[rlug] Re: Postfix open relay

Dragos Manac Thu, 15 Jul 2004 01:44:44 -0700

On Thu, 2004-07-15 at 11:28, Alex B wrote:
> Salut!
> 
> Puteti sa-mi spuneti ce am gresit in urmatoarea
> configuratie de postfix de a ajuns acest server open
> relay ? A ajuns deja in majoritatea black
> list-urilor... :( 
> Am cautat pe google si pe liste de dicuutiii dar tot
> nu am reusit sa rezolv problema.
> Avetzi mila de mine, sunt incepator in linux.
> 
> 192.1.1.0/24 este clasa de ip-uri din care face parte
> si serverul (stiu ca nu e clasa C corecta de LAN dar
> asa a fost configurata reteaua si e destul de dificil
> de schimbat acum...)


uh, pai asta aceepta de la oricine din clasa aia, nu vad ce l-ar
impiedica pe unul din 192.1.1... sa te foloseasca drept relay.

> 192.168.1.0/24 apartinei unei retele care se
> conecteaza prin un tunel la reteaua cu postfixu' 
> Eu am incercat sa adaug ultimele linii (cele
> comentate) dar fara nici un rezultat... (inafara de
> imposibilitatea de a trimite si eu mail :( )
> 
> in /etc/postfix/relay_recipients am adugat toti useri
> sub forma: [EMAIL PROTECTED] 1 ,dar nu mai pot trimite
> nici eu mail daca il activez...
> 
> m-am uitat pe mai multe configuratii de la serverele
> unor prieteni si nu am vazut nic o diferentza notabila
> si ei nu sunt open relay...
> 
> Un prieten mi-a sugerat sa folosesc tcp wrapers. E o
> idee buna? Ce e pro si ce e contra? daca are cineva
> chef sa explice pe scurt...
> 
> Astept orice sugestie.
> 
> Multumesc
> Alexban
> 
> main.cf:
> 
> readme_directory =
> /usr/share/doc/packages/postfix/README_FILES
> mail_spool_directory = /var/mail
> virtual_maps = hash:/etc/postfix/virtual
> relocated_maps = hash:/etc/postfix/relocated
> masquerade_exceptions = root
> masquerade_classes = envelope_sender, header_sender,
> header_recipient
> masquerade_domains = domeniu.ro
> disable_dns_lookups = no
> mailbox_command =
> mailbox_transport =
> strict_rfc821_envelopes = no
> smtp_sasl_auth_enable = no
> smtpd_sasl_auth_enable = no
> smtpd_use_tls = no
> smtp_use_tls = no
> alias_maps = hash:/etc/aliases
> mailbox_size_limit = 0
> message_size_limit = 10240000
> myhostname = mail.domeniu.ro
> mydestination = $myhostname, localhost.$mydomain,
> $mydomain
> mydomain = domeniu.ro
> myorigin = $mydomain
> mynetworks = 192.1.1.0/24 192.168.1.0/24 127.0.0.0/8
> relay_domains = $mynetworks
> smtp_skip_quit_response = no
> smtp_skip_4xx_greeting = no
> append_dot_mydomain = no
> maximal_queue_lifetime = 1d
> unknown_local_recipient_reject_code = 450
> invalid_hostname_reject_code = 574
> canonical_maps = hash:/etc/postfix/canonical
> sender_canonical_maps =
> hash:/etc/postfix/sender_canonical
> ignore_mx_lookup_error = yes
> maps_rbl_domains = 
>  bl.spamcop.net dsn.rfc-ignorant.org 
>  dul.dnsbl.sorbs.net sbl.spamhaus.org list.dsbl.org
> #smtpd_helo_required = yes
> #smtpd_helo_restrictions =
> hash:#/etc/postfix/helo_access
> #sau
> #smtpd_helo_restrictions = 
> # permit_mynetworks
> # reject_unauth_destination,
> # reject_non_fqdn_hostname
> # reject_unknown_hostname
> #smtpd_recipient_restrictions = permit_mynetworks,
> #check_relay_domains, reject
> #smtpd_sender_restrictions = permit_mynetworks,
> #reject_unknown_client, reject
> #smtpd_client_restrictions = permit_mynetworks, reject
> #relay_recipient_maps =
> hash:#/etc/postfix/relay_recipients
-- 
You wanna fight an evildoer? Go smack yourself around the room for an
hour!


--- 
Detalii despre listele noastre de mail: http://www.lug.ro/

[rlug] Re: Postfix open relay

Raspunde prin e-mail lui