OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: restricted relaying to any host
From: Brad Henshaw (bradhyperstream.com.au)
Date: Sat Apr 15 2000 - 21:27:43 CDT

Hi,

I'm attempting to set up a mail server using postfix. It's a mail server
accessible to people at different places on the internet, so I want it to
allow users at certain IP addresses to relay mail to:

- the local mail server
- other machines on local network
- any machine on outside network

And deny relaying to everyone else.

Currently in main.cf I have:

smtpd_client_restrictions = check_client_access
hash:/etc/postfix/access
smtpd_recipient_restrictions = check_relay_domains, permit

Which, and I may be wrong about this, will restrict client access to the
ones I set in the access file, and allow authorised relaying to any
internet host.

The access file goes something like:
senderhost1.whatever.com OK
senderhost2.somethingelse.com OK

Now I've obviously done something seriously wrong here, because the
postfix machine accepts mail from anyone to the local postfix box,
regardless of whether they're in the access file or not.
But if anyone tries to send mail to an outside host, regardless of their
status in the access file, they get a 554: Recipient address rejected:
Relay access denied.

Can someone please help me stop pulling my hair out?

Thanks,
Brad Henshaw
---------------------------------------------------------------
- E-mail: bradhyperstream.com.au
- Web: http://excalibur.hyperstream.com.au/users/henshaw
- IRC: #CrashCentral (irc.austnet.org)
---------------------------------------------------------------
Atheism is a nonprophet organization.
---------------------------------------------------------------