NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2007-12

Re: Recipient validation

From: mouss (mlist.onlyfree.fr)
Date: Mon Dec 03 2007 - 12:02:23 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Rocco Scappatura wrote:
>>> Maybe it could be disabled or it is necessary?
>>>
>> It's not absolutely necessary, but it's good to have. fix
>> your dns resolution issue instead.
>>
>
> I've tried from my PC.. I don't think that I have to publish my PC on
> DNS to send an email through the appliance..
>
>>>>> Furthermore, I get 'Relay access denied' while I try to
>> relay from
>>>>> 'mynetworks'..
>>> What do you think about this further and more serious problem'
>> since your config changed many times, post the full config
>> (postconf -n and master.cf) in a single mail.
>
> (I have restored the master.cf agreed with you and Victor)
>
> alias_database = hash:/opt/trend/imss/postfix/etc/aliases
> alias_maps = hash:/opt/trend/imss/postfix/etc/aliases
> command_directory = /opt/trend/imss/postfix/usr/sbin
> config_directory = /opt/trend/imss/postfix/etc/postfix
> content_filter = imss:localhost:10025
> daemon_directory = /opt/trend/imss/postfix/usr/libexec/postfix
> debug_peer_level = 2
> default_process_limit = 200
> html_directory = no
> in_flow_delay = 3s
> inet_interfaces = all
> mail_owner = postfix
> mailbox_size_limit = 102400000
> mailq_path = /opt/trend/imss/postfix/usr/bin/mailq
> manpage_directory = /opt/trend/imss/postfix/usr/local/man
> mynetworks = 127.0.0.1,10.0.0.0/8,127.0.0.0/8, and others
> mynetworks_style = subnet
> newaliases_path = /opt/trend/imss/postfix/usr/bin/newaliases
> queue_directory = /var/spool/postfix
> queue_minfree = 104857600
> rbl_reply_maps = hash:/opt/trend/imss/postfix/etc/postfix/imss_rbl_reply
> readme_directory = no
> relay_domains = localhost, and others
> sample_directory = /opt/trend/imss/postfix/etc/postfix
> sendmail_path = /opt/trend/imss/postfix/usr/sbin/sendmail
> setgid_group = postdrop
> smtpd_banner = fqdn ESMTP IMSA
> smtpd_client_restrictions = reject_rbl_client
> STBUA8LSY2W9SVXKAYKP2Q8WH93X5HF.r.mail-abuse.com,reject_rbl_client
> STBUA8LSY2W9SVXKAYKP2Q8WH93X5HF.q.mail-abuse.com
> smtpd_delay_reject = yes
> smtpd_sender_restrictions = reject_unknown_sender_domain
> reject_unauth_destination reject_unverified_recipient

This is it. no permit_mynetworks. remove smtpd_client_restrictions and
smtpd_sender_restrictions , and use:

smtpd_recipient_restrictions =
        permit_mynetworks
        reject_unauth_destination
        reject_unknown_sender_domain
        reject_unverified_recipient

> transport_maps = $default_database_type:$config_directory/transportList
> unknown_local_recipient_reject_code = 550
>
> while the master.cf is :
>
> smtp inet n - n - - smtpd
> pickup fifo n - n 60 1 pickup
> cleanup unix n - n - 0 cleanup
> qmgr fifo n - n 300 1 qmgr
> tlsmgr unix - - n 1000? 1 tlsmgr
> rewrite unix - - n - - trivial-rewrite
> bounce unix - - n - 0 bounce
> defer unix - - n - 0 bounce
> trace unix - - n - 0 bounce
> verify unix - - n - 1 verify
> flush unix n - n 1000? 0 flush
> proxymap unix - - n - - proxymap
> smtp unix - - n - - smtp
> relay unix - - n - - smtp
> -o fallback_relay=
> showq unix n - n - - showq
> error unix - - n - - error
> discard unix - - n - - discard
> local unix - n n - - local
> virtual unix - n n - - virtual
> lmtp unix - - n - - lmtp
> anvil unix - - n - 1 anvil
> scache unix - - n - 1 scache
>
> imss unix - - n - 70 smtp
> -o smtp_use_tls=no
> -o disable_dns_lookups=yes
> -o smtp_connect_timeout=$imss_connect_timeout
> -o smtp_data_done_timeout=$imss_timeout
>
> localhost:10026 inet n - n - 70 smtpd
> -o smtpd_use_tls=no
> -o content_filter=
> -o smtpd_timeout=$imss_timeout
> -o myhostname=fqdn
> -o mynetworks=127.0.0.1
> -o smtpd_delay_reject=no
> -o smtpd_client_restrictions=permit_mynetworks,reject
> -o smtpd_sender_restrictions=
> -o smtpd_recipient_restrictions=permit_mynetworks,reject
> -o receive_override_options=no_unknown_recipient_checks,
> no_address_mappings
> maildrop unix - n n - - pipe
> flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
> old-cyrus unix - n n - - pipe
> flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
> cyrus unix - n n - - pipe
> user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension}
> ${user}
> uucp unix - n n - - pipe
> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
> ($recipient)
> ifmail unix - n n - - pipe
> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> bsmtp unix - n n - - pipe
> flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
> $recipient
>
> Thanks,
>
> rocsca
>
>

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]