|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Open-Relay
Subject: RE: Open-Relay
From: Alex Miller (suse
bannerclub.com)
Date: Mon Jan 03 2000 - 10:35:16 CST
- Next message: Wietse Venema: "Re: no postfix/qmgr in my logfile"
- Previous message: Jeff Bacon: "Re: Postfix Maintenance?"
- In reply to: Wietse Venema: "Re: Open-Relay"
- Next in thread: Russ Allbery: "Re: Open-Relay"
- Reply: Alex Miller: "RE: Open-Relay"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Oh I get it now,
DRAC dynamcially creates the file /etc/postfix/client_access
whenever someone authenticates using pop. It says that
that particular IP address is OK for the next 30 minutes.
After 30 minutes of life DRAC kills the OK record.
Postfix reads this table because of the setting:
smtpd_recipient_restrictions = check_client_access
hash:/etc/postfix/client_access
The other values for smtpd_recipient_restrictions are
necessary for non-DRAC related relaying functionality
permit_mynetworks (otherwise mail is really broken)
check_relay_domains (permanent domains that have relaying privileges)
Sometimes it takes me a nights sleep...
Alex
> -----Original Message-----
> From: owner-postfix-userspostfix.org
> [mailto:owner-postfix-userspostfix.org]On Behalf Of Wietse Venema
> Sent: Monday, January 03, 2000 9:55 AM
> To: Alex Miller
> Cc: postfix-userspostfix.org
> Subject: Re: Open-Relay
>
>
> Alex Miller:
> [from the FAQ]
> > The next best way is to use plain old SMTP and to authenticate the user
> > first, for example, with a "please login via POP before using
> SMTP" scheme.
> > In that case,
> > some non-Postfix software such as DRAC maintains a
> Postfix-compatible access
> > table with client IP address information:
> >
> > /etc/postfix/main.cf:
> > smtpd_recipient_restrictions =
> > permit_mynetworks
> > check_client_access hash:/etc/postfix/client_access
> > check_relay_domains
> >
> > /etc/postfix/client_access:
> > 4.3.2.1 OK
> > 5.4.3.2 987654321
> >
> > ------------------------
> > How does DRAC interact with postfix? Is it the check_relay_domains
> > parameter?
>
> See above. It may be possible that DRAC generates btree tables instead
> of hash table, but that is a detail.
>
> Wietse
>
- Next message: Wietse Venema: "Re: no postfix/qmgr in my logfile"
- Previous message: Jeff Bacon: "Re: Postfix Maintenance?"
- In reply to: Wietse Venema: "Re: Open-Relay"
- Next in thread: Russ Allbery: "Re: Open-Relay"
- Reply: Alex Miller: "RE: Open-Relay"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Mon Jan 03 2000 - 11:29:02 CST