|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Open-Relay
Subject: Re: Open-Relay
From: Jason Hoos (jhoos
thwack.net)
Date: Sun Jan 02 2000 - 23:16:29 CST
- Next message: Craig Sanders: "Re: performance on postfix"
- Previous message: Alex Miller: "RE: Open-Relay"
- In reply to: Alex Miller: "RE: Open-Relay"
- Next in thread: Wietse Venema: "Re: Open-Relay"
- Next in thread: Russ Allbery: "Re: Open-Relay"
- Reply: Jason Hoos: "Re: Open-Relay"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> The DRAC documentation tells how to modify the source of qpopper; is there
> there a need to recompile postfix or get a new rpm?
No. You might need to modify your IMAP or POP daemons, but postfix itself
just requires a config-file change. Specifically, you add a line such as:
check_client_access btree:/etc/dracd.db
to your smtpd_recipient_restrictions. Where in smtpd_recipient_restrictions
you add it depends on what you already have there; I personally have it
right after permit_mynetworks, but your config may vary.
> What are the 987654321 numbers supposed to be?
I'm pretty sure it's a timestamp that the DRAC daemon uses to determine when
to time out the database entry, since they are only supposed to be valid for
something like a half hour after authentication. Postfix will interpret
them as being the same as a "OK" entry in the table. The DRAC daemon will
take care of removing expired entries from the table according to these
stamps, thus they have no particular significance beyond "OK" to Postfix.
> What is the 4.3.2.1 OK supposed to be. Is that unrelated to relaying
> mail to mobile users, in that it's a particular ok ip address?
Yes, it is the IP address that the user authenticated from (and that Postfix
should therefore allow relaying from).
> If I simply follow the installation procedure for Linux, ignoring the
> steps to modify my pop daemon, and make the above settings (assuming
> I know what 987654321 is supposed to be)
You will more than likely still need to modify your POP or IMAP daemon
unless it happens to support DRAC already. Otherwise, the POP daemon will
never notify the DRAC daemon of the authentication, and the remote user will
not be able to relay mail. If this isn't something you wish to deal with, I
have seen less "elegant" solutions that use daemons which monitor
/var/log/maillog for login reports from the POP daemon (I don't have any
URLs to them unfortunately); you might want to consider one of those. They
integrate with Postfix in the same manner as DRAC.
Jason Hoos
jhoosthwack.net
- Next message: Craig Sanders: "Re: performance on postfix"
- Previous message: Alex Miller: "RE: Open-Relay"
- In reply to: Alex Miller: "RE: Open-Relay"
- Next in thread: Wietse Venema: "Re: Open-Relay"
- Next in thread: Russ Allbery: "Re: Open-Relay"
- Reply: Jason Hoos: "Re: Open-Relay"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Sun Jan 02 2000 - 23:17:11 CST