Loading ...
Sorry, an error occurred while loading the content.
 

Re: port forwarding and subnet trusting

Expand Messages
  • Noel Jones
    ... Exclude the gateway address from mynetworks by prefacing that IP with ! . # main.cf mynetworks = !gatewayIP, internal, internal, ...
    Message 1 of 2 , May 30, 2006
      At 10:18 PM 5/29/2006, m listus wrote:
      >hi list!
      >i'm fairly new to postfix.
      >i've got this problem:
      >i migrated my postfix/cyrus/imapd servers from my
      >company's gateway to an internal (c class net)
      >dedicated mail server. the gateway port forwards smtp
      >to the mail server.
      >the problem is now that postfix has no more external
      >ip addr, i cannot restrict incoming mail to my domain.
      >as incoming spam is redirected from the gateway to the
      >mail server. and postfix considers the gateway in the
      >trusted network.
      >i keep getting spam, that bounces ad infinitum.
      >
      >how do i tell postfix to consider the gateway as relay
      >gateway? and to accept only emails for my domain? that
      >is without distrusting all my subnet for smtp relaying
      >to outside.

      Exclude the gateway address from mynetworks by prefacing
      that IP with "!".
      # main.cf
      mynetworks = !gatewayIP, internal, internal, ...

      http://www.postfix.org/postconf.5.html#mynetworks explains:
      The list is matched left to right, and the search stops on
      the first match. Specify "!pattern" to exclude an address
      or network block from the list.
      mynetworks = !192.168.0.1, 192.168.0.0/28

      --
      Noel Jones
    Your message has been successfully submitted and would be delivered to recipients shortly.