Open relay from localhost and other questions
Robert Moskowitz
rgm at htt-consult.com
Mon Apr 24 16:49:29 CEST 2017
On 04/22/2017 08:14 AM, Dominic Raferd wrote:
>
>
> On 22 April 2017 at 00:00, Benny Pedersen <me at junc.eu
> <mailto:me at junc.eu>> wrote:
>
> Robert Moskowitz skrev den 2017-04-21 21:16:
>
> Been doing some research. mynetworks should stop the
> localhost from
> seeming like an Open relay. I don't have this problem on my old
> production server. I am researching it.
>
>
> If mynetworks is undefined then it takes its value according to
> mynetworks_style and the default for this setting changed for Postfix
> 3.0 - see http://www.postfix.org/postconf.5.html#mynetworks_style.
> Perhaps this could explain the difference you are seeing.
>
> However external authenticated senders are not local (and I don't
> trust any non-authenticated senders outside the host) so in such a
> case the message from amavis is correct ('Nonlocal recips but not
> originating') while the warning ('Open relay?') is unnecessary.
Well, no mynetworks_style in either postfix, and both are < 3 (2.6 and
2.10) so it defaults to subnet, even though in postfix, I DO have a
postfix mynetworks:
config_directory = /etc/postfix
mynetworks = $config_directory/mynetworks
# cat /etc/postfix/mynetworks
# This specifies the list of subnets that Postfix considers as
# "trusted" SMTP clients that have more privileges than "strangers".
#
# In particular, "trusted" SMTP clients are allowed to relay mail
# through Postfix.
#
# Be sure to add your public ip address block if needed.
#
192.168.0.0/16
10.0.0.0/8
127.0.0.0/8
But this shouldn't be the problem, as the mail is originating from
'host' in these tests.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20170424/0725e521/attachment.html>
More information about the amavis-users
mailing list