Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Relay to 100's of domains...

Status
Not open for further replies.
siberian

siberian

Programmer
Sep 27, 2003
1,295
US
I can easily get postfix to relay to a list of domains using the 'relay_domains' parameter. The problem we have is that we have literally hundreds of domains that are in a constant state of flux.

Managing that list is a real pain. What we would like to do is tell postfix 'only relay if the DESTINATION DOMAIN NAME resolves into an IP address in this list'.

Then we would just have to put the external IP of the domain name into that list.

So for example

mailserver.example.com -> 128.242.110.163 (postfix)
example.com -> 128.242.110.162 (public)

user@example.com goes to mx ip of mailserver.example.com.

mailserver.example.com checks the domain(example.com), gets its ip (128.242.110.162), checks a list for that IP and if its present allows the relay.

This seems like it would allow proper inbound relaying and prevent unauthorized relaying without maintaining nightmare lists.

Anyone have any ideas?

Thanks!
 
Sort by date Sort by votes
I'd recommend putting your relay_domains in mysql, then you can construct the query for valid relaying to take into account criteria you can put in the DB.
 
Upvote 0 Downvote
Still have to do domain maintance on that it sounds like since postfix will only pass the domain name and not the IP address?

 
Upvote 0 Downvote
Yes but i have to put in each domain since transport_maps takes this form:

domain smtp:[ho.st.na.me] 1
domain smtp:[ip.ad.dr.es] 2

Can I wildcard 'domain'?

 
Upvote 0 Downvote
You must be maintaining a list of these IPs to relay somewhere. My advice would be to make a mysql table be the authoritative reference and the place that you maintain all these IP addresses. You can then use a mysql map in postfix for your relay domains, then generate whatever DNS or IP list you need from the database also. You'll only be maintaining the list in one place, but you'll have much better functionality and flexibility.
 
Upvote 0 Downvote
The ip address is constant.

I have 200 vitual domains (fluxing a few a month in and out) that all need to relay to one server.

These domains are maintained by the MTA as static text files.

Yes, I can write a perl script that goes out, reads the file and updates mysql or the maps on a regular basis but thats no fun.

I'd much rather just say 'Mail to any domain that terminates at a specific IP address gets relayed through. Others are bounced.'

So its just a maintenance issue for me. Map file or sql, same work to get the data and syncronize it. I try to reduce sync stuff as much as possible, its a weak link :(
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

JeffinTx
  • Locked
  • Question
Selective relay with Alias
Replies
0
Views
281
JeffinTx
JeffinTx
BJZeak
  • Locked
  • Question
Looking to understand the feasibility of creating a SEND only POSTFIX solution for an IOT (pi) ctrlr
Replies
0
Views
266
BJZeak
BJZeak
Norbert Schmidt
  • Locked
  • Question
forward external mail to other external domain fails because of SPF checks
Replies
0
Views
266
Norbert Schmidt
Norbert Schmidt
kwickcut
  • Locked
  • Question
Temporary MTA failure on relaying, From MTA() during fwd-connect (No greeting, dt: 1.005 s)
Replies
1
Views
314
kwickcut
kwickcut
mcisar
  • Locked
  • Question
Controlling IP of outbound mail
Replies
0
Views
266
mcisar
mcisar

Part and Inventory Search

Sponsor

Back
Top