Hi all,
I was wondering how to only accept mail from specific mailserver.
I think I have to edit the smtpd.cfg and then restart the smtpd service.
What I would add (I don't have any Accept lines right now) is an "Accept <ip-allowd-server>" line, but I don't really know if that would do the trick.
And if I have the Accept line can I than clear the Relay lines or do I have to switch the order (first accept than relay)?
Hope someone can tell me how this config-file works.
Regards,
Joost.
Howto only accept mail from specific mailserver
Moderator: ScalixSupport
-
joaster
- Posts: 101
- Joined: Wed Aug 02, 2006 9:08 am
), but you should be able to do something like deny *, accept <ip>
-
joaster
- Posts: 101
- Joined: Wed Aug 02, 2006 9:08 am
Hi schmoe90,
I am curious, why is this weird? It seems to me the simplest way to secure our Scalix server.
We use a third party spam/anti-virus server to which our MX records are pointing. That server is the only server that should deliver email to our Scalix server. By excluding the rest of the world it seems to me a secure solution.
If it is furthermore possible to then only accept emails for the domains we are hosting (local domains) it should be really secure.
Or am I missing something?
Regards,
Joost.
I am curious, why is this weird? It seems to me the simplest way to secure our Scalix server.
We use a third party spam/anti-virus server to which our MX records are pointing. That server is the only server that should deliver email to our Scalix server. By excluding the rest of the world it seems to me a secure solution.
If it is furthermore possible to then only accept emails for the domains we are hosting (local domains) it should be really secure.
Or am I missing something?
Regards,
Joost.
-
joaster
- Posts: 101
- Joined: Wed Aug 02, 2006 9:08 am
While writing the above message, I came up with another solution to achief the fine grained control I would like.
First exclude the rest of the world by only allowing SMTP trafic from the spam/anti-virus server on the corporated firewall.
Then set relay and accept rules in the smtpd.cfg file. Could this be a good file:
Regards,
Joost
First exclude the rest of the world by only allowing SMTP trafic from the spam/anti-virus server on the corporated firewall.
Then set relay and accept rules in the smtpd.cfg file. Could this be a good file:
# NB Authenticated RELAYs are always allowed
RELAY accept 127.0.0.1
RELAY accept .localdomain1.xx
RELAY accept .localdomain2.xx
RELAY Log_Reject ALL
# extra rules added to prevent open relay usage
RECIPIENT Log_Reject *@*@*
RECIPIENT Log_Reject *%*
RECIPIENT Log_Reject *!*
RECIPIENT Log_Reject *#*@*
Regards,
Joost
Return to “Scalix Messaging Services”
Who is online
Users browsing this forum: No registered users and 3 guests