Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 25th March 2010, 02:49
tuananh87vn tuananh87vn is offline
Member
 
Join Date: Sep 2009
Posts: 39
Thanks: 8
Thanked 0 Times in 0 Posts
Default How to disable open relay on Postfix?

Hi everyone,

Open relay, yet again, concerns me. I followed the Falko's guide on installing Debian postfix with some other stuff, things've been running cool, except for the open relay problem. As I configure MS Outlook to test email, even with no password, the test emails can still be sent. A open relay problem, isn't it?

I've tried several ways to disable it, but none worked. Can anybody help me out?

Thx alot ^^
Reply With Quote
Sponsored Links
  #2  
Old 26th March 2010, 02:25
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,745 Times in 2,578 Posts
Default

You can test your server here: http://www.spamhelp.org/shopenrelay/
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 26th March 2010, 06:38
tuananh87vn tuananh87vn is offline
Member
 
Join Date: Sep 2009
Posts: 39
Thanks: 8
Thanked 0 Times in 0 Posts
Default

Hi,
I've tried the test, the result said my smtp server is NOT an open relay. Seems like I have a misunderstanding here:

Outsiders (who are unauthenticated) cannot use my smtp server to send email to other server (or to relay mails). That's why my server is not considered an open relay.

However someone can still INJECT mails into my server (i.e: send mails to some users) as anonymous sender, right? Sometimes emails sent in this way is blocked as spam, sometimes, they are passed CLEAN. So how to prevent it? Is it something like using "smptd_client_restriction" or "smtpd_sender_restriction"?

thx alot!
Reply With Quote
  #4  
Old 27th March 2010, 12:29
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,745 Times in 2,578 Posts
Default

There are two scenarios where users don't have to authenticate:
1) You send to a rdcipient who is on the server.
2) You send from a client whose IP is listed in mynetworks in /etc/postfix/main.cf.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 27th March 2010, 17:47
tuananh87vn tuananh87vn is offline
Member
 
Join Date: Sep 2009
Posts: 39
Thanks: 8
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by falko View Post
There are two scenarios where users don't have to authenticate:
1) You send to a rdcipient who is on the server.
2) You send from a client whose IP is listed in mynetworks in /etc/postfix/main.cf.
Hi,
For the 2nd scenario, it is likely for those who are logged into the system (as mynetworks specifies 127.0.0.1/8)

But for the 1st one, although i've placed some restrictions on client (like, client must be from user list), chances are that somebody who knows the emails of some users within the server still use them to spam the server itself. In this case, is it possible to force smtp authentication to any user who wants to use smtp service? (like Gmail, it forces its users to authenticate themselves before doing anything)
Reply With Quote
  #6  
Old 5th April 2010, 09:59
tuananh87vn tuananh87vn is offline
Member
 
Join Date: Sep 2009
Posts: 39
Thanks: 8
Thanked 0 Times in 0 Posts
Default

No reply?
I'm really stuck
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
High on Lenny - Lvm Mount Problem Serverman Technical 1 23rd June 2009 16:26
Postfix not responding to telnet CarbonCopy Server Operation 6 8th May 2009 05:39
localhost postfix/master: fatal: bind 127.0.0.1 port 125: Permission denied g18c Installation/Configuration 4 24th March 2009 17:39
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47
Verify email setup meekish Installation/Configuration 28 27th October 2006 15:36


All times are GMT +2. The time now is 18:30.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.