HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   postfix questions (http://www.howtoforge.com/forums/showthread.php?t=968)

Ovidiu 23rd October 2005 12:34

postfix questions
 
hi guys,

I have been reading /usr/share/postfix/main.cf.dist lately as well as some postfix dokus and had some questions about what I found there.

1.
Quote:

relay_domains

the variable relay_domains specifies with which domains the sending of emails is allowedd. AS far as I unerstand if we set it to relay_domains = $mydestination there is no faking of email addresses possible?
2.
Quote:

I inserted these entries additionally, as they seemed "logical" to me. Any problems with that?
delay_warning_time = 4h
maximal_queue_lifetime = 5d
3.
Quote:

what about these settings? too paranoid?
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_invalid_hostname,
reject_unknown_hostname,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
4.
Quote:

how about this:

echo 'allow_percent_hack = no' >> /etc/postfix/main.cf
/etc/init.d/postfix reload

falko 23rd October 2005 14:20

Quote:

relay_domains

the variable relay_domains specifies with which domains the sending of emails is allowedd. AS far as I unerstand if we set it to relay_domains = $mydestination there is no faking of email addresses possible?
As long as the user has a valid username and password for SMTP-AUTH or is sending directly from the server (e.g. with webmail) or sends a mail to a recipient on the server he can use whatever sender address he likes. You cannot prevent the user from faking the sender address.

Quote:

I inserted these entries additionally, as they seemed "logical" to me. Any problems with that?
delay_warning_time = 4h
maximal_queue_lifetime = 5d
No.

Quote:

what about these settings? too paranoid?
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_invalid_hostname,
reject_unknown_hostname,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
I'd try it for a few days and then check if too many valid emails have been rejected.


All times are GMT +2. The time now is 04:13.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.