Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Postfix pure relay server 1

Status
Not open for further replies.

scottwsx96

Technical User
Feb 14, 2011
2
US
My employer has recently decided to move from on-site Exchange to hosted Exchange. Upon review, this will be fine for all of our Outlook and Entourage users, but it will create an issue for all of the various applications and scanners that are currently configured to dump e-mail into Exchange.

The hosting company has suggested that we set up a SMTP relay that will then relay all mail it receives to their Exchange servers. After reviewing the simple SMTP server bundled with Windows Server 2003, I have found that it does not meet our needs and have instead been looking at a Linux-based solution. Postfix seems to fit the bill, at least at first glance.

Here are my requirements:

* Only allow e-mail from certain hosts to be relayed. These hosts would be the IP addresses of the various scanners and servers running applications that send mail via SMTP.
* If mail is received from an allowed host, relay it to the smarthost regardless of the target domain. Our users often use the scanners to send PDFs directly to external recipients and it would be impossible for me to know ahead of time all the target domains they might need to send to now and in the future.
* Reject any mail that does not come from a host authorized to relay.
* No local delivery of mail. This server is running on a tiny VM. I don't expect it to relay all that much mail in terms of volume, but I can't have it storing anything other than temp copies locally as we don't have the resources to constantly babysit the disk space on this server.

So, based on those requirements, I have a few questions:

* Can Postfix meet my needs?
* What directives to I need to edit to accomplish my goals?

I have tried to look at various posts I have found via search engine searches and the Postfix documentation, but everything I find for relaying seems to point to "allow relaying for the following domains", which is not exactly what I am trying to restrict.

Please note that I already have configured the Postfix installation as a "Satellite server", which was described as a pure relay to a smarthost with no local storage during the installation.

OS: Debian Linux 6.0 (Squeeze)
Postfix: 2.7.1
 
Based upon my experience with Postfix, I believe that it can meet your needs.

If you have a known set of IP addresses to which you can restrict the valid client, your authentication will be easy. By default postfix will allow relay for the addresses configured in the mynetworks parameter. You can specify your network in this range and it will restrict the relay client base.

You can specify alias maps to map individual recipients to a desired email address. This can be handy if say for example you want a scanner's address to be rewritten to a particular new email. Normally Postfix will try to deliver for the mydestinations parameter and if you leave this empty, I am pretty sure it will relay all mail. You will want to double check and be careful on this part to avoid mail loops, for example, how will you handle mail to root@localhost that some processes like generate.

You can specify the relayhost parameter with the desired smtp server and all mail (that isn't delivered locally) will be sent to that address.

Postfix has a built in sendmail compatibility function, so any application that assumes the presence of sendmail will work.
 
Alright, I have figured out the relay works if I set "mydestination =", as in equal to nothing at all.

It also seems to obey my list of IP addresses specified in the "mynetworks" directive, which I have tested by first verifying that I can receive mail generated by one of the allowed relay hosts and then removing that host's IP address from the mynetworks list and trying again.

I still would like some information on how I can stop local delivery. I have noticed that every two hours, an e-mail arrives in my main user mailbox sent by and to root@domain.com (where "domain.com" is the primary e-mail domain of our organization):

-------

This is a RAID status update from mpt-statusd. The mpt-status
program reports that one of the RAIDs changed state:


Report from /etc/init.d/mpt-statusd on $hostname

-------

Firstly, I would like to disable that as this Postfix server is just a virtual machine running on VMware ESXi 4.1 and the virtual machine is only configured with one disk. There is no RAID at all, except on the host and SAN, both of which this virtual server is not aware of, of course Secondly, I would like this server to not delivery any mail locally. Thirdly, while disabling local delivery, I would still like to avoid mail loops such as mail sent to root@domain.com or root@localhost or root@$hostname might generate.

Also, I have noticed that if I set "mydestination = domain.com, $hostname.domain.com, localhost.domain.com, localhost", the server stops relaying mail. I don't understand why. The e-mail address I am testing is my own where the domain matches the "domain.com" specified in the mydestination directive. I also tried to set the mydestination directive to "mydestination = domain.com", but it still doesn't relay the mail.

If anyone could help me sort out these last few items, it would be much appreciated.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top