Re: [CentOS] restricting mails from "mail" command to specific domains only in postfix
Hi, I'm not very familiar with postfix. I think you have to set "relayhost = ip or host name of CentOS relayin server" parameter in 5 Linux servers which are relaying there's mails via CentOS server. Try this. Thanks Joshua Gimer wrote: On Thu, Jan 1, 2009 at 4:26 AM, ankush grover wrote: Hi Friends, I have configured Postfix mail server on Centos for relaying mails from 5 linux servers (including itself) within the same LAN. The postfix mail server should relay mails from these 5 linux servers for specific domains only. For example hosts 192.168.0.23/24/25/26/27 and the postfix mail server should only be able to receive and send mails from and to example.com,example2.com and example3.com domains only. Below is the configuration of the postfix mail server myhostname = test.example.com myorigin = $mydomain inet_interfaces = all mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mynetworks_style = subnet mynetworks = 192.168.0.23/32,192.168.0.24/32,192.168.0.25/32,127.0.0.1/32,192.168.0.26/32,192.168.0.27/32 ,relay_domains = $mydestination,example.com,example2.com,example3.com smtpd_recipient_restrictions = reject_unauth_destination,permit_mynetworks,reject The issue I am facing is that whenever things are working fine when I check the things through telnet but when I do testing through command line through "mail" command I am able to send mails to any domain from these 5 servers. bash-2.05$ telnet test.example.com 25 Trying 192.168.0.27... Connected to test. Escape character is '^]'. 220 test.example.com ESMTP Postfix (2.2.5) mail from:ankush.gro...@example.com 250 Ok 501 Syntax: RCPT TO: rcpt to:ank...@gmail.com 554 : Relay access denied How can I restrict mails even going through "mail" command from these 5 servers to specific domains only. These 5 servers are running some cronjobs and these cronjobs output it mailed through "mail" command. Regards Ankush ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos If you are using sendmail as the local MTA on these 5 systems (default) did you change your smarthost configuration to forward mail through your postfix mail relay? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Test - please ignore
Anne signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Test - please ignore
Anne Wilson wrote: > Hi, Welcome to CentOS. What can we do you for? Regards, Vandaman. --- Your average reporting time for spam is: 5 hours; Great! noob detector -> 3 noobs top posting. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Test - please ignore
On Friday 02 January 2009 13:04:45 Vandaman wrote: > Anne Wilson wrote: > > > > Hi, > > Welcome to CentOS. What can we do you for? > Hi, Vandaman. I had just made changes to my procmail system and needed a test. CentOS is the last filter, so if that worked correctly I knew I was OK. Sorry to have bothered you all. Anne signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ls network address traslation different in centos?
On Friday 02 January 2009 00:16, Kenneth Burgener wrote: > On 1/1/2009 8:13 PM, Robert Spangler wrote: > > Your rules are in need of help. > > First off I am not even sure what you are doing will work, i.e.; > > > > --append or --table > > > > These are written as '-A' and '-t' > > --append and --table are legal syntax... > > # man iptables > > -t, --table table >This option specifies the packet matching table which the command > should operate on. If the... > > -A, --append chain rule-specification >Append one or more rules to the end of the selected chain. When the > source and/or destination... Shorthand I find the best. Thnx for the clarification on this. -- Regards Robert Linux User #296285 http://counter.li.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ls network address traslation different in centos?
On Thu, Jan 01, 2009 at 10:13:55PM -0500, Robert Spangler wrote: > Your rules are in need of help. > First off I am not even sure what you are doing will work, i.e.; > > --append or --table > > These are written as '-A' and '-t' Hi Bob, just fyi "--table" and "--append" are both documented in the man page for iptables so they "should" work just as well as "-A" and -t". I admit, I only use the short forms myself. :-) Jeff Kinz -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Test - please ignore
Anne Wilson a écrit : > On Friday 02 January 2009 13:04:45 Vandaman wrote: >> Anne Wilson wrote: >>> >> Hi, >> >> Welcome to CentOS. What can we do you for? >> > Hi, Vandaman. I had just made changes to my procmail system and needed a > test. CentOS is the last filter, so if that worked correctly I knew I was > OK. > Sorry to have bothered you all. > but that was a lazy test, wasn't it? instead of "Test - please ignore", you could have said "Happy ymas" (or the like) and nobody would have known that you were testing :) best wishes and all that stuff... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Test - please ignore
On Friday 02 January 2009 22:28:50 mouss wrote: > Anne Wilson a écrit : > > On Friday 02 January 2009 13:04:45 Vandaman wrote: > >> Anne Wilson wrote: > >>> > >> > >> Hi, > >> > >> Welcome to CentOS. What can we do you for? > > > > Hi, Vandaman. I had just made changes to my procmail system and needed a > > test. CentOS is the last filter, so if that worked correctly I knew I > > was OK. Sorry to have bothered you all. > > but that was a lazy test, wasn't it? instead of "Test - please ignore", > you could have said "Happy ymas" (or the like) and nobody would have > known that you were testing :) > > best wishes and all that stuff... > :-) Yup - all that stuff to you too :-) Anne signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] restricting mails from "mail" command to specific domains only in postfix
ankush grover a écrit : > Hi Friends, > > I have configured Postfix mail server on Centos for relaying mails > from 5 linux servers (including itself) within the same LAN. The > postfix mail server should relay mails from these 5 linux servers for > specific domains only. For example hosts 192.168.0.23/24/25/26/27 and > the postfix mail server should only be able to receive and send mails > from and to example.com,example2.com and example3.com domains only. > Below is the configuration of the postfix mail server > > myhostname = test.example.com > myorigin = $mydomain > inet_interfaces = all > mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain > mynetworks_style = subnet > mynetworks = > 192.168.0.23/32,192.168.0.24/32,192.168.0.25/32,127.0.0.1/32,192.168.0.26/32,192.168.0.27/32 > ,relay_domains = $mydestination,example.com,example2.com,example3.com > smtpd_recipient_restrictions = > reject_unauth_destination,permit_mynetworks,reject > > > The issue I am facing is that whenever things are working fine when I > check the things through telnet but when I do testing through command > line through "mail" command I am able to send mails to any domain from > these 5 servers. > > bash-2.05$ telnet test.example.com 25 > Trying 192.168.0.27... > Connected to test. > Escape character is '^]'. > 220 test.example.com ESMTP Postfix (2.2.5) > mail from:ankush.gro...@example.com > 250 Ok > 501 Syntax: RCPT TO: > rcpt to:ank...@gmail.com > 554 : Relay access denied > > > How can I restrict mails even going through "mail" command from these > 5 servers to specific domains only. These 5 servers are running some > cronjobs and these cronjobs output it mailed through "mail" command. > > smtpd_*_restrictions apply to mail submitted via SMTP (which is the case if you use telnet or if mail is received from a remote machine). but mail submitted via the sendmail command (which is the case when you use the 'mail' command) is not subject to these restrictions. in short, with your current config, you have what you want except for mail submitted via a sendmail on the relay itself. do you really want to restrict the latter? unless you are using selinux or the like to prevent other programs from connecting to the network, a program can simply connect directly to outside. if you insist, then force mail to be passed to an smtpd using "-o content_filter" in master.cf: pickup -o content_filter=relay:[127.0.0.1]:25 with this, mail received via the sendmail command will be passed to 127.0.0.1 port 25 and you get what you want. but there is a caveat here: if after being received on port 25, the message is reinjected using the sendmail command (say from a content filter or from maildrop/procmail/whatever), then it will go to 127.0.0.1:25 again, and so on. and at sometime, you'll get an infinite loop error message (which won't loop, because internal messages are not subject to content_filter!) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Upgrade from 4.7 to 5.2 problem with udev and ssl
Have got things finally straigtened out with this upgrade however, there is one little thing. On boot up or shutdown, as everything is starting or shutting down, my monitor blanks momentarily. Three or four things may have started or stopped before the monitor comes back. Is this a new feature? Its kind of annoying. TIA ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] restricting mails from "mail" command to specific domains only in postfix
On Sat, Jan 3, 2009 at 5:07 AM, mouss wrote: > ankush grover a écrit : >> Hi Friends, >> >> I have configured Postfix mail server on Centos for relaying mails >> from 5 linux servers (including itself) within the same LAN. The >> postfix mail server should relay mails from these 5 linux servers for >> specific domains only. For example hosts 192.168.0.23/24/25/26/27 and >> the postfix mail server should only be able to receive and send mails >> from and to example.com,example2.com and example3.com domains only. >> Below is the configuration of the postfix mail server >> >> myhostname = test.example.com >> myorigin = $mydomain >> inet_interfaces = all >> mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain >> mynetworks_style = subnet >> mynetworks = >> 192.168.0.23/32,192.168.0.24/32,192.168.0.25/32,127.0.0.1/32,192.168.0.26/32,192.168.0.27/32 >> ,relay_domains = $mydestination,example.com,example2.com,example3.com >> smtpd_recipient_restrictions = >> reject_unauth_destination,permit_mynetworks,reject >> >> >> The issue I am facing is that whenever things are working fine when I >> check the things through telnet but when I do testing through command >> line through "mail" command I am able to send mails to any domain from >> these 5 servers. >> >> bash-2.05$ telnet test.example.com 25 >> Trying 192.168.0.27... >> Connected to test. >> Escape character is '^]'. >> 220 test.example.com ESMTP Postfix (2.2.5) >> mail from:ankush.gro...@example.com >> 250 Ok >> 501 Syntax: RCPT TO: >> rcpt to:ank...@gmail.com >> 554 : Relay access denied >> >> >> How can I restrict mails even going through "mail" command from these >> 5 servers to specific domains only. These 5 servers are running some >> cronjobs and these cronjobs output it mailed through "mail" command. >> >> > > smtpd_*_restrictions apply to mail submitted via SMTP (which is the case > if you use telnet or if mail is received from a remote machine). but > mail submitted via the sendmail command (which is the case when you use > the 'mail' command) is not subject to these restrictions. > Seems so. > in short, with your current config, you have what you want except for > mail submitted via a sendmail on the relay itself. > The issue was on one of the linux server the relay host was not defined in sendmail and I was testing the mail configuration that server. Anyway now mails from other domains are getting denied from all the 5 servers and only thing left is how to restrict mails from the relay host (postfix mail server). Mouss has given a good example and I will try that. Thanks to all of you for helping me out :) Regards Ankush ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Issue with package-cleanup --oldkernels with PAE kernel
I'm not sure if this is a bug, known issue, feature, etc. On my CentOS systems with the PAE kernel installed, package-cleanup behaves as follows: # rpm -q kernel package kernel is not installed # rpm -q kernel-PAE kernel-PAE-2.6.18-92.1.13.el5 kernel-PAE-2.6.18-92.1.18.el5 kernel-PAE-2.6.18-92.1.22.el5 # uname -r 2.6.18-92.1.22.el5PAE # package-cleanup --oldkernels --count 2 Setting up yum Error all kernel rpms are set to be removed Has anyone else seen this? Is this expected behavior or a (known) bug? Alfred ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
