[EnGarde] Re: postfix smtpd not sending

From: John W. Cahill Jr. <jwcahill_at_nospam>
Date: Mon Sep 17 2001 - 19:53:27 GMT
To: <engarde-users@engardelinux.org>

Eric,

Please let us know if you figure out how to get someone to use your SMTP server dynamically. I'm sure there are people interested other than myself, I've pretty much given up, for now..

John

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= John W. Cahill Jr.
jwcahill AT gonetinnovations DOT com
<><
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

> -----Original Message-----
> From: listadmin@engardelinux.org [mailto:listadmin@engardelinux.org]On
> Behalf Of Eric Patterson
> Sent: Monday, September 17, 2001 3:05 PM
> To: engarde-users@engardelinux.org
> Subject: [EnGarde] Re: postfix smtpd not sending
>
>
> Pete,
> Again thanks for your input, it turns out that I had a couple of things
> wrong. First in my /etc/postfix/main.cf file I had
>
> smtpd_recipient_restrictions=hash:/etc/postfix/recipient_access,ch
> eck_relay_
> domains,permit_mynetworks
>
> which upon closer inspection I found it was giving an error
> (Sep 12 00:12:02 ns1 postfix/smtpd[30154]: warning: restriction
> `permit_mynetworks' after `check_relay_domains' is ignored )
> because the permit_mynetworks came after check_relay_domains. So
> I changed
> it to
>
> smtpd_recipient_restrictions=hash:/etc/postfix/recipient_access,pe
> rmit_mynet
> works,check_relay_domains
>
> Second I did not have a reverse DNS listing for the client I was trying to
> send the mail from, which could have still worked if I had the internal
> network listed under the mynetworks.
>
> mynetworks = 127.0.0.0/8, 10.0.10.0/24
> instead of
> mynetworks = 127.0.0.0/8
>
> Anyways now that I can send mail from my local network, I am off to find a
> way to send mail from anywhere dynamically (as long as the user
> has a valid
> account on the server).
>
> Pete,
> By the way I read through your Postfix/Engarde Secure Linux HowTo and I
> found a minor typo. Under section "VI." subsection "3.) Transport
> Database:" You listed
>
> wiley-coyote.org smtp:mail.wiley-coyote.org
> wiley-coyote.org smtp:mail.wiley-coyote.org
>
> The second line should be preceded by an "." You address this in the text
> following the example but at first glance it can me a little confusing.
>
> Again I want to thank you helping all of us postfix challanged people.....
>
> Eric Patterson
>
>
>
>
>
> ----- Original Message -----
> From: "Pete O'Hara" <pete@guardiandigital.com>
> To: <engarde-users@engardelinux.org>
> Sent: Monday, September 17, 2001 6:32 AM
> Subject: [EnGarde] Re: postfix smtpd not sending
>
>
> > Eric Patterson wrote:
> >
> > > Pete,
> > > I am sorry, I forgot to add those files. Here they are, I
> hope they give
> you
> > > some more insight. Thanks for all your help.
> > >
> > > -----------------------------------
> > > egrep -v '^(#|$)' /etc/postfix/main.cf
> > > -------------------------------------
> > > biff = no
> > > queue_directory = /var/spool/postfix
> > > command_directory = /usr/sbin
> > > daemon_directory = /usr/libexec/postfix
> > > mail_owner = postfix
> > > myorigin = $myhostname
> > > mydestination = $myhostname, localhost.$mydomain
> > > smtpd_recipient_restrictions =
> > >
> hash:/etc/postfix/recipient_access,check_relay_domains,permit_mynetworks
> > > virtual_maps = hash:/etc/postfix/virtual
> > > relocated_maps = hash:/etc/postfix/relocated
> > > transport_maps = hash:/etc/postfix/transport
> > > relay_domains = $mydestination, takenmakepages.com, spinzz.com
> > > alias_maps = hash:/etc/postfix/aliases
> > >
> > > mynetworks = 127.0.0.0/8
> > > local_destination_concurrency_limit = 2
> > > default_destination_concurrency_limit = 10
> > > message_size_limit = 10240000
> > > debug_peer_level = 2
> > > debugger_command =
> > > PATH=/usr/bin:/usr/X11R6/bin
> > > xxgdb $daemon_directory/$process_name $process_id &
> sleep 5
> > > delay_warning_time = 4
> > > disable_vrfy_command = yes
> > >
> > > ----------------------------------
> > > postconf | grep restrict
> > > ----------------------------------
> > > smtpd_client_restrictions =
> > > smtpd_etrn_restrictions =
> > > smtpd_helo_restrictions =
> > > smtpd_recipient_restrictions =
> > >
> hash:/etc/postfix/recipient_access,check_relay_domains,permit_mynetworks
> > > smtpd_restriction_classes =
> > > smtpd_sender_restrictions =
> > >
> > > ----------------------------------
> > > /etc/postfix/virtual
> > > ----------------------------------
> > > takenmakepages.com VIRTUALDOMAIN
> > > takenmakepages@takenmakepages.com takenmakepages
> > > @takenmakepages.com admin@takenmakepages.com
> > >
> > > smackwagon.com VIRTUALDOMAIN
> > > eric@smackwagon.com eric
> > > smackwagon@smackwagon.com smackwagon
> > > @smackwagon.com eric
> > >
> > > spinzz.com VIRTUALDOMAIN
> > > zack@spinzz.com spinzz
> > > @spinzz.com epatterson@mticollege.com
> > >
> >
> > You need to either create a new virtual domain (or add to an existing
> domain)
> > and create an entry like:
> >
> > eric patersoneric@yahoo.com
> > (make sure you run "postmap hash:/etc/postfix/virtual" after editing
> the
> > "virtual" file.
> >
> > Also make sure your "recipient_access" map allows mail to the
> "eric@newdomain"
> > user. (Edit this map if you have to and run "postmap" on it)_
> >
> > Then include this new domain in the "relay_domains" parameter in main.cf
> > followed by the command "postfix reload".
> >
> > Most of this is covered in the Postfix-Howto link that I put in my prior
> email.
> >
> > Pete
> >
> >
> >
> > >
> > > ----------------------------------
> > > /etc/postfix/transport
> > > ----------------------------------
> > > (This file is blank)
> > >
> > > ----- Original Message -----
> > > From: "Pete O'Hara" <pete@guardiandigital.com>
> > > To: <engarde-users@engardelinux.org>
> > > Sent: Friday, September 14, 2001 5:35 AM
> > > Subject: [EnGarde] Re: postfix smtpd not sending
> > >
> > > > Eric Patterson wrote:
> > > >
> > > > > Pete,
> > > > > Thanks for your response. I have done some further research and I
> think
> > > what
> > > > > I am looking for is pop before smtp. That way no matter where my
> users
> > > are
> > > > > connecting from I have a way to authenticate them before I allow
> them
> > > access
> > > > > to relay mail remotely. Do you have any experience with this?
> > > >
> > > > Sorry, I haven't had a chance to work with pop before smtp yet. But
> > > looking at
> > > > the log message below it looks like your machine doesn't know about
> > > > patersoneric@yahoo.com. That's why I wanted to see the virtual and
> > > transport
> > > > files.
> > > >
> > > > Pete
> > > >
> > > > > From what I
> > > > > understand there are a couple of different ways to
> accomplish this.
> The
> > > > > first is to use tail -f command on the mail.log in a perl
> script to
> see
> > > it
> > > > > the user has authenticated. The second is to modify the pop server
> to
> > > write
> > > > > to a mySQL database when a user authenticates and then
> have the smtp
> use
> > > > > that for checking if the user has authenticated. The second option
> is
> > > the
> > > > > one I prefer because it will have less overhead on the server, but
> it
> > > also
> > > > > requires to modify the source code and recompile postfix
> with mySQL
> > > support.
> > > > >
> > > > > Here are the outputs
> > > > > -------------------------------------
> > > > > egrep -v '^(#|$)' /etc/postfix/main.cf
> > > > > -------------------------------------
> > > > > biff = no
> > > > > queue_directory = /var/spool/postfix
> > > > > command_directory = /usr/sbin
> > > > > daemon_directory = /usr/libexec/postfix
> > > > > mail_owner = postfix
> > > > > myorigin = $myhostname
> > > > > mydestination = $myhostname, localhost.$mydomain
> > > > > smtpd_recipient_restrictions =
> > > > >
> hash:/etc/postfix/recipient_access,check_relay_domains,permit_mynetworks
> > > > > virtual_maps = hash:/etc/postfix/virtual
> > > > > relocated_maps = hash:/etc/postfix/relocated
> > > > > transport_maps = hash:/etc/postfix/transport
> > > > > relay_domains = $mydestination, takenmakepages.com, spinzz.com
> > > > > alias_maps = hash:/etc/postfix/aliases
> > > > >
> > > > > mynetworks = 127.0.0.0/8
> > > > > local_destination_concurrency_limit = 2
> > > > > default_destination_concurrency_limit = 10
> > > > > message_size_limit = 10240000
> > > > > debug_peer_level = 2
> > > > > debugger_command =
> > > > > PATH=/usr/bin:/usr/X11R6/bin
> > > > > xxgdb $daemon_directory/$process_name $process_id & sleep 5
> > > > > delay_warning_time = 4
> > > > > disable_vrfy_command = yes
> > > > >
> > > > > ----------------------------------
> > > > > postconf | grep restrict
> > > > > ----------------------------------
> > > > > smtpd_client_restrictions =
> > > > > smtpd_etrn_restrictions =
> > > > > smtpd_helo_restrictions =
> > > > > smtpd_recipient_restrictions =
> > > > >
> hash:/etc/postfix/recipient_access,check_relay_domains,permit_mynetworks
> > > > > smtpd_restriction_classes =
> > > > > smtpd_sender_restrictions =
> > > > >
> > > > > ----- Original Message -----
> > > > > From: "Pete O'Hara" <pete@guardiandigital.com>
> > > > > To: <engarde-users@engardelinux.org>
> > > > > Sent: Thursday, September 13, 2001 5:00 AM
> > > > > Subject: [EnGarde] Re: postfix smtpd not sending
> > > > >
> > > > > > Eric Patterson wrote:
> > > > > >
> > > > > > > Hello,
> > > > > > > I am trying to setup postfix but can't seem to get it to work
> right.
> > > I
> > > > > have
> > > > > > > been searching through all of the posts since June to see if
> someone
> > > > > else
> > > > > > > has already solved the problem but came up empty handed.
> > > > > > >
> > > > > > > - I want my users to be able to send and receive mail from
> anywhere,
> > > all
> > > > > > > they have to do is set up the email client of their
> choice with
> the
> > > > > proper
> > > > > > > configs (making sure they select spop3/port:995 and not
> > > pop3/port:110).
> > > > > > >
> > > > > > > - I only want to relay mail that came from one of my
> users, not
> > > spamers
> > > > > > > sending out their crap. Because I don't know where my
> users will
> be
> > > > > > > connecting from I don't want to use their ip or a reverse dns
> lookup
> > > as
> > > > > the
> > > > > > > method for access, rather I want the server to look at who the
> mail
> > > is
> > > > > > > comming from. If it is comming from: myuser@mydomain.com to:
> > > > > > > somone@somedomain.com it is accepted. If it is comming from:
> > > > > > > someone@somedomain.com to:
> somoneelse@someotherdomain.com it is
> > > > > rejected.
> > > > > > >
> > > > > > > I am able to receive mail remotely and I can send
> mail remotely
> to a
> > > > > user on
> > > > > > > my server but when I try to send mail remotely to an outside
> address
> > > > > > > (pattersoneric@yahoo.com) I get an error message. When I say
> > > remotely I
> > > > > mean
> > > > > > > that I am not connected to the same network my server is
> connected
> > > to.
> > > > > Here
> > > > > > > is part of the mail.log file that shows the error message
> > > > > > >
> > > > > > > Sep 12 00:12:02 ns1 postfix/smtpd[30154]: connect from
> > > > > unknown[65.106.90.90]
> > > > > > >
> > > > > > > Sep 12 00:12:02 ns1 postfix/smtpd[30154]: A163D199B8:
> > > > > > > client=unknown[65.106.90.90]
> > > > > > >
> > > > > > > Sep 12 00:12:02 ns1 postfix/smtpd[30154]: reject: RCPT from
> > > > > > > unknown[65.106.90.90]: 554 <pattersoneric@yahoo.com>:
> Recipient
> > > > > > > addressrejected: Relay access denied;
> from=<eric@smackwagon.com>
> > > > > > > to=<pattersoneric@yahoo.com>
> > > > > > >
> > > > > > > Sep 12 00:12:02 ns1 postfix/smtpd[30154]: warning: restriction
> > > > > > > `permit_mynetworks' after `check_relay_domains' is ignored
> > > > > > >
> > > > > > > Sep 12 00:12:07 ns1 postfix/smtpd[30154]: disconnect from
> > > > > > > unknown[65.106.90.90]
> > > > > > >
> > > > > > > As you can see I was connecting remotely form ip 65.106.90.90
> (my
> > > > > servers
> > > > > > > address is 66.121.74.160).
> > > > > > >
> > > > > > > I want the server to look at who the mail is comming
> from and if
> is
> > > > > comming
> > > > > > > from a vaild email address on the server to go ahead and send
> it, if
> > > the
> > > > > > > email is comming from an outside source (spammer) the server
> will
> > > reject
> > > > > it.
> > > > > > > Let my know if you need any more info, like settings
> in mail.cf,
> > > > > > > hosts.allow, virtual, etc...
> > > > > > >
> > > > > > > Thanks
> > > > > > > Eric Patterson
> > > > > >
> > > > > > The output of the commands
> > > > > > egrep -v '^(#|$)' /etc/postfix/main.cf
> > > > > > postconf | grep restrict
> > > > > >
> > > > > > and the contents of /etc/postfix/virtual, transport would be
> helpful.
> > > > > > Also there is a Postfix-Howto for EnGarde at
> > > > > >
> > > > >
> http://www.linuxsecurity.com/feature_stories/feature_story-91-print.html
> > > > > > that you might want to check out. It may not cover all of your
> > > questions
> > > > > here
> > > > > > but it's another source of info that we offer.
> > > > > >
> > > > > > Pete
> > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > >
> > ------------------------------------------------------------------------
> > > > > > > To unsubscribe email
> engarde-users-request@engardelinux.org
> > > > > > > with "unsubscribe" in the subject of the message.
> > > > > >
> > > > > > --
> > > > > > Pete O'Hara
> > > > > > Systems Engineer
> > > > > > Guardian Digital, Inc.
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > >
> > ------------------------------------------------------------------------
> > > > > > To unsubscribe email engarde-users-request@engardelinux.org
> > > > > > with "unsubscribe" in the subject of the message.
> > > > > >
> > > > >
> > > >
> > ------------------------------------------------------------------------
> > > > > To unsubscribe email engarde-users-request@engardelinux.org
> > > > > with "unsubscribe" in the subject of the message.
> > > >
> > > > --
> > > > Pete O'Hara
> > > > Systems Engineer
> > > > Guardian Digital, Inc.
> > > >
> > > >
> > > >
> > >
> > ------------------------------------------------------------------------
> > > > To unsubscribe email engarde-users-request@engardelinux.org
> > > > with "unsubscribe" in the subject of the message.
> > > >
> > >
> > >
> ------------------------------------------------------------------------
> > > To unsubscribe email engarde-users-request@engardelinux.org
> > > with "unsubscribe" in the subject of the message.
> >
> > --
> > Pete O'Hara
> > Systems Engineer
> > Guardian Digital, Inc.
> >
> >
> >
> > ------------------------------------------------------------------------
> > To unsubscribe email engarde-users-request@engardelinux.org
> > with "unsubscribe" in the subject of the message.
> >
>
> ------------------------------------------------------------------------
> To unsubscribe email engarde-users-request@engardelinux.org
> with "unsubscribe" in the subject of the message.
>
>

To unsubscribe email engarde-users-request@engardelinux.org with "unsubscribe" in the subject of the message.

This message: [ Message body ]
Next message: John W. Cahill Jr.: "[EnGarde] Re: FTP"
Previous message: John W. Cahill Jr.: "[EnGarde] Re: AW: SSH2, Is Available"
In reply to: Eric Patterson: "[EnGarde] Re: postfix smtpd not sending"
Next in thread: Pete O'Hara: "[EnGarde] Re: postfix smtpd not sending"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]