Loading ...
Sorry, an error occurred while loading the content.

Re: Accept mail for postmaseter, abuse while denying else

Expand Messages
  • mouss
    ... if you send me mail claiming to be from foo@host.example.com, but I find out that I cannot send mail to foo@host.example.com, then I will block you,
    Message 1 of 7 , Nov 1, 2007
    • 0 Attachment
      Andrew Long wrote:
      >> -----Original Message-----
      >> From: owner-postfix-users@...
      >> [mailto:owner-postfix-users@...] On Behalf Of mouss
      >> Sent: Thursday, November 01, 2007 8:02 AM
      >> Cc: postfix-users@...
      >> Subject: Re: Accept mail for postmaseter, abuse while denying else
      >>
      >> Andrew Long wrote:
      >>> I now have this server pretty much denying everything
      >> except relay for a (relay-ip) list of sites. My problem is that the
      >> server is apparently rejecting mail for <postmaster@...>
      >> and likely for <abuse@> also.
      >> How can I accept mail for these local users while denying all else?
      >>> # 2007-11-01 - postconf -n
      >>> alias_maps = hash:/etc/aliases
      >>> command_directory = /usr/sbin
      >>> config_directory = /etc/postfix
      >>> daemon_directory = /usr/libexec/postfix debug_peer_level = 2
      >>> html_directory = no local_recipient_maps = mailq_path =
      >>> /usr/bin/mailq.postfix manpage_directory = /usr/share/man
      >>> mydestination = localhost.localdomain, host.domain.com mynetworks =
      >>> 127.0.0.0/8, /etc/postfix/relay-ip newaliases_path =
      >>> /usr/bin/newaliases.postfix readme_directory =
      >>> /usr/share/doc/postfix-2.2.10/README_FILES
      >>> relay_domains =
      >>> sample_directory = /usr/share/doc/postfix-2.2.10/samples
      >>> sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop
      >>> smtpd_banner = $myhostname ESMTP $mail_name
      >> smtpd_client_restrictions
      >>> =
      >>> permit_mynetworks,
      >>> reject_invalid_hostname,
      >>> reject_unknown_sender_domain,
      >>> reject_non_fqdn_recipient,
      >>> reject_rbl_client bl.spamcop.net,
      >>> permit
      >>> smtpd_helo_required = yes
      >>> smtpd_recipient_restrictions =
      >>> reject_non_fqdn_sender,
      >>> reject_non_fqdn_recipient,
      >>> reject_unknown_recipient_domain,
      >>> permit_mynetworks,
      >> here add:
      >>
      >> reject_unauth_destination
      >> check_recipient_access hash:/etc/postfix/roleaccount
      >>
      >> # cat roleaccount
      >> postmaster@... OK
      >> abuse@... OK
      >> # postmap roleaccount
      >>
      >> the reject_unauth_destination is a safety measure, keep it to avoid
      >> accidentally becoming an open relay.
      >>
      >>> reject
      >>>
      >> so this server does not accept mail from the public. it should thus
      >> not be listed as an MX in DNS.
      >>
      >
      > I did not think of that...
      > We had problems before we added a PTR with mail being denied for certain destinations. Will removing the MX but leaving the PTR work?
      >

      if you send me mail claiming to be from foo@..., but I find
      out that I cannot send mail to foo@..., then I will block
      you, whether you setup an MX or not.

      if on the other hand you never send mail from *@..., then
      you don't need to receive mail to such addresses, and as a result you
      don't need an MX.
    Your message has been successfully submitted and would be delivered to recipients shortly.