On Dec 6, 2010, at 12:02 PM, Levan, Jerry wrote: > Hi, > > I have a nameserver setup for my local home network and I have > my iPad configured to be a member of my local net when I turn > on wifi on the iPad. I also have the DNS set to my local DNS.
Let's hope you also have the local DNS server as the only listed DNS server for all the machine on your local network otherwise you'll have issues. What does `sysutil --dns` show? > Whenever I attempt to send mail from the iPad to any of the > machines on my local network I get access denied. "Access denied"??? Is that the exact error message? This message appears on your client/ipad? Are you permitting un-authenticated access / relaying from hosts on your local network CIDR block? > There is nothing in the mail log file or the system log file > that gives any reason... And you have what level of verbosity set? > I *can* send mail from machine to machine with no problem. > > I note that when I invoke mail on the iPad that the only 'From' > address that I can specify are addresses from configured mail > servers. Why would you be sending mail from accounts for which you don't have access to? > My gut feeling is that the mail servers 'think' that mail > sent from the iPad are really attempting to do a 'relay' and > I think that 'relaying' is by default turned off. All mail, except for addresses destined for the local SMTP server's host(s) are relayed, it's how SMTP works. Relaying can't be turned off, but it normally is restricted. So, yes, of course it's thinking this. > How can I turn on relaying in Postfix on my Macs to test the > hypothesis? Did you read the docs? This is all covered. Specifically it sounds like you may want to re-read those docs and check to make sure you've got your local network's CIDR block listed in the permitted list of network for which you accept relaying. What does `grep "mynetworks = " /etc/postfix/main.cf` show? > Is there a minimally dangerous way to enable relaying? You should only permit authenticated users that are off your local network and permit local network users without authentication. Or require and use authentication for everyone (safest.) -d ------------------------------------------------------------------------ Dan Shoop Computer Scientist [email protected] GoogleVoice: 1-646-402-5293 aim: iWiring twitter: @colonelmode _______________________________________________ MacOSX-admin mailing list [email protected] http://www.omnigroup.com/mailman/listinfo/macosx-admin
