Next message: Petri Riihikallio: "[OT] E-mail call center management"
Hello
I am running postfix 2.4.5 here..
The current setup is as follows: mail comes in to our "border" mail server
which scans it for spam/viruses and hands it off to an internal postfix
server
The internal postfix servers utilize this:
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
So they reject all mail that goes to nonexistent accounts.
However, I want the emails addressed to nonexistent emails to never make it to
the internal postfix servers, I want the border gateway to reject those...
but I also do not want to put our internal aliases file onto the "border"
postfix servers, in case they are ever broken into I do not want the
attackers to see our internal server names (border gateways are in the DMZ).
So, I made a valid_emails file with a script, in the format of:
OK
(thats a tab between the email and the OK)
I put the following directive in main.cf :
relay_recipient_maps = hash:/etc/postfix/valid_emails
I also ran postmap hash:/etc/postfix/valid_emails and it created
valid_emails.db ..
However, upon testing, the border gateway still relays the email to our
internal mail server (although the email address does not exist).
I read these links (but I do not see what I did wrong):
http://www.postfix.org/postconf.5.html#relay_recipient_maps
http://www.postfix.org/ADDRESS_CLASS_README.html
http://www.postfix.org/ADDRESS_CLASS_README.html#relay_domain_class
Here's the output of postconf -n on the "border" gateway:
-----------
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = imss:localhost:10025
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
default_process_limit = 400
delay_warning_time = 6h
html_directory = no
inet_interfaces = all
local_recipient_maps =
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
maximal_queue_lifetime = 3d
message_size_limit = 15728640
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mydomain = vmsinfo.com
myhostname = lpo-relay-03.vmsinfo.com
mynetworks = 127.0.0.1, 66.194.0.150, 66.162.41.162, 10.0.0.0/8,
216.169.0.0/16
newaliases_path = /usr/bin/newaliases.postfix
qmgr_message_active_limit = 50000
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES
relay_domains = $mydestination,vidmon.com, vidmon.net, vmsinfo.com,
sis-us.com, sis-na.com, vmsdigital.com, statewidemonitoring.com,
kirk.vmsinfo.com, r2d2.vmsinfo.com, prtrak.com, vmsads.com, vmsadsearch.com,
vmsnews.com, integratedperspective.com
relay_recipient_maps = hash:/etc/postfix/valid_emails
sample_directory = /usr/share/doc/postfix-2.2.10/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_banner = ESMTP Postfix with TrendMicro InterScan Messaging Security
Suite
smtpd_enforce_tls = no
smtpd_recipient_limit = 1000
smtpd_timeout = 300s
smtpd_use_tls = no
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
----------
let me know if any otther information would be helpful!
Thanks in advance,
Val
