On Tue, Jul 04, 2000 at 05:00:11PM +0200, Giuliano Cocchi wrote:
> Yes, i receive mail from outside for my local and virtual domain,
> and only the listed networks can use my server to send mail to outside.
Something's wrong then... That final :deny rule should reject any outside TCP
connection to your port 25. Which means no mail. The last rule should be :allow (or
nothing at all, which implies :allow)
RC
>
> On Tue, 04 Jul 2000, you wrote:
> > On Tue, Jul 04, 2000 at 04:36:22PM +0200, Giuliano Cocchi wrote:
> > > Intruducing
> > > 192.168.0.:allow,RELAYCLIENT=""
> > > (and each other network managed by your server)
> > > :deny
> >
> > Are you sure? It shouldn't! Are you getting any mail from the outside at all?
> >
> > RC
> >
> > > it's works correctly !!
> > >
> > >
> > > On Tue, 04 Jul 2000, ertan payci wrote:
> > > > Im afraid, i had a wrong view of the system.
> > > > Well i must admit that my idea was not very accurate. It was a very easy
> > > > way to
> > > > make sure that it (somehow) works. But Adam McKenna ist absolutely
> > > > right.
> > > > Actually it ist not the right way.
> > > >
> > > > So i reproduced your configuration but had no problems.
> > > > If your problem still exists, i can send you pieces of my local
> > > > configuration files.
> > > >
> > > > Regards.
> > > >
> > > >
> > > >
> > > > Giuliano Cocchi wrote:
> > > > >
> > > > > Yes, deleting rcphosts the relay works correcly. But this pose the problem to
> > > > > deny the relay to unwanted people.
> > > > > Through the tcp.smtpd i can really manage the relay?
> > > > >
> > > > > On Tue, 04 Jul 2000, ertan payci wrote:
> > > > > > Hello,
> > > > > >
> > > > > > Let me see if i got it right: you have users using your mailbox as
> > > > > > mailhost,and want
> > > > > > them to be able to use your mailhost as relay. Right ?
> > > > > > IMHO you should just delete rcpthosts and manage your relaying stuff
> > > > > > through
> > > > > > your tcp.smtp.cdb stuff. Your tcp.smtp looks correct, so give it a
> > > > > > trial.
> > > > > >
> > > > > > Regards
> > > > > >
> > > > > > Ertan
> > > > > >
> > > > > > Barry Dwyer wrote:
> > > > > > >
> > > > > > > Hi all,
> > > > > > >
> > > > > > > I've got qmail running properly on a system with a DMZ-firewall setup.
> > > > > > > All the local clients are behind the firewall, addressed as 192.168.0.n.
> > > > > > > The firewall (a debian box) and the mail server are connected to our
> > > > > > > ADSL router and both have class-C addresses. The clients all have hosts
> > > > > > > files referencing the mail server.
> > > > > > >
> > > > > > > My tcp.smtp file has proper settings to allow the local clients to work
> > > > > > > as RELAYCLIENTS:
> > > > > > >
> > > > > > > 127.0.0.1:allow,RELAYCLIENT=""
> > > > > > > 192.168.0.:allow,RELAYCLIENT=""
> > > > > > > :allow
> > > > > > >
> > > > > > > (I've recompiled it just to be sure and, yes, the reference in the qmail
> > > > > > > startup script points to the proper file '-x/etc/tcp.smtp.cdb')
> > > > > > >
> > > > > > > If I create a rcpthosts file with just the local domain in it (that's
> > > > > > > all I want), then every local client that tries to send mail out to the
> > > > > > > 'net gets a qmail error message saying the destination domain is not in
> > > > > > > the list of receipt hosts (or something to that effect).
> > > > > > >
> > > > > > > Is the problem that qmail, running on a mail server, with it's class-C
> > > > > > > address, doesn't like the "192" block addresses in tcp.smtp? I've set up
> > > > > > > qmail servers before as multihomed systems with a class-C card *and* and
> > > > > > > internal one. Must I do that here?
> > > > > > >
> > > > > > > Thanks
> > > > > > > Barry Dwyer
> >
> > --
> > +-------------------
> > | Ricardo Cerqueira
> > | PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42
> > | Novis - Engenharia ISP / Rede T�cnica
> > | P�. Duque Saldanha, 1, 7� E / 1050-094 Lisboa / Portugal
> > | Tel: +351 21 3166730/00 (24h/dia) - Fax: +351 21 3166701
--
+-------------------
| Ricardo Cerqueira
| PGP Key fingerprint - B7 05 13 CE 48 0A BF 1E 87 21 83 DB 28 DE 03 42
| Novis - Engenharia ISP / Rede T�cnica
| P�. Duque Saldanha, 1, 7� E / 1050-094 Lisboa / Portugal
| Tel: +351 21 3166730/00 (24h/dia) - Fax: +351 21 3166701
