Re: [CentOS] Postfix Questions
-- Original Message --- From: Indunil Jayasooriya To: CentOS mailing list Sent: Sun, 3 May 2009 07:46:17 +0530 Subject: Re: [CentOS] Postfix Questions > On Sat, May 2, 2009 at 4:36 AM, Jason Todd Slack-Moehrle > wrote: > > Hi All, > > > > I am working on setting up Postfix and I have a few questions: > > > > 1. mynetworks = Do I put my public static IP here? So I am hosting at > > another provider on my own dedicated hardware. Do I put that machines > > IP or the IP of my apartment where I want to access from? Second, do I > > have to know the Ip information for my BlackBerry to work as well? > > > > put clients ip range there. > > e.g > > mynetworks = 192.168.0.0/24 > > then, clinets behind postfix mail server will be able to send mail > via postfix server. > > > 2. relaying: Obviously I dont want to be an open relay, but I do what > > to send mail from my apartment and from my Blackberry. > > as i said the above under mynetworks, Pls add those ip ranges. then, > u r done. For dynamic IPs, like those assigned by home ISPs is not useful (besides stupid) adding the ISP's range (since the spammers will probably be windows machines using an IP from the same IP range than yours). What I did was implementing SMTP authentication, and then I can send e-amil from my e-mail client at home without my server being an open relay and without allowing the full ISP IP range to send mail through my mail server. Regards. > > > > > > ___ > > CentOS mailing list > > CentOS@centos.org > > http://lists.centos.org/mailman/listinfo/centos > > > > -- > Thank you > Indunil Jayasooriya > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos --- End of Original Message --- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postfix Questions
On Sat, May 2, 2009 at 4:36 AM, Jason Todd Slack-Moehrle wrote: > Hi All, > > I am working on setting up Postfix and I have a few questions: > > 1. mynetworks = Do I put my public static IP here? So I am hosting at > another provider on my own dedicated hardware. Do I put that machines > IP or the IP of my apartment where I want to access from? Second, do I > have to know the Ip information for my BlackBerry to work as well? > put clients ip range there. e.g mynetworks = 192.168.0.0/24 then, clinets behind postfix mail server will be able to send mail via postfix server. > 2. relaying: Obviously I dont want to be an open relay, but I do what > to send mail from my apartment and from my Blackberry. as i said the above under mynetworks, Pls add those ip ranges. then, u r done. > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > -- Thank you Indunil Jayasooriya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postfix Questions
Jason Todd Slack-Moehrle wrote: > 1. mynetworks = Do I put my public static IP here? So I am hosting > at > another provider on my own dedicated hardware. Do I put that machines > IP or the IP of my apartment where I want to access from? Second, > do I > have to know the Ip information for my BlackBerry to work as well >>> See here: >>> >> http://wiki.centos.org/HowTos/postfix >> > > This is what I am working with in section 3.1, but I am confused as t > what the right answer is. > > -Jason > Only put your private IP network addresses here, not public ones. Ian ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postfix Questions
Hi Ned, >> I am working on setting up Postfix and I have a few questions: >> >> 1. mynetworks = Do I put my public static IP here? So I am hosting >> at >> another provider on my own dedicated hardware. Do I put that machines >> IP or the IP of my apartment where I want to access from? Second, >> do I >> have to know the Ip information for my BlackBerry to work as well? >> >> 2. relaying: Obviously I dont want to be an open relay, but I do what >> to send mail from my apartment and from my Blackberry. >> >> See here: > > http://wiki.centos.org/HowTos/postfix This is what I am working with in section 3.1, but I am confused as t what the right answer is. -Jason ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postfix Questions
Jason Todd Slack-Moehrle wrote: > Hi All, > > I am working on setting up Postfix and I have a few questions: > > 1. mynetworks = Do I put my public static IP here? So I am hosting at > another provider on my own dedicated hardware. Do I put that machines > IP or the IP of my apartment where I want to access from? Second, do I > have to know the Ip information for my BlackBerry to work as well? > > 2. relaying: Obviously I dont want to be an open relay, but I do what > to send mail from my apartment and from my Blackberry. > > Ideas? > > -Jason > See here: http://wiki.centos.org/HowTos/postfix http://wiki.centos.org/HowTos/postfix_sasl ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Postfix Questions
Hi All, I am working on setting up Postfix and I have a few questions: 1. mynetworks = Do I put my public static IP here? So I am hosting at another provider on my own dedicated hardware. Do I put that machines IP or the IP of my apartment where I want to access from? Second, do I have to know the Ip information for my BlackBerry to work as well? 2. relaying: Obviously I dont want to be an open relay, but I do what to send mail from my apartment and from my Blackberry. Ideas? -Jason ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postfix Questions
On 18 September 2007, John Hinton <[EMAIL PROTECTED]> wrote: > Message: 11 > Also, we run the SpamHaus blacklist. This works pretty good for > inbound, but from time to time one of our hosting clients winds up on > the blocklist because they are on a dynamic IP and someone else has > recently used it for spamming. One could argue that my client should > then go remove their IP from the blacklist to better insure their > email actually makes it through any other level of spam filtering on > other ISPs. But, that's a rosey concept! John: That happened to us, this week. I was unable to use the SMTP on my web site for somewhere between 48-67 hours, because of Spamhaus. Apparently, this morning, when my wife powered things up, we got a clean IP address. When I went to the Spamhaus web site, it showed the IP numbers clear, but, on other lists. Supposedly, if one uses SMTP Authentication, this problem goes away. However, I have always used SMTP Authentication. I do not want to change to another web hosting ISP, because this problem might follow me. And, I've been with them for almost 6 years. Also, Spamhaus says the problem should go away, in 1 or 2 hours, and in the past that was true, but not this time. Good for you, to want to handle this in a better way for your clients! Lanny ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postfix Questions
John Hinton wrote: I've been running sendmail since the beginning of my online time. 1. Did I see that postfix can run sendmail milters? Yes but different version with varying levels of milter support. 2. If so, did I read that postfix can run these separately for inbound vs. outbound? Yes you can apply separate rules for incoming and outgoing emails if they come from separate ips or ports. 3. Can it run like a rbl blacklist on inbound and not outbound? Yes. 4. If the above is true, does this require separate configurations of postfix or is it already set to allow this out of the box? You will need to configure postfix appropriately. My reasoning... I've added a few milters which has drastically cut spam due to the extra time spent at the smtp level. For instance, running spamassassin takes a couple or few seconds. This bit of delay does in fact seem to stop many of the slamming spambots sort of like the design of milter-greylist. Except, I don't have to send a temp fail. So, this is a good thing. The negative is it also takes longer for my users to send mail as it is processed the same way during outgoing. I do not know what level of milter support is required by your milters so you may want to check them out. The latest versions of postfix will have more complete support. Also, we run the SpamHaus blacklist. This works pretty good for inbound, but from time to time one of our hosting clients winds up on the blocklist because they are on a dynamic IP and someone else has recently used it for spamming. One could argue that my client should then go remove their IP from the blacklist to better insure their email actually makes it through any other level of spam filtering on other ISPs. But, that's a rosey concept! So, I would prefer to do it at the smtp level inbound so I can actually reject that mail while not having the embarrassing blocking going on with our users. Yes, this might sound like a double standard, but we do not provide connection service so only very rarely (never so far) does any virus actually send spam through our systems from client applications and I do actually monitor email all the time and stop any spamming immediately. Sure, just make sure they use port 587 and are only allowed to have their email relayed after authentication and disable filtering rules for port 587. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Postfix Questions
I've been running sendmail since the beginning of my online time. 1. Did I see that postfix can run sendmail milters? 2. If so, did I read that postfix can run these separately for inbound vs. outbound? 3. Can it run like a rbl blacklist on inbound and not outbound? 4. If the above is true, does this require separate configurations of postfix or is it already set to allow this out of the box? My reasoning... I've added a few milters which has drastically cut spam due to the extra time spent at the smtp level. For instance, running spamassassin takes a couple or few seconds. This bit of delay does in fact seem to stop many of the slamming spambots sort of like the design of milter-greylist. Except, I don't have to send a temp fail. So, this is a good thing. The negative is it also takes longer for my users to send mail as it is processed the same way during outgoing. Also, we run the SpamHaus blacklist. This works pretty good for inbound, but from time to time one of our hosting clients winds up on the blocklist because they are on a dynamic IP and someone else has recently used it for spamming. One could argue that my client should then go remove their IP from the blacklist to better insure their email actually makes it through any other level of spam filtering on other ISPs. But, that's a rosey concept! So, I would prefer to do it at the smtp level inbound so I can actually reject that mail while not having the embarrassing blocking going on with our users. Yes, this might sound like a double standard, but we do not provide connection service so only very rarely (never so far) does any virus actually send spam through our systems from client applications and I do actually monitor email all the time and stop any spamming immediately. Thanks for any input. John Hinton with sendmail> ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
