NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2003-12

Re: Help with relaying

From: Dom Gallagher (dgallagherstarnetusa.net)
Date: Mon Dec 01 2003 - 17:21:02 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 04:30 PM 12/1/2003, Lisa Casey wrote:
>[snip]
>As an example, one of the dialup IP blocks is 64.24.0.0/16 So I put
>64.24.0.0/16 in relay_domains in
>main.cf and I also put 64.24.0.0/16 in access (with the parameter OK) and
>created access.db using postmap.
>When one of my customers dials into that location, she gers this error
>message:
>Nov 30 15:35:42 localhost postfix/smtpd[22385]: reject: RCPT from
>02-186.751.popsite.net[64.24.209.186]: 554 <vinny1rcn.com>: Relay access
>denied; from=<mssskgcampbellcountry.com> to=<vinny1rcn.com>

Those IPs look familiar!
We use Postfix here (for the benefit of the list, I work for the
afore-mentioned wholesaler), so if you would like further help beyond the
pointers below, please feel free to contact our NOC.

>So my relaying is not working. I thought maybe postfix does not understand
>the CIDR notation (like SXendmail does not) so I changed 64.24.0.0/16 to
>just 64.24.0.0 in both main.cf (relay_domains) and in access. I redid
>access.db then restarted postfix. She is still getting a relay access
>denied.

Postfix can use CIDR, and the file you can obtain from our website is in a
form designed for use with Postfix without modification.
As Rob Foehl and others have already mentioned, you should not be using
relay_domains, but should be looking at either some form of authenticated
relaying (the docs on SASL or POP before SMTP at
http://www.postfix.org/docs.html are extremely comprehensive), or the
'mynetworks' directive.

You use something like:
mynetworks = $config_directory/mynetworks
in main.cf, then add the entry 'permit_mynetworks' in an appropriate place
in your smtp_*_restrictions entries.

For more help on relaying, check the Postfix docs on that subject:
http://www.postfix.org/basic.html#mynetworks or
http://www.postfix.org/uce.html#smtpd_recipient_restrictions. More
information and helpful links can also be found on Ralf Hildebrandt's
excellent Postfix site: http://sbserv.stahl.bau.tu-bs.de/~hildeb/postfix/

Hope that helps.

--
Dom Gallagher (dgallagherstarnetusa.net)
Development Engineering
StarNet/MegaPOP - http://www.megapop.net
WX is wireless - http://www.starnetwx.net

This message is sent in confidence to the addressees.
It may contain privileged, proprietary, or confidential information.

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]