LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 08-27-2008, 04:32 PM   #1
Ruler2112
Member
 
Registered: Oct 2004
Location: Michigan, US
Distribution: Redhat 7.3, 9.0; Slackware 10, 10.1, 10.2, 11; FreeBSD 7.0; KnoppMyth 5.5
Posts: 125

Rep: Reputation: 16
Lightbulb Postfix - Configuration to Forward Outgoing Mail Elsewhere


This is probably going to be a somewhat unusual question. The current situation is this:

The company that my employer pays for providing e-mail doesn't know what they're doing. We've been plagued by frequent outages, excessive spam, unresponsiveness when adding users, etc. Because of this, I built an e-mail server using FreeBSD and Postfix. This has performed admirably, in part to the advice I received on this forum. I have SMTP AUTH required to send mail and TLS required to prevent plain text logins from being easily sniffed.

However, we have a CRM application does not support TLS. I know that the ideal solution would be to have the provider fix their application to adhere to industry standard TLS, but the company is so large, there's little to no chance of them ever fixing it. Because of this, we've had to remain with the 3rd party e-mail provider solely for SMTP service for CRM. By doing so, we're still affected by service outages; nobody could send e-mail from CRM from this past Friday evening until Monday around 10 am. I had an idea that I think will work to circumvent this, but I've been unable to locate information on such a configuration.

My idea, since the machine housing CRM has access to my employer's internal network, is to set up one of my Linux servers on my LAN with Postfix. I'd set the IP address of the CRM box as the mynetworks parameter of Postfix on this internal server - it's the only machine that would be allowed to use SMTP service on this machine. Postfix on this internal server would then simply bounce any messages received via SMTP out to my real mail server, handling the TLS and authentication. I *think* this should allow me to simply set the mail server in the CRM app to be the IP of my internal server and allow e-mails to be sent from CRM using the mail server I built by simply bouncing the traffic through an intermediate machine.

I (possibly erroneously) assume that this is possible. Does anyone have any advice, suggestions, thoughts, ideas of where to look, etc? Thanks in advance for any help.
 
Old 08-27-2008, 04:38 PM   #2
billymayday
Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
That should work fine - does the CRM box have a static public IP or is it internal to your LAN though? I wouldn't have thought you'd need authentication from an internal relay, but perhaps I'm a bit confused - a simply diagram of you plan may help.
 
Old 08-27-2008, 04:43 PM   #3
Ruler2112
Member
 
Registered: Oct 2004
Location: Michigan, US
Distribution: Redhat 7.3, 9.0; Slackware 10, 10.1, 10.2, 11; FreeBSD 7.0; KnoppMyth 5.5
Posts: 125

Original Poster
Rep: Reputation: 16
The CRM box does have a static IP address.

The problem I ran into when building the mail server is that our network providers are Nazis and would not forward any ports through the firewall. Because of this, I had to get a completely separate business-grade DSL line installed with a static IP address to use for the mail server. Therefore, I'm really connecting to my mail server through the Internet rather than locally when I send mail from my corporate network.

Dunno if this answers your question or not...
 
Old 08-27-2008, 05:24 PM   #4
billymayday
Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
That's OK - a single static IP that can't be spoofed should be fine.

Set mynetworks and relayhost, and you're pretty much there.


You're not running this on one of those old RH boxes are you?
 
Old 08-28-2008, 11:45 AM   #5
Ruler2112
Member
 
Registered: Oct 2004
Location: Michigan, US
Distribution: Redhat 7.3, 9.0; Slackware 10, 10.1, 10.2, 11; FreeBSD 7.0; KnoppMyth 5.5
Posts: 125

Original Poster
Rep: Reputation: 16
I was planning to run it on a RedHat 9.0 box I have set up to do IP masquerading/corporate IM server/file serving/internal web server/etc - I already downloaded and installed the postfix 2.4 RPM before posting the original message. Would this be a bad idea? Would it be better to use a Slackware 10.2 box that I have running another application I wrote myself?

Also, I found the relayhost in the postfix docs, but nothing in it related to TLS or authentication. Can you suggest where to look to find out how to configure this? (I was thinking of creating a user on my mail server strictly to allow CRM to send e-mail.)
 
Old 08-28-2008, 04:50 PM   #6
Ruler2112
Member
 
Registered: Oct 2004
Location: Michigan, US
Distribution: Redhat 7.3, 9.0; Slackware 10, 10.1, 10.2, 11; FreeBSD 7.0; KnoppMyth 5.5
Posts: 125

Original Poster
Rep: Reputation: 16
Nevermind about pointers to more docs - I believe I've found what I need. This page, though geared for a different product entirely, seems to have the information I was looking for.

I'm currently waiting to set it up until I hear back from you Billy. I don't want to do a lot of work, then find out that there's a memory leak or something that's a known flaw on RH9. (Not that something like this has EVER happened to me in the past... )
 
Old 09-01-2008, 05:14 AM   #7
billymayday
Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
Been away. It's just that RH9 is way old and hasn't had security updates or whatever for several years (2004 I think). Try something newer like RHEL5 (or CentOS5)
 
Old 09-15-2008, 04:55 PM   #8
dj_grass
LQ Newbie
 
Registered: Sep 2008
Posts: 1

Rep: Reputation: 0
Hy,

i am using Postfix, Amavisd and Spamassassin.
I forward some mails from my postfix to an external mailserver.
I want my postfix to forward only "good" mails to the external server.
So all spam mails should not be forwarded.

How can I configure my postfix to do that?

I hope for help.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix Relay access denied outgoing mail alitrix Linux - Server 2 06-14-2008 03:38 PM
Postfix, copy all outgoing mail to admin account. exodist Linux - Software 8 02-01-2008 09:39 AM
Outgoing Only mail server using Postfix opnsrc Linux - Networking 0 06-15-2006 10:37 AM
Postfix - Don't masquerade Local only Outgoing mail... Help please... Vince0000 Linux - General 2 11-27-2003 09:08 AM
postfix outgoing mail fail from outlook express importboy03 Linux - Networking 0 02-20-2003 02:54 PM


All times are GMT -5. The time now is 04:59 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration