Something like address based relay just the other way around
Hello I just wonder whether my idea is technically possible to fullfill with Postfix. I already use sender based relaying which works fine. My problem is that I'm running a Postfix Server on my dynamic IP-Address. I would say for 80% of the receivers is no problem to send the emails directly (direct-mx). Some domains or receivers do not accept this due to dynamic IP block. No problem I thought I could set up a receiver-based relay, but unfortunatly I did not find anything about it in Postfix doc (maybe I looked for the wrong keywords). So my question is: Is there a way to conditionally relay emails based on the receivers address/domain? So I could send emails for defined addresses/domains via my ISP mailserver instead of direct-mx. Is there a way to do this in Postfix? Thanks a lot for all tipps/hints Cheers tobi
Re: Something like address based relay just the other way around
Tobi: Hello I just wonder whether my idea is technically possible to fullfill with Postfix. I already use sender based relaying which works fine. My problem is that I'm running a Postfix Server on my dynamic IP-Address. I would say for 80% of the receivers is no problem to send the emails directly (direct-mx). Some domains or receivers do not accept this due to dynamic IP block. No problem I thought I could set up a receiver-based relay, but unfortunatly I did not find anything about it in Postfix doc (maybe I looked for the wrong keywords). See this URL: http://www.postfix.org/transport.5.html If I am not mistaken, this has precedence over sender-dependent features. Wietse So my question is: Is there a way to conditionally relay emails based on the receivers address/domain? So I could send emails for defined addresses/domains via my ISP mailserver instead of direct-mx. Is there a way to do this in Postfix? Thanks a lot for all tipps/hints Cheers tobi
Re: Something like address based relay just the other way around
Wietse Venema schrieb: Tobi: Hello I just wonder whether my idea is technically possible to fullfill with Postfix. I already use sender based relaying which works fine. My problem is that I'm running a Postfix Server on my dynamic IP-Address. I would say for 80% of the receivers is no problem to send the emails directly (direct-mx). Some domains or receivers do not accept this due to dynamic IP block. No problem I thought I could set up a receiver-based relay, but unfortunatly I did not find anything about it in Postfix doc (maybe I looked for the wrong keywords). See this URL: http://www.postfix.org/transport.5.html If I am not mistaken, this has precedence over sender-dependent features. Wietse So my question is: Is there a way to conditionally relay emails based on the receivers address/domain? So I could send emails for defined addresses/domains via my ISP mailserver instead of direct-mx. Is there a way to do this in Postfix? Thanks a lot for all tipps/hints Cheers tobi Hello I tried according to Wietse's link to the manual and it works 50% ;-) The email is properly forwarded according to receivers domain with the values in transport conf file But now Postfix has no user details to perform a SMTP Authentication at the defined relay server. smtp tries to relay without auth which my providers server don't like. If I'm using sender_dependent_relay then smtp takes the details from my sasl password file and therefore can perform an auth at the relay server. So my next question is how to tell transport where to lookup for the login credentials to send an email through an external relay server which expects user auth. Is there a way which I have not found in the manual to tell Postfix the necessary details? Or is it not possible by design? Thanks and cheers tobi
Re: Something like address based relay just the other way around
tobi: [ Charset ISO-8859-1 unsupported, converting... ] Wietse Venema schrieb: Tobi: Hello I just wonder whether my idea is technically possible to fullfill with Postfix. I already use sender based relaying which works fine. My problem is that I'm running a Postfix Server on my dynamic IP-Address. I would say for 80% of the receivers is no problem to send the emails directly (direct-mx). Some domains or receivers do not accept this due to dynamic IP block. No problem I thought I could set up a receiver-based relay, but unfortunatly I did not find anything about it in Postfix doc (maybe I looked for the wrong keywords). See this URL: http://www.postfix.org/transport.5.html If I am not mistaken, this has precedence over sender-dependent features. I tried according to Wietse's link to the manual and it works 50% ;-) The email is properly forwarded according to receivers domain with the values in transport conf file But now Postfix has no user details to perform a SMTP Authentication at the defined relay server. smtp tries to relay without auth which my providers server don't like. If I'm using sender_dependent_relay then Then you made too many transport map entries. Wietse
Re: Something like address based relay just the other way around
Wietse Venema schrieb: tobi: [ Charset ISO-8859-1 unsupported, converting... ] Wietse Venema schrieb: Tobi: Hello I just wonder whether my idea is technically possible to fullfill with Postfix. I already use sender based relaying which works fine. My problem is that I'm running a Postfix Server on my dynamic IP-Address. I would say for 80% of the receivers is no problem to send the emails directly (direct-mx). Some domains or receivers do not accept this due to dynamic IP block. No problem I thought I could set up a receiver-based relay, but unfortunatly I did not find anything about it in Postfix doc (maybe I looked for the wrong keywords). See this URL: http://www.postfix.org/transport.5.html If I am not mistaken, this has precedence over sender-dependent features. I tried according to Wietse's link to the manual and it works 50% ;-) The email is properly forwarded according to receivers domain with the values in transport conf file But now Postfix has no user details to perform a SMTP Authentication at the defined relay server. smtp tries to relay without auth which my providers server don't like. If I'm using sender_dependent_relay then Then you made too many transport map entries. Wietse Thanks for your patience :-) But I only have two entries in transport which look like this cat /opt/etc/postfix/transport | grep -v # postfix.org smtp:[smtp.mysip.ch]:587 domain.tld smtp:[smtp.myotherisp.ch]:587 And only once in the config (main.cf transport_maps...). I can see the unauthorized relay attempts with myisp.ch/myotherisp.ch in the Postfix logs. So I assume that no login credentials were used. Is transport meant to use the data from sender_relay and sasl_passwd files to login to the relay servers? Regards tobi
Re: Something like address based relay just the other way around
tobi schrieb: Wietse Venema schrieb: tobi: [ Charset ISO-8859-1 unsupported, converting... ] Wietse Venema schrieb: Tobi: Hello I just wonder whether my idea is technically possible to fullfill with Postfix. I already use sender based relaying which works fine. My problem is that I'm running a Postfix Server on my dynamic IP-Address. I would say for 80% of the receivers is no problem to send the emails directly (direct-mx). Some domains or receivers do not accept this due to dynamic IP block. No problem I thought I could set up a receiver-based relay, but unfortunatly I did not find anything about it in Postfix doc (maybe I looked for the wrong keywords). See this URL: http://www.postfix.org/transport.5.html If I am not mistaken, this has precedence over sender-dependent features. I tried according to Wietse's link to the manual and it works 50% ;-) The email is properly forwarded according to receivers domain with the values in transport conf file But now Postfix has no user details to perform a SMTP Authentication at the defined relay server. smtp tries to relay without auth which my providers server don't like. If I'm using sender_dependent_relay then Then you made too many transport map entries. Wietse Thanks for your patience :-) But I only have two entries in transport which look like this cat /opt/etc/postfix/transport | grep -v # postfix.org smtp:[smtp.mysip.ch]:587 domain.tld smtp:[smtp.myotherisp.ch]:587 And only once in the config (main.cf transport_maps...). I can see the unauthorized relay attempts with myisp.ch/myotherisp.ch in the Postfix logs. So I assume that no login credentials were used. Is transport meant to use the data from sender_relay and sasl_passwd files to login to the relay servers? Regards tobi Problem found 30cm in front of the screen. After changing the transport postfix.org smtp:[smtp.mysip.ch]:submission domain.tld smtp:[smtp.myotherisp.ch]:submission it works. I thought :587 would be the same as :submission
Re: Something like address based relay just the other way around
On Mon, Nov 30, 2009 at 11:02:22PM +0100, tobi wrote: cat /opt/etc/postfix/transport | grep -v # postfix.org smtp:[smtp.mysip.ch]:587 domain.tld smtp:[smtp.myotherisp.ch]:587 Problem found 30cm in front of the screen. After changing the transport postfix.org smtp:[smtp.mysip.ch]:submission domain.tld smtp:[smtp.myotherisp.ch]:submission it works. I thought :587 would be the same as :submission It is, essentially, the difference is that :submission can break if your /etc/services is incomplete, NIS is not working, ... while the 587, works all the time. The other difference is that by changing the nexthop, you have also changed the lookup key for smtp_sasl_password_maps, smtp_tls_policy_maps, and any other per-destination SMTP client tables. You may have incorrect data for the :587 lookup key in some cases. Finally, changing the table source, may have resulted in an actual update of the index file via postmap, previously not carried out correctly. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:majord...@postfix.org?body=unsubscribe%20postfix-users If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.