In addition to what I have written below:

It turns out I was wrong about those changes. In fact, it was still 
relaying. Since then I made the following changes and now it seems to be 
working more or less.

Changes:

smtpd_client_restrictions = check_relay_domains, reject_unknown_client
relay_domains = $mydestination, $virtual_domains
virtual_domains = domain1.com, domain2.com

So, now mail can be sent by anyone to either my domain or a virtual 
domain, but to no other addresses. At least using a mail client and 
telneting in, I always got a relay reject on any other addresses.

Nevertheless, can you believe this?

3811834B365     9269 Thu Oct 10 14:54:35  (MAILER-DAEMON)
                                         [EMAIL PROTECTED]

37F013474D0     4484 Thu Oct 10 15:07:45  (MAILER-DAEMON)
                                         [EMAIL PROTECTED]


Although I made the changes at around 14:45.

Curtis



Curtis Vaughan wrote:

> So, here's some history.
>
> My SEMSIII is relaying outside mail.
>
> Some relevant parameters in main.cf and a history follows:
>
> Originally, these lines were in there:
>
> smtpd_sender_restrictions = hash:/etc/postfix/access
> smtpd_recipient_restrictions = ldap:ldapmailenab,
>     permit_tls_clientcerts, permit_sasl_authenticated,
>     permit_mynetworks, check_sender_access,
>     check_relay_domains
>
>
> On the advice of a user I made the following addition:
>
> smtpd_client_restrictions = permit_mynetworks, reject_unknown_client
>
>
> However, it was still relaying. So, I commented out the lines that 
> were originally there so that it read.
>
> #smtpd_sender_restrictions = hash:/etc/postfix/access
> #smtpd_recipient_restrictions = ldap:ldapmailenab,
>     permit_tls_clientcerts, permit_sasl_authenticated,
>     permit_mynetworks, check_sender_access,
>     check_relay_domains
> smtpd_client_restrictions = permit_mynetworks, reject_unknown_client
>
>
> Now, it stopped relaying for anyone sending mail to anyone who is not 
> part of my domain (mynetworks).
>
> Check this out however! Looking at mailq I get the following output 
> even now:
>
> 35FFE34D70C     3000 Thu Oct 10 10:00:48  (MAILER-DAEMON)
>                                         [EMAIL PROTECTED]
>
> 35AED347242     2998 Thu Oct 10 10:18:14  (MAILER-DAEMON)
>                                         [EMAIL PROTECTED]
>
> 3562134889E     2927 Thu Oct 10 10:18:32  (MAILER-DAEMON)
>                                         [EMAIL PROTECTED]
>
> 352CE34762C     2934 Thu Oct 10 10:27:04  (MAILER-DAEMON)
>                                         [EMAIL PROTECTED]
>
> 3F774348E4F    10179 Tue Oct  8 09:13:25  [EMAIL PROTECTED]
>            (connect to ns.perceptics.com[208.252.202.66]: Connection 
> refused)
>                                         [EMAIL PROTECTED]
>                (connect to ns.perceval.be[194.183.227.1]: Connection 
> refused)
>                                         [EMAIL PROTECTED]
>
> I don't remember the exact time I commented out those lines and 
> therefore prevented any relaying, but it was before 10:00.  Where the 
> hell is this coming from then?
> Curtis
>



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to