LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 09-04-2009, 03:07 AM   #1
tikit
Member
 
Registered: Feb 2008
Posts: 84

Rep: Reputation: 16
Postfix - accepting mails for a concrete recipient


hi,

we have a Postfix mail relay server. Not to be an open relay we use check_sender_access restriction with allowed sender domains. Is there a way how to configure postfix to accept mails from any domain for a specified recipient? Something like
Code:
if (recipient_address==host@mydomain.com) accept;
We have an admin mailbox and we need it to be accessible from everywhere.

Thanks for your help.

Last edited by tikit; 09-04-2009 at 03:13 AM.
 
Old 09-05-2009, 12:13 PM   #2
iphigenie
Member
 
Registered: Aug 2009
Location: IDLE, UK
Distribution: Slackware
Posts: 30

Rep: Reputation: 9
It has been a while so it might have changed but
back when I knew something about postfix you would have a

Code:
check_recipient_access (file pointer here, typically hash:/path/to/recipient/filter)
entry ABOVE your sender checks and in the file you could put

Code:
host@mydomain.com OK
(or it might be ACCEPT, cant remember)

if you search for check_recipient_access in the docs you'll probably get what you need
 
Old 09-07-2009, 04:49 AM   #3
tikit
Member
 
Registered: Feb 2008
Posts: 84

Original Poster
Rep: Reputation: 16
Thanks for your answer but does not work for me.
I set this in main.cf
Code:
#check_sender_access regexp:/etc/postfix/reg_sender_access
smtpd_sender_restrictions =
 check_sender_access regexp:/etc/postfix/reg_sender_access
 warn_if_reject reject_non_fqdn_sender
 warn_if_reject reject_unknown_sender_domain

smtpd_recipient_restrictions =
 check_recipient_access regexp:/etc/postfix/reg_recipient_access
 permit_mynetworks
 warn_if_reject reject_unknown_recipient_domain
 reject_unauth_destination
and in /etc/postfix/reg_recipient_access

Code:
/host@mydomain.com/ OK
If I try to send an email to host@mydomain.com from a domain not listed in reg_sender_access, I get
Code:
Sender address rejected: Access denied (in reply to RCPT TO command)
.

What I need is some kind of exception for a recipient address.

Thanks.
 
Old 09-07-2009, 09:19 AM   #4
jimjones
Member
 
Registered: May 2005
Location: Belgium
Distribution: slackware 10.2
Posts: 43

Rep: Reputation: 15
concrete?
are you in the building business?
 
Old 09-07-2009, 09:26 AM   #5
tikit
Member
 
Registered: Feb 2008
Posts: 84

Original Poster
Rep: Reputation: 16
sorry for my english. I mean for an explicitly specified recipient. Thanks for correction.
 
Old 09-08-2009, 06:11 AM   #6
iphigenie
Member
 
Registered: Aug 2009
Location: IDLE, UK
Distribution: Slackware
Posts: 30

Rep: Reputation: 9
The problem there is the order - since you put the sender restrictions first, the system never gets to the recipient rules.

You need to look at what is in your reg_sender_access to make it a bit less drastic - you can always catch some of these in rules later, in the more general ruleset

Last edited by iphigenie; 09-08-2009 at 06:17 AM.
 
Old 09-08-2009, 06:24 AM   #7
iphigenie
Member
 
Registered: Aug 2009
Location: IDLE, UK
Distribution: Slackware
Posts: 30

Rep: Reputation: 9
this page is really useful

http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt

look for that bit and the examples that follow

Quote:
Understanding The Order In Which UCE Checks Are Applied

Anti-UCE/Anti-Virus processing is applied in the following order:

1. SMTPD Restrictions
2. Header/body Checks
3. Content Filters


Understanding The Order In Which SMTPD Restrictions Are Applied

There are three parts to restrictions:

restriction "stages"
restrictions
access lists (or maps)

Postfix' restriction stages are as follows, and are processed in the
following order:

smtpd_client_restrictions
smtpd_helo_restrictions
smtpd_sender_restrictions
smtpd_recipient_restrictions
smtpd_data_restrictions

regardless of the order in which they're listed in main.cf.

Processing *within* a restriction stage ends on the first match,
with the exception of a "DUNNO" result.

What means "DUNNO?" "DUNNO" means "I don't know, somebody
else decide." DUNNO is covered in more detail, later.
 
Old 09-08-2009, 10:04 AM   #8
tikit
Member
 
Registered: Feb 2008
Posts: 84

Original Poster
Rep: Reputation: 16
Thanks iphigenie. It works now. I put the checks into smtpd_recipient_restrictions
Code:
smtpd_recipient_restrictions =
 permit_mynetworks
 check_sender_access regexp:/etc/postfix/reg_sender_access
 check_recipient_access regexp:/etc/postfix/reg_recipient_access
 permit_auth_destination
 reject_unauth_destination
reg_sender_access
Code:
/.*@mydomain.com/ OK
reg_recipient_access
Code:
/host@mydomain.com/ OK
/.*@*.*/ REJECT
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
To restrict a user to send mails only to 3 e-mails IDs using postfix mail server sharath41 Linux - Newbie 2 07-21-2008 08:38 PM
Postfix still accepting non FQDN PcPixel Linux - Server 3 11-21-2007 09:22 PM
Postfix smtp not accepting connections Spleenie Linux - Software 0 01-23-2005 06:04 AM
Mail Server not accepting mails!! RKris Linux - Networking 5 08-27-2002 07:35 AM


All times are GMT -5. The time now is 01:51 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration