OK, nobody has anything to say on this? On Fri, Apr 11, 2014 at 1:13 AM, Thijssen <jul...@gmail.com> wrote:
> We decided to create a special MX for just the bulk mailings within > our IP-block, the datacentre network we maintain. Here's where my > questions arise: > > The setup is as follows: > - We have many servers within the same range, 10.20.30.x (I'll use > IPv4 only for ease now), > some of them have websites and/or are shared hosting servers that are > using a SaaS home-made mailing-GUI for their newsletters and similar > high volume recipient list mails. > - Our primary MX that needs to send out the bulk for them all is 10.20.30.7 > - Is there a way to NOT have to tell postfix to allow the sending > domain names, but just the server's IP-addresses that hold those who'd > like to send out those mails via 10.20.30.7 ? > I would basically like them to use any (valid domain's) from-field > they want, and postfix would have to allow it because the source is > one of our own servers. How do I configure that? The postfix config mentions 'relay domains', an IP address is not a domain. > Below is my config, it does not want to relay mail from those local > servers and I'm not sure why. Do I really have to note down all > from-field domains as allowed or what is the best way to accomplish > this? I have commented out a lot in this config, because I'm working > on getting it as perfect as possible for our purpose. > > Thanks in advance for any and all feedback on this config, feel free > to add improvements: > [root@somemailer~]# cat /etc/postfix/main.cf > > smtpd_banner = $myhostname ESMTP $mail_name > #relay_domains = $mydestination, somemailer.net > #relay_recipient_maps = > #relayhost = > #transport_maps = hash:/etc/postfix/transport > > debug_peer_level = 2 > debugger_command = > PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin > ddd $daemon_directory/$process_name $process_id & sleep 5 > > alias_maps = hash:/etc/aliases > sendmail_path = /usr/sbin/sendmail.postfix > #newaliases_path = /usr/bin/newaliases.postfix > mailq_path = /usr/bin/mailq.postfix > setgid_group = postdrop > html_directory = no > manpage_directory = /usr/share/man > readme_directory = /usr/share/doc/postfix-2.8.14/README_FILES > > inet_protocols = ipv4 > # :-/ inet_protocols = all > inet_interfaces = 10.20.30.7, 127.0.0.1 > smtp_bind_address = > mynetworks = 127.0.0.0/8 [::1]/128 192.168.2.0/24, 10.20.30.0/24 > smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128 192.168.2.0/24 > 10.20.30.0/24 > smtp_send_xforward_command = yes > > mydomain = somemailer.net > myhostname = bulk.somemailer.net > myorigin = $myhostname > mydestination = $myhostname, localhost.$mydomain, localhost, > $mydomain, mailer.$mydomain > recipient_delimiter = + > > # tempfailed adapted to 3 minutes: > queue_run_delay = 180s > minimal_backoff_time = 180s > maximal_backoff_time = 3601s > > disable_vrfy_command = yes > biff = no > default_process_limit = 1000 > trigger_timeout = 1 > # ? in_flow_delay = 1s > smtpd_delay_reject = yes > > smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, > reject_unknown_sender_domain, check_sender_access > hash:/etc/postfix/sender_access, permit > smtpd_data_restrictions = reject_multi_recipient_bounce, > reject_unauth_pipelining, permit > smtpd_client_restrictions = permit_mynetworks > smtpd_relay_restrictions = permit_mynetworks, > reject_unauth_destination, permit_sasl_authenticated > smtpd_recipient_restrictions = reject_unauth_destination, > reject_invalid_hostname, reject_non_fqdn_recipient, > reject_unknown_recipient_domain, check_client_access > hash:/etc/postfix/whitelist, reject_unauth_pipelining, > reject_non_fqdn_sender, reject_unknown_sender_domain, > reject_rbl_client bl.spamcop.net, reject_rbl_client > hosts.rbl.zonnet.net, reject_rbl_client virbl.dnsbl.bit.nl, > reject_rbl_client bl.shlink.de, reject_rbl_client bl.blocklist.de, > reject_rbl_client spamguard.leadmon.net, reject_rbl_client > mail-abuse.blacklist.jippg.org, permit > > default_destination_concurrency_limit = 0 > smtp_destination_concurrency_limit = 0 > slow_destination_concurrency_failed_cohort_limit = 100 > smtp_destination_rate_delay = 1s > slow_destination_rate_delay = 1 > smtp_extra_recipient_limit = 10 > smtp_connect_timeout = 30 > smtp_extra_recipient_limit = 10 > smtpd_timeout = 3600s > smtpd_proxy_timeout = 3600s > smtpd_error_sleep_time = 2s > smtpd_soft_error_limit = 8 > smtpd_hard_error_limit = 18 > smtpd_recipient_limit = 120 > smtpd_reject_unlisted_recipient = yes > smtpd_reject_unlisted_sender = yes > smtpd_reject_footer = For assistance, contact us at > hostmas...@somemailer.nl, and please provide the following information > in your problem report: time ($localtime), client ($client_address) > and server ($server_name). > smtpd_client_message_rate_limit = 48 > smtpd_client_recipient_rate_limit = 30 > > queue_minfree = 122880000 > qmgr_message_active_limit = 12000 > qmgr_message_recipient_limit = 12000 > qmgr_site_hog_factor = 100 > bounce_size_limit = 150000 > mailman_destination_recipient_limit = 1 > mailbox_size_limit = 0 > message_size_limit = 20480000 Anyone?