Loading ...
Sorry, an error occurred while loading the content.

Directive "mynetwork" and "mynetwork_style"

Expand Messages
  • Muhammad Yousuf Khan
    i am confuse about the utilization of directives: mynetwork and mynetwork_style is mynetwork directive completely dependent on mynetwork_style . can i
    Message 1 of 5 , Dec 13, 2012
    • 0 Attachment
      i am confuse about the utilization of directives: "mynetwork" and
      "mynetwork_style"

      is "mynetwork" directive completely dependent on "mynetwork_style".
      can i use only "mynetwork" for relaying messages or i always have to
      use "mynetwork_style" along with "mynetwork" to allow relaying to
      particular host or subnet.

      thanks in advance.
    • Will
      ... mynetworks and mynetworks_style are essentially mutually exclusive; you use either one or the other. If you specify mynetworks, mynetworks_style is
      Message 2 of 5 , Dec 14, 2012
      • 0 Attachment

        On 12/14/12 01:43, Muhammad Yousuf Khan wrote:
        i am confuse about the utilization of directives: "mynetwork" and
        "mynetwork_style"
        
        is "mynetwork" directive completely dependent on "mynetwork_style".
        can i use only "mynetwork" for relaying messages or i always have to
        use "mynetwork_style" along with "mynetwork" to allow  relaying to
        particular host or subnet.
        
        thanks in advance.
        
        mynetworks and mynetworks_style are essentially mutually exclusive; you use either one or the other. If you specify mynetworks, mynetworks_style is ignored. Each is used to specify SMTP clients that are "trusted" by the server based on their IP address. mynetworks_style is used to specify trusted clients based on their relationship to the server's IP address, while mynetworks is specifies trusted clients by  explicitly giving their IP addresses or an IP address range. For example, specifying "mynetworks_style = subnet" indicates that all clients in that subnet are trusted, while mynetworks = 50.116.33.0/24 might be used instead to say the same thing (if 50.116.33.0/24 describes your subnet).

        These clients are "trusted" because the mynetworks (or mynetworks_style) parameter is used by smtpd to determine who is allowed to relay mail when the smtpd_relay_restrictions parameter contains "permit_mynetworks." If you haven't changed smtpd_relay_restrictions in your config, it defaults to "permit_mynetworks, reject_unauth_destination," which will allow those clients listed in mynetworks (or mynetworks_style) to relay mail. You only need to use mynetworks OR mynetworks_style (but not both) to enable relaying from certain clients.

        Read the documentation when you get confused. It is explained quite clearly here:
        http://www.postfix.org/postconf.5.html#mynetworks
        http://www.postfix.org/postconf.5.html#mynetworks_style
        http://www.postfix.org/postconf.5.html#smtpd_relay_restrictions

        -Will

      • Muhammad Yousuf Khan
        Thanks :)
        Message 3 of 5 , Dec 14, 2012
        • 0 Attachment
          Thanks :)


          On Fri, Dec 14, 2012 at 1:35 PM, Will <will@...> wrote:
          >
          > On 12/14/12 01:43, Muhammad Yousuf Khan wrote:
          >
          > i am confuse about the utilization of directives: "mynetwork" and
          > "mynetwork_style"
          >
          > is "mynetwork" directive completely dependent on "mynetwork_style".
          > can i use only "mynetwork" for relaying messages or i always have to
          > use "mynetwork_style" along with "mynetwork" to allow relaying to
          > particular host or subnet.
          >
          > thanks in advance.
          >
          > mynetworks and mynetworks_style are essentially mutually exclusive; you use
          > either one or the other. If you specify mynetworks, mynetworks_style is
          > ignored. Each is used to specify SMTP clients that are "trusted" by the
          > server based on their IP address. mynetworks_style is used to specify
          > trusted clients based on their relationship to the server's IP address,
          > while mynetworks is specifies trusted clients by explicitly giving their IP
          > addresses or an IP address range. For example, specifying "mynetworks_style
          > = subnet" indicates that all clients in that subnet are trusted, while
          > mynetworks = 50.116.33.0/24 might be used instead to say the same thing (if
          > 50.116.33.0/24 describes your subnet).
          >
          > These clients are "trusted" because the mynetworks (or mynetworks_style)
          > parameter is used by smtpd to determine who is allowed to relay mail when
          > the smtpd_relay_restrictions parameter contains "permit_mynetworks." If you
          > haven't changed smtpd_relay_restrictions in your config, it defaults to
          > "permit_mynetworks, reject_unauth_destination," which will allow those
          > clients listed in mynetworks (or mynetworks_style) to relay mail. You only
          > need to use mynetworks OR mynetworks_style (but not both) to enable relaying
          > from certain clients.
          >
          > Read the documentation when you get confused. It is explained quite clearly
          > here:
          > http://www.postfix.org/postconf.5.html#mynetworks
          > http://www.postfix.org/postconf.5.html#mynetworks_style
          > http://www.postfix.org/postconf.5.html#smtpd_relay_restrictions
          >
          > -Will
          >
        • mouss
          ... and it is recommended to use mynetworks. This is because mynetwork_style may open a hole in some situations (when your netwmaks is wide but you only own
          Message 4 of 5 , Dec 14, 2012
          • 0 Attachment
            Le 14/12/2012 11:28, Muhammad Yousuf Khan a écrit :
            > Thanks :)
            >

            and it is recommended to use mynetworks. This is because mynetwork_style
            may open a hole in some situations (when your netwmaks is wide but you
            only own few boxes in the same network. this is generally the case for
            residential networks).

            you can generally start with
            mynetworks = 127.0.0.1
            and then add the minimum subnets or IPs that need to relay via this
            postfix without SASL authentication.

            [snip]
          • Benny Pedersen
            ... dont define them in main.cf if defaults works postconf -d | grep mynetwork eg postfix knows all data from the host it runs on anyway so add # to the lines
            Message 5 of 5 , Dec 15, 2012
            • 0 Attachment
              Muhammad Yousuf Khan skrev den 14-12-2012 08:43:
              > i am confuse about the utilization of directives: "mynetwork" and
              > "mynetwork_style"

              dont define them in main.cf if defaults works

              postconf -d | grep mynetwork

              eg postfix knows all data from the host it runs on anyway

              so add # to the lines with mynetwork, mynetwork_style to keep defaults

              > is "mynetwork" directive completely dependent on "mynetwork_style".
              > can i use only "mynetwork" for relaying messages or i always have to
              > use "mynetwork_style" along with "mynetwork" to allow relaying to
              > particular host or subnet.

              yes, the parameters only need to be changed if you know more or if you
              have 2 servers that have diff physical wan ips or same owner of the
              networks that are not known on the host you run one server on
            Your message has been successfully submitted and would be delivered to recipients shortly.