mynetworks - should server IP be included ?

Matus UHLAR - fantomas uhlar at fantomas.sk
Wed Sep 20 12:38:34 CEST 2023


>On Sun, September 17, 2023 4:45 pm, Patrick Ben Koetter wrote:
>> Even simplier than that:
>> $ postconf -d mynetworks
>> mynetworks = 127.0.0.0/8 192.168.179.0/24 192.168.122.0/24 [::1]/128
>> [fd00:0:0:1::]/64 [fe80::]/64

On 20.09.23 17:11, lists at sbt.net.au wrote:
>that includes 2nd ethernet, eth1, do I need to keep 10.0.12.0/22 ?
>
># postconf -d mynetworks
>mynetworks = 127.0.0.0/8 103.106.168.104/29 10.0.12.0/22 [::1]/128
>[fe80::]/64
>
>eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>        inet 10.0.12.3  netmask 255.255.252.0  broadcast 10.0.15.255
>        inet6 fe80::5054:ff:fe62:28c2  prefixlen 64  scopeid 0x20<link>
>        ether 52:54:00:62:28:c2  txqueuelen 1000  (Ethernet)
>        RX packets 78  bytes 5460 (5.3 KiB)
>        RX errors 0  dropped 0  overruns 0  frame 0
>        TX packets 10  bytes 712 (712.0 B)
>        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

You usually need put IP addresses to mynetworks to get special treatment for 
those IP addresses. 

For postfix you allow unauthenticated relaying from those addresses.

for amavis, it allows e.g. DKIM signing.

adding local IP address, in your case 10.0.12.3 should be fine.
other IP addresses you usually need when your clients send mail without 
authentication.

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Emacs is a complicated operating system without good text editor.


More information about the amavis-users mailing list