Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: ACL for postfix or sendmail
Top Forums UNIX for Dummies Questions & Answers ACL for postfix or sendmail Post 302771218 by safsound on Wednesday 20th of February 2013 03:57:53 AM
Old 02-20-2013
Quote:
Originally Posted by DGPickett
And you want different sending domains to relay to different mail servers?
My MTA server dont use local mail distribution, just can relay somes customers. I know all IP source and domain that can use the MTA
They can use the MTA to relay on all destination (yahoo, google, etc ....)

The filter need to be only on incoming MTA with IP/DOMAIN match source

Actually my MTA can filter by IP or by source domain but not at same time to have a good secure filter
 

6 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Postfix Problem under mailx/sendmail command

Update: Problem solved with this command: /opt/soc/bin/postfix-setup ================================ Hi, I am trying the following mailx command: sadm@edwardwi-z:/etc$ mailx ewijaya@gmail.com Subject: test foo . . EOT But it gives the following error ... (0 Replies)
Discussion started by: monkfan
0 Replies

2. UNIX for Dummies Questions & Answers

postfix queue filling up (from sendmail?)

What is filling up my postfix queue (/var/spool/postfix/deferred/)? I had a perl script running via crontab to monitor my IP connection and send me a mail via sendmail. Now I have a huge queue of emails I keep getting. I've removed the crontab and the script. If I clear out... (0 Replies)
Discussion started by: kumakuma
0 Replies

3. OS X (Apple)

postfix queue filling up (from sendmail?)

What is filling up my postfix queue (/var/spool/postfix/deferred/)? I had a perl script running via crontab to monitor my IP connection and send me a mail via sendmail. Now I have a huge queue of emails I keep getting. I've removed the crontab and the script. If I clear out... (1 Reply)
Discussion started by: kumakuma
1 Replies

4. UNIX for Dummies Questions & Answers

Mail tranmission issue: Postfix/Sendmail

Hi, I have email that is being routed from one server to another server it seems. The sending server has postfix running and the receiving server has sendmail running. The sendmail status is receiving connection. The sending server cannot seem to reach the receiving server. Error logs state... (0 Replies)
Discussion started by: mojoman
0 Replies

5. Solaris

Replace sendmail with Postfix

Hi, I am assigned to replace sendmail with Postfix in solaris 10. Can anyone please tell what are the steps should be taken like files to backup and what are the configurations should be taken care and so on??????? Appreciate any help.... (0 Replies)
Discussion started by: bpsunadm
0 Replies

6. UNIX for Dummies Questions & Answers

French characters in postfix/sendmail

Hello again, How can I send emails via postfix with special characters like "à" via postfix. When I'm paste-ing the special character inside a editor (nano) it shows like this --> � ... any tips? (1 Reply)
Discussion started by: galford
1 Replies

LEARN ABOUT DEBIAN

dkimproxy.out

dkimproxy.out(8)					      System Manager's Manual						  dkimproxy.out(8)

NAME

       dkimproxy.out - SMTP proxy for adding DKIM signatures to email

DESCRIPTION

       dkimproxy.out listens on the IP address and TCP port specified by its first argument (the "listen" port), and sends the traffic it receives
       onto the second argument (the "relay" port), with messages getting modified to have a DKIM or DomainKeys signature.

SYNOPSIS

	 dkimproxy.out [options] --keyfile=FILENAME --selector=SELECTOR 		 --domain=DOMAIN LISTENADDR:PORT RELAYADDR:PORT
	   smtp options:
	     --conf_file=FILENAME
	     --listen=LISTENADDR:PORT
	     --relay=RELAYADDR:PORT
	     --reject-error

	   signing options:
	     --signature=dkim|domainkeys
	     --keyfile=FILENAME
	     --selector=SELECTOR
	     --method=simple|nowsp|relaxed|nofws
	     --domain=DOMAIN

	   daemon options:
	     --daemonize
	     --user=USER
	     --group=GROUP
	     --pidfile=PIDFILE
	     --min_servers=NUM

	 dkimproxy.out --help
	   to see a full description of the various options

OPTIONS

       --daemonize

       If specified, the server will run in the background.

       --domain=DOMAIN

       Use this argument to specify what domain(s) you can sign for. You may specify multiple domains by separating them with commas. If a  single
       domain  is  specified,  DKIMproxy  will always use that domain to sign, if it can. If multiple domains are specified, DKIMproxy will try to
       match the domain to the message's sender, and only generate a signature that will match the sender's domain.

       --group=GROUP

       If specified, the daemonized process will setgid() to the specified GROUP.

       --keyfile=FILENAME

       This is a required argument. Use it to specify the filename containing the private key used in signing outgoing messages. For  messages	to
       verify,	you  will  need  to  publish  the  corresponding  public key in DNS, using the selector name specified by C<--selector>, under the
       domain(s) specified in C<--domain>.

       --method=simple|nowsp|relaxed|nofws

       This option specifies the canonicalization algorithm to use for signing messages. For DKIM signatures, the options are C<simple>, C<nowsp>,
       or C<relaxed>; the default is C<relaxed>. For DomainKeys signatures, the options are C<simple> and C<nofws>; the default is C<nofws>.

       --pidfile=PIDFILE

       Creates a PID file (a file containing the PID of the process) for the daemonized process. This makes it possible to check the status of the
       process, and to cleanly shut it down.

       --reject-error

       This option specifies what to do if an error occurs during signing of a message. If this option is specified, the message will be  rejected
       with  an SMTP error code. This will result in the MTA sending the message to try again later, or bounce it back to the sender (depending on
       the exact error code used). If this option is not specified, the message will be allowed to pass through without having a signature added.

       --selector=SELECTOR

       This is a required argument. Use it to specify the name of the key selector.

       --sender_map=FILENAME

       If specified, the named file provides signature parameters depending on what sender is found in the message. See the section  below  titled
       L</"SENDER MAP FILE">.

       --signature=dkim|domainkeys

       This  specifies	what  type of signature to add. Use C<dkim> to sign with IETF standardized DKIM signatures. Use C<domainkeys> to sign with
       the older, but more common, Yahoo! DomainKeys signatures.  The default is C<dkim>.

       This parameter can be specified more than once to add more than one signature to the message. In addition, per signature parameters can	be
       specified by enclosing the comma separated options in parenthesis after the signature type, e.g.

	 --signature=dkim(c=relaxed,key=private.key)

       The syntax for specifying per signature options is described in more detail in the section below titled L</"SENDER MAP FILE">.

       --user=USER

       If  specified, the daemonized process will setuid() to USER after completing any necessary privileged operations, but before accepting con-
       nections.

       --min_servers=NUM

       Number of process that DKIMproxy shall spawn and get ready for signing.

EXAMPLE

       For example, if dkimproxy.out is started with:

	 dkimproxy.out --keyfile=private.key --selector=postfix 	  --domain=example.org 127.0.0.1:10027 127.0.0.1:10028

       the proxy will listen on port 10027 and send the signed messages to some other SMTP service on port 10028.

CONFIGURATION FILE

       Parameters can be stored in a separate file instead of specifying them all on the command line. Use the C<conf_file> option to specify  the
       path to the configuration file, e.g.

	 dkimproxy.out --conf_file=/etc/dkimproxy_out.conf

       The format of the configuration file is one option per line: name of the option, space, then the value of the option. E.g.

	 # this is an example config file
	 domain example.org,example.com
	 keyfile private.key
	 selector postfix
	 signature dkim

       is equivalent to

	 dkimproxy.out --domain=example.org,example.com --keyfile=private.key		      --selector=postfix --signature=dkim

SENDER MAP FILE

       If  you	want to use different signature properties depending on the sender of the message being signed, use a "sender map file". This is a
       lookup file containing sender email addresses on the left and signature properties on the right. E.g.

	 # sign my mail with a EXAMPLE.COM dkim signature
	 jason@long.name  dkim(d=example.com)

	 # sign WIDGET.EXAMPLE mail with a default domainkeys signature
	 widget.example   domainkeys

	 # sign EXAMPLE.ORG mail with both a domainkeys and dkim signature
	 example.org	  dkim(c=relaxed,a=rsa-sha256), domainkeys(c=nofws)

       Right hand values in a sender map file is a comma separated list of signature types. Each signature type may have a comma separated list of
       parameters enclosed in parenthesis. The following signature parameters are recognized:

       key

       the private key file to use

       a

       the algorithm to use

       c

       the canonicalization method to use

       d

       the domain to use, default is to use the domain matched

       s

       the selector to use

SEE ALSO

       dkimproxy.in(8), dkim_responder(8), dkimsign(8),  dkimverify(8)

																  dkimproxy.out(8)
All times are GMT -4. The time now is 06:09 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy