Re: [CentOS] restricting mails from mail command to specific domains only in postfix
Hi, I'm not very familiar with postfix. I think you have to set relayhost = ip or host name of CentOS relayin server parameter in 5 Linux servers which are relaying there's mails via CentOS server. Try this. Thanks Joshua Gimer wrote: On Thu, Jan 1, 2009 at 4:26 AM, ankush grover ankushcen...@gmail.com wrote: Hi Friends, I have configured Postfix mail server on Centos for relaying mails from 5 linux servers (including itself) within the same LAN. The postfix mail server should relay mails from these 5 linux servers for specific domains only. For example hosts 192.168.0.23/24/25/26/27 and the postfix mail server should only be able to receive and send mails from and to example.com,example2.com and example3.com domains only. Below is the configuration of the postfix mail server myhostname = test.example.com myorigin = $mydomain inet_interfaces = all mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mynetworks_style = subnet mynetworks = 192.168.0.23/32,192.168.0.24/32,192.168.0.25/32,127.0.0.1/32,192.168.0.26/32,192.168.0.27/32 ,relay_domains = $mydestination,example.com,example2.com,example3.com smtpd_recipient_restrictions = reject_unauth_destination,permit_mynetworks,reject The issue I am facing is that whenever things are working fine when I check the things through telnet but when I do testing through command line through mail command I am able to send mails to any domain from these 5 servers. bash-2.05$ telnet test.example.com 25 Trying 192.168.0.27... Connected to test. Escape character is '^]'. 220 test.example.com ESMTP Postfix (2.2.5) mail from:ankush.gro...@example.com 250 Ok 501 Syntax: RCPT TO: address rcpt to:ank...@gmail.com 554 ank...@gmail.com: Relay access denied How can I restrict mails even going through mail command from these 5 servers to specific domains only. These 5 servers are running some cronjobs and these cronjobs output it mailed through mail command. Regards Ankush ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos If you are using sendmail as the local MTA on these 5 systems (default) did you change your smarthost configuration to forward mail through your postfix mail relay? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] restricting mails from mail command to specific domains only in postfix
ankush grover a écrit : Hi Friends, I have configured Postfix mail server on Centos for relaying mails from 5 linux servers (including itself) within the same LAN. The postfix mail server should relay mails from these 5 linux servers for specific domains only. For example hosts 192.168.0.23/24/25/26/27 and the postfix mail server should only be able to receive and send mails from and to example.com,example2.com and example3.com domains only. Below is the configuration of the postfix mail server myhostname = test.example.com myorigin = $mydomain inet_interfaces = all mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mynetworks_style = subnet mynetworks = 192.168.0.23/32,192.168.0.24/32,192.168.0.25/32,127.0.0.1/32,192.168.0.26/32,192.168.0.27/32 ,relay_domains = $mydestination,example.com,example2.com,example3.com smtpd_recipient_restrictions = reject_unauth_destination,permit_mynetworks,reject The issue I am facing is that whenever things are working fine when I check the things through telnet but when I do testing through command line through mail command I am able to send mails to any domain from these 5 servers. bash-2.05$ telnet test.example.com 25 Trying 192.168.0.27... Connected to test. Escape character is '^]'. 220 test.example.com ESMTP Postfix (2.2.5) mail from:ankush.gro...@example.com 250 Ok 501 Syntax: RCPT TO: address rcpt to:ank...@gmail.com 554 ank...@gmail.com: Relay access denied How can I restrict mails even going through mail command from these 5 servers to specific domains only. These 5 servers are running some cronjobs and these cronjobs output it mailed through mail command. smtpd_*_restrictions apply to mail submitted via SMTP (which is the case if you use telnet or if mail is received from a remote machine). but mail submitted via the sendmail command (which is the case when you use the 'mail' command) is not subject to these restrictions. in short, with your current config, you have what you want except for mail submitted via a sendmail on the relay itself. do you really want to restrict the latter? unless you are using selinux or the like to prevent other programs from connecting to the network, a program can simply connect directly to outside. if you insist, then force mail to be passed to an smtpd using -o content_filter in master.cf: pickup -o content_filter=relay:[127.0.0.1]:25 with this, mail received via the sendmail command will be passed to 127.0.0.1 port 25 and you get what you want. but there is a caveat here: if after being received on port 25, the message is reinjected using the sendmail command (say from a content filter or from maildrop/procmail/whatever), then it will go to 127.0.0.1:25 again, and so on. and at sometime, you'll get an infinite loop error message (which won't loop, because internal messages are not subject to content_filter!) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] restricting mails from mail command to specific domains only in postfix
On Sat, Jan 3, 2009 at 5:07 AM, mouss mo...@ml.netoyen.net wrote: ankush grover a écrit : Hi Friends, I have configured Postfix mail server on Centos for relaying mails from 5 linux servers (including itself) within the same LAN. The postfix mail server should relay mails from these 5 linux servers for specific domains only. For example hosts 192.168.0.23/24/25/26/27 and the postfix mail server should only be able to receive and send mails from and to example.com,example2.com and example3.com domains only. Below is the configuration of the postfix mail server myhostname = test.example.com myorigin = $mydomain inet_interfaces = all mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mynetworks_style = subnet mynetworks = 192.168.0.23/32,192.168.0.24/32,192.168.0.25/32,127.0.0.1/32,192.168.0.26/32,192.168.0.27/32 ,relay_domains = $mydestination,example.com,example2.com,example3.com smtpd_recipient_restrictions = reject_unauth_destination,permit_mynetworks,reject The issue I am facing is that whenever things are working fine when I check the things through telnet but when I do testing through command line through mail command I am able to send mails to any domain from these 5 servers. bash-2.05$ telnet test.example.com 25 Trying 192.168.0.27... Connected to test. Escape character is '^]'. 220 test.example.com ESMTP Postfix (2.2.5) mail from:ankush.gro...@example.com 250 Ok 501 Syntax: RCPT TO: address rcpt to:ank...@gmail.com 554 ank...@gmail.com: Relay access denied How can I restrict mails even going through mail command from these 5 servers to specific domains only. These 5 servers are running some cronjobs and these cronjobs output it mailed through mail command. smtpd_*_restrictions apply to mail submitted via SMTP (which is the case if you use telnet or if mail is received from a remote machine). but mail submitted via the sendmail command (which is the case when you use the 'mail' command) is not subject to these restrictions. Seems so. in short, with your current config, you have what you want except for mail submitted via a sendmail on the relay itself. The issue was on one of the linux server the relay host was not defined in sendmail and I was testing the mail configuration that server. Anyway now mails from other domains are getting denied from all the 5 servers and only thing left is how to restrict mails from the relay host (postfix mail server). Mouss has given a good example and I will try that. Thanks to all of you for helping me out :) Regards Ankush ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] restricting mails from mail command to specific domains only in postfix
On Thu, Jan 1, 2009 at 4:26 AM, ankush grover ankushcen...@gmail.com wrote: Hi Friends, I have configured Postfix mail server on Centos for relaying mails from 5 linux servers (including itself) within the same LAN. The postfix mail server should relay mails from these 5 linux servers for specific domains only. For example hosts 192.168.0.23/24/25/26/27 and the postfix mail server should only be able to receive and send mails from and to example.com,example2.com and example3.com domains only. Below is the configuration of the postfix mail server myhostname = test.example.com myorigin = $mydomain inet_interfaces = all mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mynetworks_style = subnet mynetworks = 192.168.0.23/32,192.168.0.24/32,192.168.0.25/32,127.0.0.1/32,192.168.0.26/32,192.168.0.27/32 ,relay_domains = $mydestination,example.com,example2.com,example3.com smtpd_recipient_restrictions = reject_unauth_destination,permit_mynetworks,reject The issue I am facing is that whenever things are working fine when I check the things through telnet but when I do testing through command line through mail command I am able to send mails to any domain from these 5 servers. bash-2.05$ telnet test.example.com 25 Trying 192.168.0.27... Connected to test. Escape character is '^]'. 220 test.example.com ESMTP Postfix (2.2.5) mail from:ankush.gro...@example.com 250 Ok 501 Syntax: RCPT TO: address rcpt to:ank...@gmail.com 554 ank...@gmail.com: Relay access denied How can I restrict mails even going through mail command from these 5 servers to specific domains only. These 5 servers are running some cronjobs and these cronjobs output it mailed through mail command. Regards Ankush ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos If you are using sendmail as the local MTA on these 5 systems (default) did you change your smarthost configuration to forward mail through your postfix mail relay? -- Thx Joshua Gimer ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
