Page 1 of 1
smtpd.cfg Question
Posted: Thu Oct 13, 2005 10:01 pm
by smmoore
I have a question about some of the options in smtpd.cfg file. I am attempting to use two ip addresses one with just scalix on port 587.
172.16.1.100:25
127.0.0.1:25
172.16.1.101:587
101 will only accept authenticated requests, 100 will accept any but only with the recpient being *@domain.com. So below is the part of the smtpd.cfg file
LISTEN_PORT=587
ANONYMOUS Log_Reject 172.16.1.101
RECIPIENT accept *@domain.com
RELAY Log_Reject ALL
This does not yield what I am describing and I always get denied by spam list no matter if I am trying to open relay (which is what I want blocked on 101) or send to domain.com which is what scalix handles.
Any/all help appreciated.
Thanks,
Shawn
Posted: Fri Oct 14, 2005 10:38 am
by ScalixSupport
Code: Select all
LISTEN_PORT=587
ANONYMOUS Log_Reject 172.16.1.101
RECIPIENT accept *@domain.com
RELAY Log_Reject ALLDo you have any RELAY accept rules ? The config you have above will reject
all relay attempts. The rules are also processed in a first-match fashion.
If this is an edited version, can you post the full one (minus the comments and edited for privacy).
Cheers
Dave
Posted: Fri Oct 14, 2005 11:20 am
by smmoore
Here is the full smptd.cfg ommiting all # lines
EXTENSIONS=AUTH,DSN,8BITMIME
LISTEN_PORT=587
ANONYMOUS Log_Reject 172.16.1.101
RECIPIENT accept *@domain.com
RELAY Log_Reject ALL
RECIPIENT Log_Reject *@*@*
RECIPIENT Log_Reject *%*
RECIPIENT Log_Reject *!*
I would like for 172.16.1.100 to only accept mail destined to *@domain.com which is the reason I have
RECIPIENT accept *@domain.com
Would it work to do
RELAY RECIPIENT accept *@domain.com
Thanks,
Shawn
Posted: Fri Oct 14, 2005 11:35 am
by ScalixSupport
smmoore wrote:Would it work to do
RELAY RECIPIENT accept *@domain.com
The rule would be:
Code: Select all
RELAY accept domain.com
RELAY accept .domain.comThis accepts everything in domain.com or a sub-domain of domain.com that does not match with a directory entry in the SYSTEM directory.
Again, make sure that you place this above any reject rules.
Cheers
Dave
Posted: Fri Oct 14, 2005 12:47 pm
by smmoore
Code: Select all
LISTEN_PORT=587
ANONYMOUS Log_Reject 172.16.1.101 # This would stop clients and SWA from relaying without authenticating
RELAY accept domain.com # This would allow all mail coming in to be accepted to domain.com
RELAY accept 172.16.1.101 # This would allow a person coming in on 101 to relay because they would not get to this rule had they not authenticed
RELAY Log_Reject ALL So would that yield what I want where I would have people using SWA or a client to send to 172.16.1.101 and that would be able to relay and then have incoming smtp from the net only accept mail on 172.16.1.100 for domain.com ??
Thanks
Posted: Fri Oct 14, 2005 12:51 pm
by ScalixSupport
Yes. It would (and matches what I am using at home).
There isn't any need to add the Relay accept 172.16.1.101 line because an authenticated connection is implicitly allowed to relay ( given that we know who they are ).
Cheers
Dave
Posted: Fri Oct 14, 2005 1:03 pm
by smmoore
Thanks Dave, I'll give this a try when I get home. If you remember/know me I hope you didn't think I was asking these questions for the college. This is for me at home with the community edition.
Thanks again
Posted: Tue Nov 22, 2005 3:24 pm
by caribk
got a related question for SWA outgoing mail.
we have the following setup: internal scalix server (not yet in production) and an external posfix-based smarthost mail relay server.
mail routing works fine for the most part.. spamassassin and clamav is setup with milters and everything works fine. sendmail has the external server as a smarthost but locally delivers mail for the primary domain. SMPTP relay is also setup on 587.
the problem, or more an annoyance during testing, is that all outgoing mail submitted through SWA is *always* routed to the smarthost (which currently means that it is then routed to a different non-Scalix mbox) instead of locally delivered. when testing sendmail on the command line, mail submitted to the local primary domain gets send to scalix, so i know that routing works.
in addition, at first I thought that the problem lied with the SMTP relay so i changed the partner.xml to submit mail directly to sendmail instead of on poert 587 through the relay, as well as checked the audit logs. the SMTP relay hands the mail over to sendmail, but it's still relayed to the smarthost (i assume passed back to SMTP relay again) when sent from SWA.
i have the appropriate RELAY accept domain.com as well as RELAY accept xx.xxx.xx.xx (local ip/subnets) in there.
my question the is, how do I get SWA to deliver locally in this situation? i thought that adding a SUBMIT or RECIPIENT accept line *before* the RELAY lines in smtpd.cfg would do the trick, but nothing change.
like i said, mail routing work but i just want to figure out why this is ony happening through SWA, even when it is submitting outgoing mail through sendmail and sendmail from the command-line delivers directly.
Modify swa.email.smtpServer in swa.properties
Posted: Thu Jan 04, 2007 1:20 am
by deyjvu
Try modifying the swa.email.smtpServer to include at the end of the servername the port you have configured for LISTEN_PORT i.e. " :587 "
NOTE: At version 11 the LISTEN_PORT is disabled and it is now just LISTEN - just found this in another post on the Forum.