On Tuesday, May 22, 2012 at 11:32:11 UTC, [email protected] confabulated:
> In a nutshell, you'll want to prevent unprivileged traffic going to your > SMTP port(s). In other words, write firewall (iptables) rules to allow only > authorized clients to use them - if the RT machine is the only machine that > will be using the service, then you can drop anything and everything > coming to the SMTP port(s) on external interfaces like eth0, eth1 and so > forth. If you're unfamiliar with iptables, fwbuilder is a gui tool than can > ease the transition. You'll still need to do some reading though. > It may also be possible to configure postfix to only listen on the loopback > interface, or only listen to localhost, but I don't know offhand about that. Setting inet_interfaces in main.cf to localhost will do the trick: inet_interfaces = localhost > Regards, > Stephen J Alexander > MPBX, LLC > http://mpbx.com > 832-713-6729 > On Tue, May 22, 2012 at 1:48 AM, Scott Sjodin <[email protected]>wrote: >> Thanks Dave, I followed your advice and have postfix sending mail for me. >> >> This article helped a ton: >> http://www.howtoforge.com/postfix_relaying_through_another_mailserver >> >> Any advice on setting up security to prevent an open relay on my server? >> >> Thanks, >> >> Scott >> >> On Mon, May 21, 2012 at 8:03 PM, Dave Burgess <[email protected]> wrote: >> >>> In order to relay through a mail server, you either need to be sending >>> mail to someone on that server, or have authorization. >>> >>> There are thousands of posts on setting up Postfix for relaying. >>> >>> Basically, you need to "sign in" to the mail server you want to use using >>> some kind of authentication protocol. This will depend largely on the >>> configuration of the server. >>> >>> Since you are running PostFix, you can skip that step altogether and set >>> up Postfix to send mail out directly to the recipient. This would probably >>> be much easier in the long run. Just be sure to set up your own security >>> so that no one can use you as an open relay. >>> >>> Dave >>> >>> >>> >>> On 5/20/2012 8:40 AM, Scott Sjodin wrote: >>> >>> Hi all, >>> >>> If you recall (you probably don't) I was attempting to use msmtp to >>> send mail with my new RT 4.0.5 install. I have since abandoned >>> those efforts and am now attempting to use Postfix to do so. Fetchmail is >>> working fine, and I've followed the steps outlined in several install >>> guides for setting up postfix to send mail (I can post my main.cf file >>> for reference if requested). >>> >>> I am getting much further with Postfix already, but am still unable to >>> send mail. When I look in /var/log/syslog I see the following after >>> attempting to send a test message: >>> >>> May 20 06:35:08 Galactica postfix/smtp[14385]: C9F539019A: to=< >>> [email protected]>, relay=smtp.mailanyone.net[72.35.23.195]:25, >>> delay=0.53, delays=0.03/0.01/0.39/0.11, dsn=5.0.0, status=bounced (host >>> smtp.mailanyone.net[72.35.23.195] said: 550 relay not permitted (in >>> reply to RCPT TO command)) >>> >>> Any ideas? I'm at a loss here. -- If at first you don't succeed... ...so much for skydiving.
