Loading ...
Sorry, an error occurred while loading the content.

Re: SOLVED (of course): postfix stopped relaying after client changed IP address

Expand Messages
  • /dev/rob0
    ... The original issue was to be able to relay from a dynamic residential IP address on your server. Your solution, adding the dynamic IP to mynetworks, is
    Message 1 of 7 , Jan 30, 2013
    • 0 Attachment
      On Tue, Jan 29, 2013 at 12:22:35PM +0100, M. Fioretti wrote:
      > of course, any comment on this is still welcome, as well as on any
      > weakness in my server postconf -n output.

      The original issue was to be able to relay from a dynamic residential
      IP address on your server. Your solution, adding the dynamic IP to
      mynetworks, is less than ideal in many ways. For one thing, it's a
      high-maintenance solution, where you must change mynetworks with
      every IP address change. For another, what if you don't get to it?
      What if the new owner of your previous IP address is running malware
      with an open relay tester? What if that malware finds you? Ouch!

      The standard solution is SASL AUTH (typically also requiring TLS
      encryption for security.) This is covered here:

      http://www.postfix.org/SOHO_README.html#client_sasl_enable

      A less common, but very good, solution is TLS authentication, which
      is covered here:

      http://www.postfix.org/TLS_README.html#server_access

      If you don't want to get into all that, you can use a VPN like
      openvpn to make a tunnel through which to send your mail, and add
      your tunnel IP address to mynetworks.
      --
      http://rob0.nodns4.us/ -- system administration and consulting
      Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
    Your message has been successfully submitted and would be delivered to recipients shortly.