2001-01-03-23:57:58 Jack Sasportas:
> If I want to put postfix on a box that will only send outgoing mail from
> CGI programs for web sites we host, and NONE of the email is to be
> delivered to the same server ( in other words this will be a webserver
> only ) what are the basic parameters I need to setup ?

Keep it really, really simple. Set myhostname; and #-out the smtp
line in master.cf, which will prevent postfix from listening on port
25. Or, if your CGI needs to inject via SMTP, rather than piping
into /usr/sbin/sendmail, just set inet_interfaces=localhost so
postfix won't listen on the external interface. Set relayhost if you
want to use another machine to collect and route this stuff (if e.g.
you've got your webserver so screened off that it can't do DNS ---
as I've done on occasion).

> Maybe if I explain what my problem is, this will help in better
> understanding what I need to accomplish.

Wish you hadn't:-).

> ServerM ( Mail) and ServerW ( Web) -- sit on the same network, when I
> execute a cgi program on server W, it tries to deliver the mail locally,

"it", presumably, would mean the postfix running onm server W? This
sounds like a different question from the first one.

> even though the MX shows that it should be delivered to server M, this
> of course causes problems when someone we host fills out a form calling
> a cgi program on the W server, and expects their script to email them a
> message, only to find out it that it didn't send the message properly.

Sounds like the value of the postfix parameter myorigin on server W
is contained within its mydestination list. That's the criterion
that will decide this; if you send email to "foo", postfix tacks on
$myorigin (unless append_at_myorigin has been turned off); and if
postfix sees that the dst domain lies within the mydestinations
list, it tries to deliver the email locally.

> I do not need the server to RELAY mail for anyone, but the scripts so I
> can probably do
> mynetworks = 127.0.0.0/8 and smtpd_client_restrictions =
> permit_mynetworks.
> I beleive this will not allow *anyone* outside that box to send a
> message...Right ?

So now you've wandered into the UCE (Unsolicited Commercial Email,
AKA spam) controls ... there are so many knobs and dials and frobs
on postfix, it's wise to try not too many of 'em at once. In
general, the fewer options you change, the easier it is to make
things work the way you want: postfix is shipped with "right"
defaults for most settings, and very few odd settings require
multiple related parameter changes; most needs can be met with a
gentle touch.

If this is just for sending locally-originated email, keep it
simple, don't even configure postfix to listen for smtp incoming
from over the internet, as I described above.

> Then I think smtpd_recipient_restrictions = (left blank) will not
> accept any mail, but will this just make it bomb, and then the client
> gets a reject ? I just want it to let the mail get routed to the proper
> box...

Get myorigin out of mydestination, that'll do most of it. Then see
if you need anything else.

> Also will root's mail still work if this is set this way?

Assuming you mean email to unqualified "root", if you want root's
email to be forwarded to server M, then yes, it'll work right. If
you want root's email to be delivered locally, you can do that with
a virtual map that goes

        root rootlocalhost

and an aliases map that re-routes root to some non-root local user
(since postfix refuses to deliver to root for security reasons).

-Bennett

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6VAXTHZWg9mCTffwRApqiAKCPv6mpItGu/7Ngl58xnVx2671DrwCcDQhW
doF2pMjKlXaBIPRgfJu789g=
=gLl2
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]