View Full Version : postfix is on openrelay
matehortua
30th September 2005, 02:28
I installed a suse 9.3 box with the exellent falko guide (the perfect setup)
then i installed ISPconfig and is working without problems.... at this moment
my only problem is that my mail-server POSTFIX is on openrelay (sending mail to other domains) and that is very bad.
what can i do to fix this problem???
tanx
falko
30th September 2005, 03:04
Why do you think it is an open relay? If you have followed the tutorial then it should not be an open relay.
matehortua
5th October 2005, 02:23
Why do you think it is an open relay? If you have followed the tutorial then it should not be an open relay.
i think an Open Relay is when th mail server (postfix) sends mail from any domain to any destination.
i think it should restrict the sending of mails to:
mydestination = /etc/postfix/local-host-names
but is not...
i have this line also on the main.cf
relay_domains = $mydestination
can you tell what is the appropiate way to enable on my server the sending of messagges ONLY to my local-host-names??
a lot of tanx
falko
5th October 2005, 03:16
i think an Open Relay is when th mail server (postfix) sends mail from any domain to any destination.
i think it should restrict the sending of mails to:
mydestination = /etc/postfix/local-host-names
but is not...
i have this line also on the main.cf
relay_domains = $mydestination
can you tell what is the appropiate way to enable on my server the sending of messagges ONLY to my local-host-names??
a lot of tanx
There are 3 cases where your server accepts emails without authentication, but is still not an open relay:
1) You're sending directly from your server, i.e. you're logged in on the server, e.g. on the shell or with a webmail interface.
2) You're sending an email to a recipient who is on the server.
3) You're sending from within a network that is specified in the mynetworks variable in /etc/postfix/main.cf.
If one of these 3 points applies, and you're wondering why you don't need to authenticate: this is normal and does not mean your server is an open relay.
Can you run telnet localhost 25 and then issue ehlo localhost and post the output here?
If you see a line starting with 250-AUTH then it should be fine.
matehortua
8th October 2005, 02:06
#telnet localhost 25
ehlo localhost
250-acuario.ims.com.co
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250 8BITMIME
mmm i didnt see the 250-auth but when i installed (new) it was there ..... :(
i know i didnt change anything except the changes that ISPconfig did.
tanx
falko
8th October 2005, 02:34
#telnet localhost 25
ehlo localhost
250-acuario.ims.com.co
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250 8BITMIME
mmm i didnt see the 250-auth but when i installed (new) it was there ..... :(
i know i didnt change anything except the changes that ISPconfig did.
tanx
Then do the Postfix configuration again. It's here: http://www.howtoforge.com/perfect_setup_suse_9.3_p5
vBulletin® v3.8.4, Copyright ©2000-2009, Jelsoft Enterprises Ltd.