Re: relay server - allow connections from DSL with dynamic IP

Sun, 29 May 2016 21:29:47 -0700 

Hey Zalezny,

I have a similar setup where my local machine has a dynamic IP and needs
to relay mail through an external SMTP server (smtp.zoho.com) to deliver
anything outside. I have the following (relevant) configuration for this
on my local Postfix instance:

  # /etc/postfix/main.cf
  inet_interfaces = all # receive mail from everywhere

  smtpd_sasl_auth_enable = yes
  smtpd_relay_restrictions =
    reject_unauth_pipelining,
    reject_non_fqdn_recipient,
    reject_unknown_recipient_domain,
    permit_auth_destination,
    permit_sasl_authenticated,
    reject

  smtp_sasl_auth_enable = yes
  smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
  smtp_sasl_security_options = noanonymous
  smtp_sasl_tls_security_options = noanonymous
  relayhost = [smtp.zoho.com]:587

Apart from this I have the following sasl configuration (to use sasldb):

  # /etc/sasl2/smtpd.conf
  pwcheck_method: auxprop
  auxprop_plugin: sasldb
  mech_list: plain login

I used saslpasswd2 to create users, I had to run the following command
to get postfix to read the sasldb users:

  chown 0:postfix /etc/sasldb2

With the above configuration, my local machine is able to receive mail
for itself, and any other mail is relayed through the relayhost ONLY if
the client is SASL authenticated.

You don't need to put anything to configure a domain if your FROM header
includes the full email including the domain.

On Sunday 29 May 2016 08:09 PM, Zalezny Niezalezny wrote:
> hi,
> 
> my local MTA using DSL with dynamic IP address so I need to forward my
> messages to some external relay server with static IP.
> 
> Unfortunately I`m not able to setup, my dynamic IP on the relay server
> in the network_table (or in the mynetworks). Base on the (ONLY) username
> and password (SASL) I would like to permit any external host to relay
> any messages. Is it possible ?
> 
> If my local MTA sending message to relay server, with
> From: [email protected] <mailto:[email protected]>
> 
> do I need to configure "domainexample.com <http://domainexample.com>"
> somewhere in the postfix ?
> 
> I have all the time problem with "access relay denied"...
> 
> Maybe somebody will be able to support me here.
> 
> 
> With kind regards
> 
> Zalezny
> 
> 
> 
>

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to