By default, mynetworks can relay without sasl (I think that's specified
in smtpd_client_restrictions). If you can specify each IP then you can
use syntax 172.16.0.4, 192.168.12.2 et cetera
Or you can put it all into a hash table or mysql table or whatnot
Postfix's website has quite complete documentation -- definately a
worthwhile place to spend an hour or two.
CT
-----Original Message-----
From: owner-linux@slg.org [mailto:owner-linux@slg.org] On Behalf Of
Calvin Gordon
Sent: Thursday, January 17, 2008 4:25 PM
To: linux@slg.org
Subject: Postfix and SASL authenticated users for Relay purposes
My "Postfix - The Definitive Guide" is a bit old and my "The book of
Postfix" is still on order. I'm struggling to understand how to allow
users with system accounts, but located at remote sites, to use the mail
server to send mail (relay) to someone other than another user on the
mail server without becoming an open relay station.
The answer appears to be to use SASL authentication. Most web sites
discuss Cyrus SASL but i have found reference to using Dovecot supplied
SASL. Anyone have a new Postfix install operating as an Internet wide
mail server with remote clients ?
A post of a main.cf would be great, or any advice/links to a current
how-to.
In order to allow these users to send outgoing mail in the interim i
believe i can just add their IP to "mynetworks" in the main.cf. What is
the correct syntax for adding a singular IP ?
mynetworks = 192.168.1.0/24, 127.0.0.0/8, xxx.xxx.xxx.xxx/(?)
The server is a new install of Fedora Core 8, with Postfix.i386 ver
2.2.4.5-2.fc8
Cal Gordon
Received on Thu Jan 17 21:37:17 2008
This archive was generated by hypermail 2.1.8 : Thu Jan 17 2008 - 21:58:51 CST