[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sheflug] Postfix setup

To: shef-lug [at] xxxxxxxxxxxxxxxxxxx
Subject: Re: [Sheflug] Postfix setup
From: Denis Nikitin <dnn [at] xxxxxxxxxxxxxxxx>
Date: Wed, 06 Aug 2003 15:16:43 +0100
Delivered-to: shef-lug [at] list.sheflug.org.uk
List-help: <mailto:shef-lug-request [at] list.sheflug.org.uk?subject=help>
List-id: Sheflug <shef-lug.list.sheflug.org.uk>
List-post: <mailto:shef-lug [at] list.sheflug.org.uk>
List-subscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=subscribe>
List-unsubscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=unsubscribe>
Reply-to: shef-lug [at] xxxxxxxxxxxxxxxxxxx
Sender: shef-lug-admin [at] xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5a) Gecko/20030611 Thunderbird/0.1a

Chris Johnson wrote:

I think I've sussed it!

Checking the var/log/mail.* files I found it was the "reject unauth
pipelining" which meant it was getting beyond the "access" file when
processing "smtpd_client_restrictions" (set to check_client_access
hash:/etc/postfix/access, reject_unauth-pipelining) and rejecting my mail.

Great! Glad you 've cracked it.
Not quite sure how reject_unauth-pipelining could be the problem since it's only
suppose to protect you from mass-mailing programs (those guys who trying to speed up delivery by pipelining commands).
Anyway, good it's working - you can tune it later.
As about postmap and /etc/access file - I had the same problems at the beginning, but now it's working fine,
and I don't remember what I did to make it work as it should :((
Putting networks and hosts directly into main.cf will definitely help. The only problem if you need to serve a lot of different
hosts/netwoks and main.cf become kind of messy. I always in favour of more systematic approach :)

Is it possible to see the queued outgoing mail? (assuming its not sent
immediately)

queue listing:

postqueue -p

if you need to flush mail queue:
postfix flush

Hope others will help with some analyzing tools/scripts.
By the way, it's always useful to get yourself familiar with postfix queue management:
http://www.postfix.org/queuing.html

Would it be possible for a PC outside our IPCop firewalled network to
connect to our SMTP server and send mail by spoofing the address of one of
our own PCs (listed in teh access file? I'm thinking that the Linux box
stays on overnight and as we're on ADSL there might be a bit of a security
risk.

Why not to try configure SMTP AUTH? I haven't done it on our box yet, but it seems like
a logical solution to your problem of serving 'alien' clients.
Best regards,
Denis.

___________________________________________________________________

Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html

GNU the choice of a complete generation.

References:
- RE: [Sheflug] Postfix setup
  - From: Chris Johnson

Prev by Date: [Sheflug] Cups, printers and despair
Next by Date: RE: [Sheflug] Postfix setup
Previous by thread: RE: [Sheflug] Postfix setup
Next by thread: RE: [Sheflug] Postfix setup
Index(es):
- Date
- Thread