Hello:
I have a production mail / web server for a couple very low volume
domains. (CentOS 6.4, apache, postfix) I have a production exchange
server for another small domain. I want to set the CentOS server up to
serve mail to its current clients as well as act as a gateway for
content filtering for the Exchange server. I set up a lab server to test
configurations and have everything working well. I've transferred the
set up to the production CentOS server and everything seems to work.
I have two DSL connections, each with its own router and static IP. Each
router has a pinhole configured to forward traffic on port 25 to one of
the two servers. While testing, I could change the IP address for the
pinhole configured on the Exchange server's router to the lab server and
mail traffic would flow to the lab server. It would serve mail to its
own clients as well as except mail for the exchange server and relay it
after filtering. Now when I try to configure the pinholes of both
routers to send port 25 to the CentOS production server, mail from one
router continues to flow but the other does not. When I try to telnet
into the server through the one router's IP, it times out.
Firewall issues and other non-postfix related trouble aside, is there
any reason this shouldn't work?
Inet_interface is set to all. Proxy address is set to the two static IPs
Postconf -n below
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 0
mydestination =
mydomain = smila.net
myhostname = mail.smila.net
mynetworks = 127.0.0.0/8, 192.168.0.0/24
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases.postfix
proxy_interfaces = 74.169.65.249, 68.153.211.65
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf
relay_recipient_maps = hash:/etc/postfix/relay_recipients
relayhost = 192.168.0.5:25
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_enforce_tls = no
smtp_tls_security_level = may
smtp_use_tls = yes
smtpd_client_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_pipelining,
reject_rbl_client sbl-xbl.spamhaus.org permit
smtpd_delay_reject = yes
smtpd_enforce_tls = no
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_pipelining, permit
smtpd_recipient_restrictions = reject_non_fqdn_recipient,
permit_auth_destination, reject_unauth_destination,
reject_unknown_recipient_domain, reject
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noplaintext, noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_non_fqdn_sender,
reject_unknown_sender_domain, permit
smtpd_tls_cert_file = /etc/postfix/certs/cert.pem
smtpd_tls_key_file = /etc/postfix/certs/key.pem
smtpd_tls_security_level = may
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains =
mysql:/etc/postfix/mysql_virtual_mailbox_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_transport = dovecot
virtual_uid_maps = static:5000
master.conf
smtp inet n - n - 20 smtpd
-o smtpd_proxy_filter=127.0.0.1:10024
-o smtpd_client_connection_count_limit=10
-o smtpd_proxy_timeout=300s
-o smtpd_proxy_options=speed_adjust
submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
dovecot unix - n n - - pipe flags=DRhu
user=vmail:vmail argv=/usr/libexec/dovecot/deliver -d ${recipient}
#
