|
|
Sponsored Content
Special Forums
IP Networking
Mail forwarding in small network with mailserver
Post 302150418 by hjallebk on Tuesday 11th of December 2007 11:54:59 AM
12-11-2007
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi,
I would like to set up an E-mail forwarding service like Netaddress whereby users would be able to create an E-mail account in my domain name and have all the mail sent to that account forwarded to an alternate address they specify.
I know that I can redirect mail sent to my domain using... (1 Reply)
Discussion started by: BigBro
1 Replies
2. UNIX for Dummies Questions & Answers
I have a simple question.
i have an e-mail account with an ISP on a Solaris box. I want to forward all the mail that comes to "only" me to another POP3 account. I used to have the commands written down on how to forward all but I have lost them. Is there a way to forward only e-mails that... (2 Replies)
Discussion started by: jsillers
2 Replies
3. UNIX for Dummies Questions & Answers
quick question.
I have a webserver that has various scripts for user registration and ect on it. I want to post (mail) these to myself - however I am a bit stuck on how to configure sendmail to do this.
The hosting partner that I use has provided me with the use of their relay to send on the... (1 Reply)
Discussion started by: warrend
1 Replies
4. UNIX for Advanced & Expert Users
Hello,
I need to forward mail wich are in some users mailbox. The .forward redirection is working for all new mails but not for old. Is someone know how to do this ?
Thanks (2 Replies)
Discussion started by: annececile
2 Replies
5. UNIX for Dummies Questions & Answers
Hi Everyone,
I am an intermediate to Unix.I want to forward the incoming messages for my Unix Account 'pdileep' to another mail account 'pdileep@ncmail.com'.
I tried out .forward option,but the forwarded message was not there in my Unix Account.
My requirement is like,i want to forward... (6 Replies)
Discussion started by: DILEEP410
6 Replies
6. Solaris
Hello everybody,
I have solaris 10 running on SF v890, I need to forward some sepecific root mails resulted from some application, (or all root mails) to other machine running Solaris 10 also.
does it have anything to do with mail relay, or just change the log settings???
Thanks in Advance... (1 Reply)
Discussion started by: aladdin
1 Replies
7. AIX
Greetings to all of you. I am a tad desperate here. I have found MANY articles scattered across the internet from google searches and unix.com searches for how to forward mail that say:
Create a ~/.forward file and put XXXX in it.
This is not what I need to do.
We have bunch of users... (1 Reply)
Discussion started by: DennisC31
1 Replies
8. UNIX for Dummies Questions & Answers
Hello everyone,
I am trying to create a forwarding scenario, and I do not seem to get it right!
I created a .forward file in the directory where my personal mailbox resides. In the file is the full address to deliver email to ... yet the emails do not seem to get forwarded.
Is there something... (3 Replies)
Discussion started by: gio001
3 Replies
9. UNIX for Dummies Questions & Answers
I am asking about my work account, running Linux on a system server. On pine, I set up a forward to another email account. I also keep a copy in the original account. The forward has been running fine for some time.
I believe the system sends the mail first to the forwarded account and then puts... (0 Replies)
Discussion started by: BLabel
0 Replies
10. UNIX for Dummies Questions & Answers
hello All,
I am not heavily conversant with *nix, so few of you may find the question to be naive.
Question : Will *nix Kernel process packets not originating from a loopback interface, but received on a loopback interface?
Scenario:
I have an application running which can strip packets... (2 Replies)
Discussion started by: brownbytes
2 Replies
LEARN ABOUT DEBIAN
mxallowd
mxallowd(1) User Manuals mxallowd(1) NAME
mxallowd - dynamically whitelist your Mail eXchanger SYNOPSIS
mxallowd [-d] [-c configfile] [-t whitelist-time] [-p pflog-interface] [-l pcap-filter] [-F] [-s] [-q] [-p] -f fake-mailserver -r real- mailserver -n queue-num DESCRIPTION
mxallowd is a daemon which uses libnetfilter_queue (on Linux) or pf and pflog (on BSD) to allow (or deny) connections to a mailserver (or similar application) if the remote host hasn't connected to a fake daemon before. This is an improved version of the so-called nolisting (see http://www.nolisting.org/). The assumption is that spammers are not using RFC 2821-compatible SMTP-clients and are sending fire-and-forget spam (directly to the first or second MX-entry without retrying on error). This direct access is blocked with mxallowd, you'll only get a connection if you retry. NOTE: It is highly recommended to install nscd (nameserver caching daemon) or a similar software in order to speed-up DNS lookups. Since version 1.3, DNS lookups are done in a thread (so they don't block the main process), however, on very-high-traffic-sites, mxallowd may show significantly better overall performance in combination with nscd. OPTIONS
-b, --no-rdns-whitelist Disable whitelisting all IP-addresses that have the same RDNS as the connecting one (necessary for google mail) -c, --config Specifies an alternative configuration file (instead of /etc/mxallowd.conf) -t, --whitelist-time Specify the amount of time (in seconds) until an IP-address will be removed from the whitelist -s, --stdout Log to stdout, not to syslog -q, --quiet Don't log anything but errors. -f, --fake-mailserver Specify which IP-address the fake mailserver has (connecting to it will whitelist you for the real mailserver) -r, --real-mailserver Specify which IP-address the real mailserver has -F, --foreground Do not fork into background, stay on console -n, --queue-num (only available when compiled for netfilter_queue) Specify the queue number which will be used for the netfilter_queue-link. This has to be the same which is specified in the ipta- bles-rule and it has to be specified, there is no default. -p, --pflog-interface (only available when compiled for pf) Specify the pflog(4) interface which you configured in pf(4). The default is pflog0. Also see the pcap-filter-option if you use an interface which does not only get smtp-traffic. -l, --pcap-filter (only available when compiled for pf) Specify the filter for pcap. The default is "port 25". See tcpdump(8) for more information on the filters. FILES
/etc/mxallowd.conf System-wide configuration file. Use the long options without the beginning two dashes. For example: stdout fake-mailserver 192.168.1.3 fake-mailserver 192.168.1.4 real-mailserver 192.168.1.5 queue-num 23 EXAMPLES FOR NETFILTER
The machine has two IP-addresses. The mailserver only listens on 192.168.1.4, the nameserver returns the mx-records mx1.domain.com (192.168.1.3) with priority 5 and mx2.domain.com (192.168.1.4) with priority 10. # modprobe nfnetlink_queue # iptables -A INPUT -p tcp --dport 25 -m state --state NEW -j NFQUEUE --queue-num 23 # mxallowd -s -F -f 192.168.1.3 -r 192.168.1.4 -n 23 Then open a separate terminal and connect via telnet on your real mailserver. You'll see the connection attempt being dropped. Now connect to the fake mailserver and watch mxallowd's output. Afterwards, connect to the real mailserver to verify your mailserver is still working. EXAMPLES FOR PF
The machine has two IP-addresses. The mailserver only listens on 192.168.1.4, the nameserver returns the mx-records mx1.domain.com (192.168.1.3) with priority 5 and mx2.domain.com (192.168.1.4) with priority 10. Create a pf.conf like this: table <mx-white> persist real_mailserver="192.168.1.4" fake_mailserver="192.168.1.3" real_mailserver6="2001:dead:beef::1" fake_mailserver6="2001:dead:beef::2" pass in quick log on fxp0 proto tcp from <mx-white> to $real_mailserver port smtp pass in quick log on fxp0 inet6 proto tcp from <mx-white> to $real_mailserver6 port smtp block in log on fxp0 proto tcp to { $fake_mailserver $real_mailserver } port smtp block in log on fxp0 inet6 proto tcp to { $fake_mailserver6 $real_mailserver6 } port smtp Afterwards, load it and start mxallowd using the following commands: # pfctl -f /etc/pf.conf # mxallowd -s -F -f 192.168.1.3 -r 192.168.1.4 Then open a separate terminal and connect via telnet on your real mailserver. You'll see the connection attempt being dropped. Now connect to the fake mailserver and watch mxallowd's output. Afterwards, connect to the real mailserver to verify your mailserver is still working. The ruleset for pf is actually longer because pf does more than netfilter on linux -- netfilter passes the packets and lets mxallowd decide whether to drop/accept whilst pf blocks/passes before even "passing" to mxallowd. SEE ALSO
iptables(8), pf(4), pflog(4), tcpdump(8) AUTHOR
Michael Stapelberg <michael+mxallowd at stapelberg dot de> Linux MARCH 2012 mxallowd(1)