Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

ACL for postfix or sendmail

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers ACL for postfix or sendmail
# 1  
Old 02-14-2013
ACL for postfix or sendmail
Hello,

i want to know how to configure a MTA to relay somes domain by IP source, example :

toto.com and titi.com can relay with ip sender 10.2.2.0/24 only
lulu.com can relay with ip sender 192.168.0.4/32 only
all domain can relay with ip sender 172.0.0.5/32 only

It's possible with policy server (postfix) but i dont know how to write policy about it Smilie
Or if it's possible with sendmail ?

i know how to allow relay by IP or by From: with /etc/mail/access but not twice at same time

Thanks

Safsound
Last edited by safsound; 02-14-2013 at 08:13 AM..
# 2  
Old 02-14-2013
Possible in sendmail but if it takes rewrite rules, very demanding. You mean incoming mail will be relayed to one of several hosts by domain? Nothing delivered locally? Or are you talking about outgoing mail? ACL is a file permission thing, usually.

Postfix is pretty standard about this sort of thing: Postfix SMTP relay and access control
# 3  
Old 02-19-2013
Quote:
Originally Posted by DGPickett
Possible in sendmail but if it takes rewrite rules, very demanding. You mean incoming mail will be relayed to one of several hosts by domain? Nothing delivered locally? Or are you talking about outgoing mail? ACL is a file permission thing, usually.

Postfix is pretty standard about this sort of thing: Postfix SMTP relay and access control
Yes, i just want relay (outgoing) somes network to use my MTA, no local mail, example :

somes network -------> my MTA -----> outgoing mail (all destination)

i want filter somes network/domain from incoming but nothing to outgoing,

But i need to match network with his domain. not just allow a domain incoming or network incoming but twice

i see access control for postfix but i dont find any configuration example to help me
# 4  
Old 02-19-2013
And you want different sending domains to relay to different mail servers?
# 5  
Old 02-20-2013
Quote:
Originally Posted by DGPickett
And you want different sending domains to relay to different mail servers?
My MTA server dont use local mail distribution, just can relay somes customers. I know all IP source and domain that can use the MTA
They can use the MTA to relay on all destination (yahoo, google, etc ....)

The filter need to be only on incoming MTA with IP/DOMAIN match source

Actually my MTA can filter by IP or by source domain but not at same time to have a good secure filter
# 6  
Old 02-20-2013
So, this is just a common outgoing email server to support clients, which must shun spammers.

Reverse lookup can be set up to say any domain, unless it checks with a forward lookup to match.

I guess in postfix you put your IPs in mynetworks and set to restrict: http://www.postfix.org/SMTPD_ACCESS_README.html#lists

From the man page referenced there, how to set mynetworks: http://www.postfix.org/postconf.5.html#mynetworks
Last edited by DGPickett; 02-20-2013 at 02:49 PM..
# 7  
Old 02-22-2013
Quote:
Originally Posted by DGPickett
So, this is just a common outgoing email server to support clients, which must shun spammers.

Reverse lookup can be set up to say any domain, unless it checks with a forward lookup to match.

I guess in postfix you put your IPs in mynetworks and set to restrict: Postfix SMTP relay and access control

From the man page referenced there, how to set mynetworks: Postfix Configuration Parameters
Thanks but i dont find any example to write the good syntax

example :

10.5.5.10 can send from toto.com on all domain in outgoing
 
Login or Register to Ask a Question

Previous Thread | Next Thread

6 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

French characters in postfix/sendmail

Hello again, How can I send emails via postfix with special characters like "à" via postfix. When I'm paste-ing the special character inside a editor (nano) it shows like this --> � ... any tips? (1 Reply)
Discussion started by: galford
1 Replies

2. Solaris

Replace sendmail with Postfix

Hi, I am assigned to replace sendmail with Postfix in solaris 10. Can anyone please tell what are the steps should be taken like files to backup and what are the configurations should be taken care and so on??????? Appreciate any help.... (0 Replies)
Discussion started by: bpsunadm
0 Replies

3. UNIX for Dummies Questions & Answers

Mail tranmission issue: Postfix/Sendmail

Hi, I have email that is being routed from one server to another server it seems. The sending server has postfix running and the receiving server has sendmail running. The sendmail status is receiving connection. The sending server cannot seem to reach the receiving server. Error logs state... (0 Replies)
Discussion started by: mojoman
0 Replies

4. OS X (Apple)

postfix queue filling up (from sendmail?)

What is filling up my postfix queue (/var/spool/postfix/deferred/)? I had a perl script running via crontab to monitor my IP connection and send me a mail via sendmail. Now I have a huge queue of emails I keep getting. I've removed the crontab and the script. If I clear out... (1 Reply)
Discussion started by: kumakuma
1 Replies

5. UNIX for Dummies Questions & Answers

postfix queue filling up (from sendmail?)

What is filling up my postfix queue (/var/spool/postfix/deferred/)? I had a perl script running via crontab to monitor my IP connection and send me a mail via sendmail. Now I have a huge queue of emails I keep getting. I've removed the crontab and the script. If I clear out... (0 Replies)
Discussion started by: kumakuma
0 Replies

6. UNIX for Dummies Questions & Answers

Postfix Problem under mailx/sendmail command

Update: Problem solved with this command: /opt/soc/bin/postfix-setup ================================ Hi, I am trying the following mailx command: sadm@edwardwi-z:/etc$ mailx ewijaya@gmail.com Subject: test foo . . EOT But it gives the following error ... (0 Replies)
Discussion started by: monkfan
0 Replies
Login or Register to Ask a Question