com

So, now mail can be sent by anyone to either my domain or a virtualdomain, but to no other addresses. At least using a mail client andtelneting in, I always got a relay reject on any other addresses.


Nevertheless, can you believe this?

3811834B365     9269 Thu Oct 10 14:54:35  (MAILER-DAEMON)
                                        vbdku@terra.com.ni

37F013474D0     4484 Thu Oct 10 15:07:45  (MAILER-DAEMON)
                                        hghpro@eudoramail.com


Although I made the changes at around 14:45.

Curtis



Curtis Vaughan wrote:

So, here's some history.

My SEMSIII is relaying outside mail.

Some relevant parameters in main.cf and a history follows:

Originally, these lines were in there:

smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_recipient_restrictions = ldap:ldapmailenab,
    permit_tls_clientcerts, permit_sasl_authenticated,
    permit_mynetworks, check_sender_access,
    check_relay_domains


On the advice of a user I made the following addition:

smtpd_client_restrictions = permit_mynetworks, reject_unknown_client

However, it was still relaying. So, I commented out the lines thatwere originally there so that it read.


#smtpd_sender_restrictions = hash:/etc/postfix/access
#smtpd_recipient_restrictions = ldap:ldapmailenab,
    permit_tls_clientcerts, permit_sasl_authenticated,
    permit_mynetworks, check_sender_access,
    check_relay_domains
smtpd_client_restrictions = permit_mynetworks, reject_unknown_client

Now, it stopped relaying for anyone sending mail to anyone who is notpart of my domain (mynetworks).

Check this out however! Looking at mailq I get the following outputeven now:


35FFE34D70C     3000 Thu Oct 10 10:00:48  (MAILER-DAEMON)
                                        lisafemgal@msn.com

35AED347242     2998 Thu Oct 10 10:18:14  (MAILER-DAEMON)
                                        lisafemgal@msn.com

3562134889E     2927 Thu Oct 10 10:18:32  (MAILER-DAEMON)
                                        anggem@yahoo.com

352CE34762C     2934 Thu Oct 10 10:27:04  (MAILER-DAEMON)
                                        anggem@yahoo.com

3F774348E4F    10179 Tue Oct  8 09:13:25  Do_not_reply@yahoo.com

(connect to ns.perceptics.com[208.252.202.66]: Connectionrefused)

                                        webmaster@ns.perceptics.com

(connect to ns.perceval.be[194.183.227.1]: Connectionrefused)

                                        webmaster@ns.perceval.be

I don't remember the exact time I commented out those lines andtherefore prevented any relaying, but it was before 10:00. Where thehell is this coming from then?

Curtis

Reply to:

Follow-Ups:
- Re: UPDATE: Relaying restrictions cont.
  - From: Justin Ryan <justin@gnubian.org>

Prev by Date: Re: Finding files to back up
Next by Date: Re: Anyone??? HP USB DVD+RW for Woody
Previous by thread: XF86 4.2.1 + Radeon == No valid mode found for this DFP/LCD
Next by thread: Re: UPDATE: Relaying restrictions cont.
Index(es):
- Date
- Thread