Hi.

Bit new to PostFix and am having trouble setting it up.

I am trying to set up a null server that can send mail but not receive mail. The server running Postfix is on DMZ of network. We have an exchange Server on the LAN of the network that handles all receiving of mail. The postfix is for my webserver to send confirmation emails to internet users and that's it.

I followed the basic config and standard config for a null client in the documentation but its left me with some problems.

Program works fine sending mail to external mail addresses like hotmail, gmail, etc but when I try to send mail to mydomain.co.uk i get an error of "connect to mail.mydomain.co.uk[xxx.xxx.xxx.xxx]: Connection timed out" where xxx.xxx.xxx.xxx is the address of my router.

This is having a knock on effect of my mailq filling up with mail from root. Anybody have any ideas how to force emails to my domain to be sent externally? This should resolve the root@mydomain.co.uk problem shouldn't it? Really really need a hand...

Here are changes to config i've made....

in master.cf i've commented out local delivery agent (local) as per documentation instructions.

A printout of postconf -n is as follows...

command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
html_directory = /usr/share/doc/postfix-2.2.5/html
inet_interfaces = 127.0.0.1
local_transport = error:local delivery is disabled
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydestination = mydomain = co.uk
myhostname = mydomain
mynetworks = 127.0.0.0/8
mynetworks_style = host
myorigin = mydomain.co.uk
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.2.5/README_FILES relay_domains =
relayhost =
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop

If your Exchange Server is on the private LAN, not in the DMZ, then how can it be reached by external e-mails?
For instance, if a hotmail address sends you a mail, your Postfix won't deliver it locally, but you say your LAN mailserver does? Is there a computer in your DMZ that relays all incoming external mail to your LAN's mail server? (Opening a LAN server to outside internet effectively bypasses your firewall and is a major security risk!)

To find out what is the problem, you can try opening a connection on port 25 to your mail server.
It is possible that the firewall is interfering (access from DMZ to LAN is restricted).
Perhaps you need to contact the mail relay in the DMZ rather than the LAN mailserver.
Simply try:
telnet <your_mail_server> 25
and see if that works.
If the connection establishes without errors, there is no firewall blocking your access.
If the connection is established, but you still get the errors, then the mail server in question has been configured to deny your requests. For instance, the LAN server may be configured to handle only requests from LAN computers, not from external computers.
If the connection isn't established properly (ie time out), you may want to look at any interfering firewalls
or to a redesign of the mail system.

Second question: if you send a mail from your DMZ machine to your domain (user@yourdomain.co.uk), to which mail server does it get sent? To find this out, you could try (on the DMZ machine):
nslookup
nslookup> set type=mx
nslookup> yourDomain.co.uk
See what nslookup tells you. If you don't have nslookup, "dig" is it's successor.
(Note "nslookup>" represents the command prompt of nslookup.)

Thanks for the reply... I've been pulling my hair out

Our LAN has an exchange server on it which recieves emails from our web hosts who forward them on to us. This did handle all recieving and sending of mail to our domain "mydomain.co.uk".

On our DMZ (LAN can see DMZ, DMZ cannot see LAN) I have set up a LAMP webserver which needs to email people, "pretending" to be "mydomain.co.uk". It is not required to recieve emails just send email confirmations to clients. Therefore it pretends to be "mydomain.co.uk".

mydestination =
mydomain = co.uk
myhostname = mydomain

PostFix seems to be ok when emailing to any domain apart from the domain this webserver is "pretending" to be, namely "mydomain.co.uk". If I email to an address to domain the message does not leave the mail queue and i get an error of "connect to mail.mydomain.co.uk[xxx.xxx.xxx.xxx]: Connection timed out" where xxx.xxx.xxx.xxx is the address of my router.

Since i'm really really new to setting up anything to do with email i don't know if it is trying to relay any messages sent to "mydomain.co.uk" internally and that is why they are not being recieved by our external servers (the ones that actually do handle our emails).

I was wondering if anyone could help me wit the settings I have given below to make what I'm trying to do work....

Thanks if you can help

so the router isn't receiving the packet and routing it back inside the network.. this is quite normal in my experience.. if I map an external IP/port to an internal server I can't connect to the internal server from an internal workkstation by connecting to the public IP. time to rethink your routing for that item.

why not just edit the the hosts file on the postfix mail server and supply it with the entry for mail.mydomain.co.uk and it's internal IP address then make sure your firewall is configured to allow a connection from the postfix box to the exchange server on port 25.

Right now you are allowing it to obtain the IP from DNS and that's not going to give you what you need to make this work.

easy...