LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-26-2011, 02:17 AM   #1
cheesewizz
Member
 
Registered: Aug 2004
Location: Philippines
Distribution: Centos
Posts: 221

Rep: Reputation: 15
How to config internal and external email using postfix


Hi All

Im using postfix and dovecot installed in one machine running linux centos 5.4
and i have two lan card eth0 and eth1

the eth0 is my IP from ISP
the eth1 is my internal IP

now since my postfix and dovecot are started without any errors what i mean is
i can able to send in yahoo,gmail,etc... and also i can recieve email from outside

my question is how can i restrict this email address prinzz@prinzz.com denied for outside but can send and recieve only in internal while this prinzz2@prinzz.com is allow to send and recieve outside and inside.


please help

Thanks
 
Old 05-26-2011, 06:03 PM   #2
einom
LQ Newbie
 
Registered: May 2011
Location: cali colombia
Distribution: sles centos solaris debian
Posts: 6

Rep: Reputation: Disabled
look this url http://www.postfix.org/RESTRICTION_CLASS_README.html
 
Old 05-26-2011, 08:34 PM   #3
cheesewizz
Member
 
Registered: Aug 2004
Location: Philippines
Distribution: Centos
Posts: 221

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by einom View Post
Hi thanks for your reply

I followed the instruction the one you gave to me URL but still i can able send message externally am using this email add prinzz@tailinsubic-chatserver.com

for the /etc/postfix/restricted_senders
content: prinzz@tailinsubic-chatserver.com local_only

/etc/postfix/recipient_access
content:
prinzz@tailinsubic-chatserver.com restrictive
prinzz2@tailinsubic-chatserver.com permissive

/etc/postfix/local_domains
content: tailinsubic-chatserver.com OK




Please can someone review my main.cf

smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks check_relay_domains permit_mx_backup
smtpd_restriction_classes = restrictive, permissive
restrictive = reject_unknown_sender_domain reject_unknown_client_hostname
permissive = permit
check_recipient_access = hash:/etc/postfix/recipient_access
mynetworks = 127.0.0.0/8
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

# email forwarder
virtual_alias_domains = tailinsubic-chatserver.com
virtual_alias_maps = hash:/etc/postfix/virtual

# Restricting Internal to External
check_sender_access = hash:/etc/postfix/restricted_senders
smtpd_restriction_classess = local_only
local_only =
check_recipient_access = hash:/etc/postfix/local_domains, reject



thanks
 
Old 05-26-2011, 09:38 PM   #4
einom
LQ Newbie
 
Registered: May 2011
Location: cali colombia
Distribution: sles centos solaris debian
Posts: 6

Rep: Reputation: Disabled
erase the line
restrictive = reject_unknown_sender_domain reject_unknown_client_hostname

and the line
permissive = permit

and
erase the contend of recipient_access (you don't nedeed) and restart

i hope that this help..
 
Old 05-26-2011, 10:26 PM   #5
cheesewizz
Member
 
Registered: Aug 2004
Location: Philippines
Distribution: Centos
Posts: 221

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by einom View Post
erase the line
restrictive = reject_unknown_sender_domain reject_unknown_client_hostname

and the line
permissive = permit

and
erase the contend of recipient_access (you don't nedeed) and restart

i hope that this help..
Thanks for your reply

I removed it but there is a problem when i tried to send email to here aries_baluyot@tailinsubic-chatserver.com still running please see attached file and also my main.cf

smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks check_relay_domains permit_mx_backup
smtpd_restriction_classes = restrictive, permissive
#restrictive = reject_unknown_sender_domain reject_unknown_client_hostname
#permissive = permit
check_recipient_access = hash:/etc/postfix/recipient_access
mynetworks = 127.0.0.0/8
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

# email forwarder
virtual_alias_domains = tailinsubic-chatserver.com
virtual_alias_maps = hash:/etc/postfix/virtual

# Restricting Internal to External
#smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks check_relay_domains permit_mx_backup
check_sender_access = hash:/etc/postfix/restricted_senders
smtpd_restriction_classess = local_only
local_only =
#check_recipient_access = hash:/etc/postfix/local_domains, reject

Thanks
Attached Thumbnails
Click image for larger version

Name:	Screen shot 2011-05-27 at 10.24.57 AM.png
Views:	10
Size:	34.5 KB
ID:	7134  
 
Old 05-27-2011, 10:36 AM   #6
einom
LQ Newbie
 
Registered: May 2011
Location: cali colombia
Distribution: sles centos solaris debian
Posts: 6

Rep: Reputation: Disabled
hum...

1. in smtpd_recipient_restrictions add at the begin this words check_sender_access hash:/etc/postfix/restricted_senders

example: smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/restricted_senders, permit_sasl_authenticated permit_mynetworks, check_relay_domains permit_mx_backup

whit this you define that the first rule to check to decide if a mail is goning to be send is check_sender_access

2. then you have to set the local policy, smtpd_restriction_classess = local_only
local_only =
check_recipient_access = hash:/etc/postfix/local_domains, reject

erase the line smtpd_restriction_classes = restrictive, permissive yout don't nedeed


3. in local_domains you have to add the domains that postfix will recognize like your own domain


4. in the restricted_senders you have to add the accounts and the restriccion_classes tha will affect them exaple

prinzz@tailinsubic-chatserver.com local_only
the accounts that don't appear in the file (restricted_senders), will to be able to send mail to external domains because the next
policies in the line smtpd_recipient_restrictions, will be aplied to them

i hope that this help you and sorry again for my english..
 
1 members found this post helpful.
Old 05-28-2011, 01:49 AM   #7
cheesewizz
Member
 
Registered: Aug 2004
Location: Philippines
Distribution: Centos
Posts: 221

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by einom View Post
hum...

1. in smtpd_recipient_restrictions add at the begin this words check_sender_access hash:/etc/postfix/restricted_senders

example: smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/restricted_senders, permit_sasl_authenticated permit_mynetworks, check_relay_domains permit_mx_backup

whit this you define that the first rule to check to decide if a mail is goning to be send is check_sender_access

2. then you have to set the local policy, smtpd_restriction_classess = local_only
local_only =
check_recipient_access = hash:/etc/postfix/local_domains, reject

erase the line smtpd_restriction_classes = restrictive, permissive yout don't nedeed


3. in local_domains you have to add the domains that postfix will recognize like your own domain


4. in the restricted_senders you have to add the accounts and the restriccion_classes tha will affect them exaple

prinzz@tailinsubic-chatserver.com local_only
the accounts that don't appear in the file (restricted_senders), will to be able to send mail to external domains because the next
policies in the line smtpd_recipient_restrictions, will be aplied to them

i hope that this help you and sorry again for my english..
Thanks for your reply

smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/recipient_access, permit_sasl_authenticated, permit_mynetworks, check_relay_domains, permit_mx_backup

i have problem with that noticed that the red color when i remove that i can able to send and recieve but if im going to place on that path
SMTP become idle or taking long time but still failed to send


anyideas


thanks
 
Old 05-28-2011, 09:53 AM   #8
einom
LQ Newbie
 
Registered: May 2011
Location: cali colombia
Distribution: sles centos solaris debian
Posts: 6

Rep: Reputation: Disabled
make a postmap to the files recipient_access, local_domains.


example: postmap local_domains and that will create the local_domains.db that the hash: type of file restart the postfix and check if the mails can be send.

try this and tell me if work for you, if don't restart the postfix and post the /var/log/maillog in then moment when send a mail
 
1 members found this post helpful.
Old 06-01-2011, 01:31 AM   #9
cheesewizz
Member
 
Registered: Aug 2004
Location: Philippines
Distribution: Centos
Posts: 221

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by einom View Post
make a postmap to the files recipient_access, local_domains.


example: postmap local_domains and that will create the local_domains.db that the hash: type of file restart the postfix and check if the mails can be send.

try this and tell me if work for you, if don't restart the postfix and post the /var/log/maillog in then moment when send a mail
Hi Thanks for your reply

Im sorry for not replying immediately

i used postmap for this following restricted_senders, local_domain, recipient_access and also virtual all i mentioned postmap created db of each filename.

i checked the mail log and here is the result

Jun 1 13:27:46 tailinsubic-chatserver postfix/master[4467]: daemon started -- version 2.3.3, configuration /etc/postfix
Jun 1 13:27:50 tailinsubic-chatserver postfix/smtpd[4471]: fatal: restriction class `local_only' needs a definition
Jun 1 13:27:51 tailinsubic-chatserver postfix/master[4467]: warning: process /usr/libexec/postfix/smtpd pid 4471 exit status 1
Jun 1 13:27:51 tailinsubic-chatserver postfix/master[4467]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling


please help

thanks
 
Old 06-01-2011, 02:26 AM   #10
cheesewizz
Member
 
Registered: Aug 2004
Location: Philippines
Distribution: Centos
Posts: 221

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by einom View Post
make a postmap to the files recipient_access, local_domains.


example: postmap local_domains and that will create the local_domains.db that the hash: type of file restart the postfix and check if the mails can be send.

try this and tell me if work for you, if don't restart the postfix and post the /var/log/maillog in then moment when send a mail
Hi,

Good News

Its ok now i can able to send email local using restricted_senders

please check log below

Jun 1 14:20:16 tailinsubic-chatserver postfix/master[7827]: daemon started -- version 2.3.3, configuration /etc/postfix
Jun 1 14:20:20 tailinsubic-chatserver postfix/smtpd[7831]: connect from unknown[119.92.56.77]
Jun 1 14:20:20 tailinsubic-chatserver postfix/smtpd[7831]: setting up TLS connection from unknown[119.92.56.77]
Jun 1 14:20:20 tailinsubic-chatserver postfix/smtpd[7831]: TLS connection established from unknown[119.92.56.77]: TLSv1 with cipher AES128-SHA (128/128 bits)
Jun 1 14:20:20 tailinsubic-chatserver postfix/trivial-rewrite[7835]: warning: do not list domain tailinsubic-chatserver.com in BOTH mydestination and virtual_alias_domains
Jun 1 14:20:20 tailinsubic-chatserver postfix/smtpd[7831]: C0D2E2350085: client=unknown[119.92.56.77], sasl_method=PLAIN, sasl_username=aries_baluyot@tailinsubic-chatserver.com
Jun 1 14:20:20 tailinsubic-chatserver postfix/cleanup[7836]: C0D2E2350085: message-id=<2FE3A4E1-3DD9-4F74-937D-C9A8511F29C8@tailinsubic-chatserver.com>
Jun 1 14:20:20 tailinsubic-chatserver postfix/qmgr[7830]: C0D2E2350085: from=<aries_baluyot@tailinsubic-chatserver.com>, size=713, nrcpt=1 (queue active)
Jun 1 14:20:23 tailinsubic-chatserver postfix/smtp[7837]: C0D2E2350085: to=<r_sumook@yahoo.com>, relay=f.mx.mail.yahoo.com[98.137.54.237]:25, delay=3, delays=0.17/0.01/1.1/1.7, dsn=2.0.0, status=sent $
Jun 1 14:20:23 tailinsubic-chatserver postfix/qmgr[7830]: C0D2E2350085: removed
Jun 1 14:21:21 tailinsubic-chatserver postfix/smtpd[7831]: disconnect from unknown[119.92.56.77]
Jun 1 14:21:45 tailinsubic-chatserver postfix/smtpd[7831]: connect from unknown[119.92.56.77]
Jun 1 14:21:45 tailinsubic-chatserver postfix/smtpd[7831]: setting up TLS connection from unknown[119.92.56.77]
Jun 1 14:21:45 tailinsubic-chatserver postfix/smtpd[7831]: TLS connection established from unknown[119.92.56.77]: TLSv1 with cipher AES128-SHA (128/128 bits)
Jun 1 14:21:45 tailinsubic-chatserver postfix/trivial-rewrite[7835]: warning: do not list domain tailinsubic-chatserver.com in BOTH mydestination and virtual_alias_domains
Jun 1 14:21:45 tailinsubic-chatserver postfix/smtpd[7831]: NOQUEUE: reject: RCPT from unknown[119.92.56.77]: 554 5.7.1 <rsumook@tailinsubic-chatserver.com>: Sender address rejected: Access denied; fro$
Jun 1 14:21:46 tailinsubic-chatserver postfix/smtpd[7831]: disconnect from unknown[119.92.56.77]


thank you so much cheers
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix - filtering internal email PaulAm Linux - Server 2 01-21-2011 09:51 PM
POSTFIX Email Can't Receive External Email rkibui Linux - Newbie 5 02-22-2009 06:45 AM
POSTFIX Email Can't Receive External Email carlosinfl Linux - Server 2 10-15-2007 07:00 AM
Send email to internet from 2nd SuSE via internal postfix server joadoor Linux - Networking 2 12-25-2006 11:40 AM
setup email client for internal and external mail access shadoxity Linux - Software 15 04-21-2005 09:17 AM


All times are GMT -5. The time now is 03:15 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration