From: Michael Weber (no email)
Date: Wed Dec 01 2004 - 11:50:19 EST
Here's what I want to do.
GroupWise 6.5 server
/\
|
\/
Linux FC-3 server, Postfix 2.1.5, Spamassassin 3.0.1
/\
|
\/
Internet (via Firewall)
What I have working right now is inbound email, spam scanning and UCE
filtering on the Linux box, and GroupWise sends emails out directly.
What I want to add is to have all outbound emails go through the Linux
server, but without the Spamassassin filtering. When I try, the Postfix
service denies the routing. (I figured I would solve the spamassassin
exception later.)
What do I need to do to allow the server located inside my firewall at
10.1.1.11 to send emails through the linux server, but disallow open
relaying?
Here's my postconf -n output:
postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/postfix/aliases
body_checks = $header_checks
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
header_checks = regexp:/etc/postfix/spam_checks
regexp:/etc/postfix/regexp_table
header_size_limit = 102400
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 40000000
mime_header_checks = $header_checks
mydestination = $myhostname, localhost.$mydomain, localhost
myhostname = mail-2.alliednational.com
mynetworks = 10.1.1.0/24, 10.1.16.0/20
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.1.5/README_FILES
relay_domains = $myhostname, localhost.$mydomain $mydomain
sample_directory = /usr/share/doc/postfix-2.1.5/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks,
reject_invalid_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
reject_unauth_destination,
check_recipient_access hash:/etc/postfix/recipient_access,
check_helo_access regexp:/etc/postfix/helo_access,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client zombie.dnsbl.sorbs.net,
reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client relays.ordb.org,
reject_rbl_client opm.blitzed.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client ws.surbl.org,
permit
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_domains = $virtual_alias_maps
virtual_alias_maps = hash:/etc/postfix/virtual
Thanx!
-Michael
CONFIDENTIALITY NOTICE: This communication and any
attached or enclosed files may contain information
that is privileged, confidential, proprietary and/or
otherwise protected from disclosure under applicable
law ("Confidential Information"). Any review,
retransmission, publication, dissemination,
distribution, forwarding, printing, copying, storing, saving
or other use or disclosure of this communication and/or the
Confidential Information, or taking any action in reliance
thereon, by an individual or entity other than the intended
recipient(s) is strictly prohibited.
This communication and the Confidential Information are
intended solely for the use of the individual(s) and/or
entity(ies) to which this communication is addressed.
If you are not the intended recipient(s) (or responsible
for delivery to said recipient(s)), please be advised
that you have received this communication in error and
have an obligation to promptly inform the sender by reply
e-mail or facsimile and to permanently delete, shred or
otherwise destroy, in its entirety, this original communication
and all copies thereof, whether in electronic or hard copy format.
|
|
|