Postfix Second Instance or whitelisting?

Discussion in 'Server Operation' started by mysterytoy, Aug 3, 2010.

  1. mysterytoy

    mysterytoy New Member HowtoForge Supporter

    Hello Everyone,

    I'm testing out a setup using Fedora 13 and ISPconfig 2. I following the How-To and everything is working perfectly.

    The problem is I have these two expensive devices on the internal private network that sends out scanned documents as attachments through e-mail but are a little old and they don't support authentication.

    Since they are on the private network it's no problem running a SMTP relay server with authentication turned off.

    The server I'm setting up right now is configured for authentication (ISPConfig) and will be used on the public side and probably as a router between the private network and the internet.

    Should I run a second instance of Postfix and bind it to the adapter on the private side so it can be an open relay or is there a way I can specify not to authenticate from these two specific IP addresses.

    Thank in advance for your help.
  2. falko

    falko Super Moderator ISPConfig Developer

    You could simply add the two IP addresses of these two devices to mynetworks in /etc/postfix/ while at the same time authentication is turned on. Addresses that are listed in mynetworks don't need authentication.
  3. mysterytoy

    mysterytoy New Member HowtoForge Supporter

    mynetworks not working with ISPConfig2 Perfect Server

    I was wrong in my previous posts. I don't think it's authentication at all but a Relay access denied problem.

    I tried tweaking the mynetworks in the main.cfg file but nothing seems to work.

    Could this have something to do with the setup for ISPConfig2? I followed the instructions for the Perfect Server Setup HowTO using ISPConfig2.

    Relaying works fine when I test it with Outlook Express and Authentication turned on.

    When I try testing it without Authentication turned on it fails.

    It also fails when I telnet to the smpt port and test it manually from the same ip address.

    Thanks for your help.
    Last edited: Aug 10, 2010
  4. falko

    falko Super Moderator ISPConfig Developer

    That's normal unless you list the client in the mynetworks parameter.
  5. mysterytoy

    mysterytoy New Member HowtoForge Supporter

    Relay Access Denied even with mynetworks

    From what I am reading the default setting with mynetworks is to allow relaying from machines on the local network.

    I've tried different variations and all of them fail to allow relaying from a local machine unless I use a client with authentication turned on.

    During my testing I'm just editing and then restarting postfix.

    Is there another step I need to do?

    Could this be one of the settings used in setting up for ISPConfig using perfect server setup?
  6. falko

    falko Super Moderator ISPConfig Developer

    Can you post your
  7. mysterytoy

    mysterytoy New Member HowtoForge Supporter

    Falko: Thank you for your continued help with this

    I really appreciate your patience and help with this problem. I just sent a copy of the file to my workstation and was preparing to post it here.

    I noticed all the things that were added to the file during the ISPConfig2 Perfect Server installation on the bottom of the file.

    There was a "mynetworks=" line there pointing to the local machine loopback interface.

    I was editing the "mynetworks=" line further up in the file and the second one must have had precedent.

    I commented out this line, restarted postfix and it worked just as you said it would.

    Many thanks to you.

Share This Page