Relay and mynetworks
Hi, I always think that only hosts in mynetworks can do relay on my server, but... I created the following rule smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/dominios_permitidos, reject and put this on the dominios_permitidos map meudominio.com.br OK But when I do this, all hosts that use meudominio.com.br on the MAIL FROM command are allow to use my server to relay to the outside world. Even this host don't list on mynetworks. My main.cf file is following myhostname = r01.meudominio.com.br myorigin = $myhostname mydestination = local_recipient_maps = local_transport = error:Nao aceitamos entrega local mynetworks = 127.0.0.0/8 relay_domains = $mydestination inet_interfaces = all smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/dominios_permitidos, reject If I remove this last three lines the relay becomes close. Anyone knows how to restrict relay and only accept MAIL FROM my domain? Thanks for your attention!! Jerônimo
Re: Relay and mynetworks
On Fri, Nov 20, 2009 at 05:04:44PM -0200, Jeronimo wrote: Hi, I always think that only hosts in mynetworks can do relay on my server, but... I created the following rule smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/dominios_permitidos, reject This is a disasterously bad idea and turns you into an open relay. and put this on the dominios_permitidos map meudominio.com.br OK DO NOT do this. Restore smtpd_recipient_restrictions to its correct default value, and then start a new thread where you describe what problem motivated you do do this. If I remove this last three lines the relay becomes close. Anyone knows how to restrict relay and only accept MAIL FROM my domain? Set mynetworks correctly. Do NOTHING else. Postfix works correctly by default. What caused you to change the recipient restrictions? -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:majord...@postfix.org?body=unsubscribe%20postfix-users If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.
Re: Relay and mynetworks
I put the restriction on smtpd_recipient_restriction to log all attempts to send email. There is no difference to put this restriction on smtpd_sender_restriction. Only change the time that server rejects the message. I guess.. I chance the restriction because I want that only messages from mydomain pass through the relay. Thanks 2009/11/20 Victor Duchovni victor.ducho...@morganstanley.com On Fri, Nov 20, 2009 at 05:04:44PM -0200, Jeronimo wrote: Hi, I always think that only hosts in mynetworks can do relay on my server, but... I created the following rule smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/dominios_permitidos, reject This is a disasterously bad idea and turns you into an open relay. and put this on the dominios_permitidos map meudominio.com.br OK DO NOT do this. Restore smtpd_recipient_restrictions to its correct default value, and then start a new thread where you describe what problem motivated you do do this. If I remove this last three lines the relay becomes close. Anyone knows how to restrict relay and only accept MAIL FROM my domain? Set mynetworks correctly. Do NOTHING else. Postfix works correctly by default. What caused you to change the recipient restrictions? -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:majord...@postfix.org?body=unsubscribe%20postfix-users If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.
Re: Relay and mynetworks
Jeronimo: I chance the restriction because I want that only messages from mydomain pass through the relay. That is not what the configuration does. In reality, it forwards mail from anyone who sends mail with your domain name in the sender address. So put back the default smtpd_recipient_restrictions, and APPEND your sender access check AFTER reject_unauth_destination. Wietse Thanks 2009/11/20 Victor Duchovni victor.ducho...@morganstanley.com On Fri, Nov 20, 2009 at 05:04:44PM -0200, Jeronimo wrote: Hi, I always think that only hosts in mynetworks can do relay on my server, but... I created the following rule smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/dominios_permitidos, reject This is a disasterously bad idea and turns you into an open relay. and put this on the dominios_permitidos map meudominio.com.br OK DO NOT do this. Restore smtpd_recipient_restrictions to its correct default value, and then start a new thread where you describe what problem motivated you do do this. If I remove this last three lines the relay becomes close. Anyone knows how to restrict relay and only accept MAIL FROM my domain? Set mynetworks correctly. Do NOTHING else. Postfix works correctly by default. What caused you to change the recipient restrictions? -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:majord...@postfix.org?body=unsubscribe%20postfix-users If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.