OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: relay security...
From: Wietse Venema (wietseporcupine.org)
Date: Sat Dec 09 2000 - 14:41:36 CST

Joe Laffey:
> If you want to configure Postfx only to run for your own networks (say a
> /27 or /28) how do you set this up in main.cf? In other words, how do you
> PREVENT the auto-detection?

This is the default main.cf setting:

    # LOCAL NETWORKS
    #
    # The list of networks that I am attached to. Default is all the
    # networks that I am listening on: a complete class A network, a
    # complete class B network, and so on. If you want stricter control,
    # specify a list of network/mask patterns, where the mask specifies
    # the number of bits in the network part of a host address. You can
    # also specify the absolute pathname of a pattern file instead of
    # listing the patterns here.

    #mynetworks = /etc/postfix/mynetworks

This is what I have specified for my local subnet:

    mynetworks = 168.100.189.0/28

I will change the mynetworks default, because most users will not
figure out from the documentation what is a proper setting unless
Postfix refuses to relay mail for them.

        Wietse