RE: Accept mail for postmaseter, abuse while denying else

• Previous message: Benny Pedersen: "Re: Accept mail for postmaseter, abuse while denying else"
• Maybe in reply to: Andrew Long: "Accept mail for postmaseter, abuse while denying else"
• Next in thread: mouss: "Re: Accept mail for postmaseter, abuse while denying else"
• Reply: mouss: "Re: Accept mail for postmaseter, abuse while denying else"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

> -----Original Message-----
> From:
> [mailto:] On Behalf Of mouss
> Sent: Thursday, November 01, 2007 8:02 AM
> Cc:
> Subject: Re: Accept mail for postmaseter, abuse while denying else
>
> Andrew Long wrote:
> > I now have this server pretty much denying everything
> except relay for a (relay-ip) list of sites. My problem is that the
> server is apparently rejecting mail for <>
> and likely for <abuse@> also.
> How can I accept mail for these local users while denying all else?
> >
> > # 2007-11-01 - postconf -n
> > alias_maps = hash:/etc/aliases
> > command_directory = /usr/sbin
> > config_directory = /etc/postfix
> > daemon_directory = /usr/libexec/postfix debug_peer_level = 2
> > html_directory = no local_recipient_maps = mailq_path =
> > /usr/bin/mailq.postfix manpage_directory = /usr/share/man
> > mydestination = localhost.localdomain, host.domain.com mynetworks =
> > 127.0.0.0/8, /etc/postfix/relay-ip newaliases_path =
> > /usr/bin/newaliases.postfix readme_directory =
> > /usr/share/doc/postfix-2.2.10/README_FILES
> > relay_domains =
> > sample_directory = /usr/share/doc/postfix-2.2.10/samples
> > sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop
> > smtpd_banner = $myhostname ESMTP $mail_name
> smtpd_client_restrictions
> > =
> > permit_mynetworks,
> > reject_invalid_hostname,
> > reject_unknown_sender_domain,
> > reject_non_fqdn_recipient,
> > reject_rbl_client bl.spamcop.net,
> > permit
> > smtpd_helo_required = yes
> > smtpd_recipient_restrictions =
> > reject_non_fqdn_sender,
> > reject_non_fqdn_recipient,
> > reject_unknown_recipient_domain,
> > permit_mynetworks,
>
> here add:
>
> reject_unauth_destination
> check_recipient_access hash:/etc/postfix/roleaccount
>
> # cat roleaccount
> OK
> OK
> # postmap roleaccount
>
> the reject_unauth_destination is a safety measure, keep it to avoid
> accidentally becoming an open relay.
>
> > reject
> >
>
> so this server does not accept mail from the public. it should thus
> not be listed as an MX in DNS.
>

I did not think of that...
We had problems before we added a PTR with mail being denied for certain destinations. Will removing the MX but leaving the PTR work?

Andrew

• Previous message: Benny Pedersen: "Re: Accept mail for postmaseter, abuse while denying else"
• Maybe in reply to: Andrew Long: "Accept mail for postmaseter, abuse while denying else"
• Next in thread: mouss: "Re: Accept mail for postmaseter, abuse while denying else"
• Reply: mouss: "Re: Accept mail for postmaseter, abuse while denying else"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]