|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Ralf Hildebrandt (Ralf.Hildebrandt
berliner-volksbank.de)Date: Wed Apr 04 2001 - 03:50:01 CDT
Michael Schorr wrote:
> Is it possible that a not working reverse-lookup causes this problem.
Yes.
> I've checked the reverse-lookup at our ISP's secondary NS (pns.dtag.de)
> and it couldn't resolve.
Na bitte.
> Ok. It's called berlin.soft-gate.de not host.soft-gate.de.
>
> > Show "postconf -n" and master.cf and the contents of your transport
> > file!
>
> transport:
> soft-gate.de berlin.soft-gate.de
> .soft-gate.de berlin.soft-gate.de
Looking good. But try:
soft-gate.de [berlin.soft-gate.de]
.soft-gate.de [berlin.soft-gate.de]
> mydestination = $myhostname, localhost.$mydomain, $mydomain
> mydomain = soft-gate.de
> myhostname = fw2.soft-gate.de
$mydomain is in mydestination, is that correct?
BTW, if you have local commented out in master.cf, no local delivery
will occur.
Did you read http://www.postfix.org/faq.html#firewall ?
> smtpd_recipient_restrictions =
> reject_non_fqdn_sender,
> check_sender_access hash:/etc/postfix/sender_blacklist,
> check_recipient_access regexp:/etc/postfix/recipient_checks.regexp,
> check_recipient_access hash:/etc/postfix/recipient_checks,
> check_sender_access regexp:/etc/postfix/sender_checks.regexp,
> check_sender_access hash:/etc/postfix/sender_checks,
> reject
You never check for relaying. That's not good. Or I didn't understand
the setup.
> transport_maps = hash:/etc/postfix/transport
OK.
Your master.cf looks like a SuSE version...
As a firewall mailer, EVERY part of Postfix can run chrooted (since you
don't need the local daemon). Get the source, and run
examples/chroot-setup/LINUX2 and change master.cf to run any daemon
(except for local, which doesn't run at all) chrooted.
-- ralf.hildebrandt- To unsubscribe, send mail to majordomo
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]