Re: qmail ONLY selectively receiving mail from outside
Ashe Coutts <[EMAIL PROTECTED]> wrote: > > The system "works" but will not receive mail from outside the select few I > list in the /etc/hosts.allow file. Others have replied with correct information as well, but this is the crux of your problem. To receive mail from the net at large, you have to accept connections from the net at large. Relaying is another matter entirely. qmail will relay (in a normal setup) only when the RELAYCLIENT environment variable is set. So what you want to do is accept connections from any IP address, and conditionally set this variable to an empty value for only those IP addresses you wish to allow to relay. The easiest way to do this is to run qmail-smtpd from tcpserver instead of inetd/xinetd. If you use this configuration, you're also much more likely to be able to find help/user-contributed documentation that applies to your setup. Charles -- --- Charles Cazabon<[EMAIL PROTECTED]> GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: qmail ONLY selectively receiving mail from outside
On Mon, Jun 04, 2001 at 03:11:36PM -0700, Ashe Coutts wrote: > I have set up a qmail system (RedHat linux 7.1, kernel 2.4.5, xinetd, > qmail 1.03 RPMs, U of Wash pop3 and imap, etc.). with a domain name of > sbcacademy.org (machine name mail.sbcacademy.org) with the following > configuration files: > > === start /var/qmail/control/rcpthosts > localhost > sbcacademy.org > mail.sbcacademy.org > === end /var/qmail/control/rcpthosts > > === start excerpt from /etc/hosts.allow > ### The qmail outgoing/retrieval stuff > ipop3d, imapd : ALL > > ### The qmail selective relaying stuff > tcp-env : xx.yy.zz.: setenv RELAYCLIENT > tcp-env : aa.bb.cc.dd : setenv RELAYCLIENT > tcp-env : localhost : setenv RELAYCLIENT > === end excerpt from /etc/hosts.allow > > The system "works" but will not receive mail from outside the select > few I > list in the /etc/hosts.allow file. > > I think I now understand what is going on but not why. > SNIP Don't set RELAYCLIENT for anyone but hosts you can explicitly trust. hosts.allow (if you insist on using inetd/xinetd) should be configured to _allow_ connections from anywhere, but only to set RELAYCLIENT for hosts you should relay for. Most definitely you do _not_ want to allow relay to hotmail. ;) To set this up under inetd/xinetd, consult the man pages for their respective programs. You might be better off to avoid inetd/xinetd altogether, and use tcpserver instead. Great instructions for qmail & tcpserver can be found in Life With Qmail (aka LWQ) at: http://www.lifewithqmail.org/ HTH, -- Greg White
Re: qmail ONLY selectively receiving mail from outside
what you want to do is allow all incoming connections (i.e. don't have your /etc/hosts.allow & /etc/hosts.deny setup to drop all miscellaneous smtp connections) on port 25. if you only set RELAYCLIENT for the ip's you want, qmail will handle rejecing the emails. make sense? On Mon, 4 Jun 2001, Ashe Coutts wrote: > I have set up a qmail system (RedHat linux 7.1, kernel 2.4.5, xinetd, qmail > 1.03 RPMs, U of Wash pop3 and imap, etc.). with a domain name of > sbcacademy.org (machine name mail.sbcacademy.org) with the > following configuration files: > > > === start /var/qmail/control/rcpthosts > > localhost > > sbcacademy.org > > mail.sbcacademy.org > > === end /var/qmail/control/rcpthosts > > > === start excerpt from /etc/hosts.allow > > ### The qmail outgoing/retrieval stuff > > ipop3d, imapd : ALL > > > Courier New### The qmail selective relaying stuff > > tcp-env : xx.yy.zz.: setenv RELAYCLIENT > > tcp-env : aa.bb.cc.dd : setenv RELAYCLIENT > > tcp-env : localhost : setenv RELAYCLIENT > > === end excerpt from /etc/hosts.allow Arial > > > The system "works" but will not receive mail from outside the select few I > > list in the /etc/hosts.allow file. > > > I think I now understand what is going on but not why. > > > I can appreciate that relaying is a bad idea but fail to see how to > > set up the qmail so anyone can at least send mail to a user on > > the qmail system. Receiving from anywhere would be our problem > > and would not be relaying anything beyond us. > > > As is, ONLY mail coming from our system (xx.yy.zz.) or our county > > education email server (aa.bb.cc.dd) is received. > > > In testing from an outside hotmail account I was seeing the following in > > /var/log/messages: > > > Courier New=== Start excerpt from >/var/log/messages = > > Jun 4 09:13:19 mail xinetd[492]: refused connect from > > 209.185.241.98 > > Jun 4 09:19:57 mail xinetd[492]: refused connect from > > 209.185.241.80 > > === End from /var/log/messages = > > > ArialSo I entered this next line in >/etc/hosts.allow: > > "tcp-env : 209.185.241. : setenv RELAYCLIENT" > > and viola - in comes a message from the hotmail account to one of > > our users. > > > I want qmail to accept email from other email users/systems in the world > > as other email systems I've set up do WITHOUT having to explicitly enter > > every email system I want to receive mail from. > > > Can qmail allow for this and still prevent relay abuse or are the two > somehow tied together?? > > > I have read what I could on the lists regarding what I'm trying to > accomplish (FAQ, "The qmail newbie's guide to relaying", "Selective > relaing with tcpserver and qmail-smtpd", etc.) and realize that this topic is > almost a dead horse BUT I'm still unable to understand what is required to > do what I wish so thanks in advance to any suggestions and/or > recommendations any of you may offer. > > > > "Experience is not what happens to you, it > is what you do with what happens to you" >-- Aldous Huxley (1894-1963) > >Ashe Coutts ([EMAIL PROTECTED]) >805.963.4338 Ext 300 >Fax 805.884.1557 >
qmail ONLY selectively receiving mail from outside
I have set up a qmail system (RedHat linux 7.1, kernel 2.4.5, xinetd, qmail 1.03 RPMs, U of Wash pop3 and imap, etc.). with a domain name of sbcacademy.org (machine name mail.sbcacademy.org) with the following configuration files: === start /var/qmail/control/rcpthosts localhost sbcacademy.org mail.sbcacademy.org === end /var/qmail/control/rcpthosts === start excerpt from /etc/hosts.allow ### The qmail outgoing/retrieval stuff ipop3d, imapd : ALL ### The qmail selective relaying stuff tcp-env : xx.yy.zz.: setenv RELAYCLIENT tcp-env : aa.bb.cc.dd : setenv RELAYCLIENT tcp-env : localhost : setenv RELAYCLIENT === end excerpt from /etc/hosts.allow The system "works" but will not receive mail from outside the select few I list in the /etc/hosts.allow file. I think I now understand what is going on but not why. I can appreciate that relaying is a bad idea but fail to see how to set up the qmail so anyone can at least send mail to a user on the qmail system. Receiving from anywhere would be our problem and would not be relaying anything beyond us. As is, ONLY mail coming from our system (xx.yy.zz.) or our county education email server (aa.bb.cc.dd) is received. In testing from an outside hotmail account I was seeing the following in /var/log/messages: === Start excerpt from /var/log/messages = Jun 4 09:13:19 mail xinetd[492]: refused connect from 209.185.241.98 Jun 4 09:19:57 mail xinetd[492]: refused connect from 209.185.241.80 === End from /var/log/messages = So I entered this next line in /etc/hosts.allow: "tcp-env : 209.185.241. : setenv RELAYCLIENT" and viola - in comes a message from the hotmail account to one of our users. I want qmail to accept email from other email users/systems in the world as other email systems I've set up do WITHOUT having to explicitly enter every email system I want to receive mail from. Can qmail allow for this and still prevent relay abuse or are the two somehow tied together?? I have read what I could on the lists regarding what I'm trying to accomplish (FAQ, "The qmail newbie's guide to relaying", "Selective relaing with tcpserver and qmail-smtpd", etc.) and realize that this topic is almost a dead horse BUT I'm still unable to understand what is required to do what I wish so thanks in advance to any suggestions and/or recommendations any of you may offer. "Experience is not what happens to you, it is what you do with what happens to you" -- Aldous Huxley (1894-1963) Ashe Coutts ([EMAIL PROTECTED]) 805.963.4338 Ext 300 Fax 805.884.1557
