[pfx] Re: sending email to FQDN address without DNS

Thu, 11 Jul 2024 18:45:48 -0700 

On Thu, Jul 11, 2024 at 05:53:04PM +0100, Adam Weremczuk via Postfix-users 
wrote:

> I have a highly isolated host (e.g. most outgoing traffic blocked, no DNS)
> but I would like to use Postfix on that host to send certain emails to a
> single address exam...@example.com.
> 
> I've already allowed 25 TCP traffic to the email server of example.com,
> which is normally sufficient.

Is the IP address of that MX host sufficiently stable over the time
horizon of this arrangement?  How do you plan to maintain the
correctness of the firewall rule(s)?  Is there just one MX host,
or do you need to be able to try more than one in case one is down?

> How about telling Postfix that this server is the MX record of example.com?

For just one MX host, per Ralph's response below, you'd use the
transport table, something along the lines of:

    main.cf:
        transport_maps = inline:{{ example.com = smtp:[192.0.2.1] }}

Since you have no DNS, presumably in addition to not being able to
resolve MX records, you can't resolve the IP addresses either, hence
the explicit IP address above...

Wietse suggests falling back to "native" lookups, which allows you to
replace the literal IP address with hostnames from "/etc/hosts".  In
particular, you can just give the domain "example.com" the IP addresses
of its MX hosts:

    /etc/host.conf
        multi on

    /etc/hosts:
        192.0.2.1   example.com
        192.0.2.2   example.com
        ...

Which supports trying more than one IP address (chosen randomly from
that list, which is correct if the MX hosts for the domain have equal
priorities).

But, another option, which I'd prefer whenever possible, is to route the
messages via a relay host that does have DNS.

    main.cf:
        # Punt external mail to a relay that can do DNS
        default_transport = smtp:[192.0.2.1]

On Thu, Jul 11, 2024 at 07:01:13PM +0200, Ralph Seichter via Postfix-users 
wrote:
> 
> You can use Postfix a transport table to direct mail for specific
> addresses or domains to designated targets, as shown in the examples of
> the following documentation page:
> 
>   https://www.postfix.org/transport.5.html

On Thu, Jul 11, 2024 at 02:49:55PM -0400, Wietse Venema via Postfix-users wrote:
> With 
> 
>     main.cf:
>         disable_dns_lookups = yes
>         smtp_host_lookup = native
> 
> the Postfix SMTP client will usually look in /etc/hosts.

-- 
    Viktor.

_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

Reply via email to