DSN relay host

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

DSN relay host

Marco Favero
Hi all,
just a question. Could I configure postfix to set a relay host only for
server-made DSN?
"relayhost" is for all mail.

Thank you very much
marco
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: DSN relay host

Wietse Venema
Marco Favero:
> Hi all,
> just a question. Could I configure postfix to set a relay host only for
> server-made DSN?
> "relayhost" is for all mail.

What problem are you trying to solve? Please do not describe your
solution (the DSN relay).

        Wietse
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: DSN relay host

Marco Favero
Wietse Venema:
> Marco Favero:
>> Hi all,
>> just a question. Could I configure postfix to set a relay host only for
>> server-made DSN?
>> "relayhost" is for all mail.
>
> What problem are you trying to solve? Please do not describe your
> solution (the DSN relay).

First I thank you very much for the answer.
Ok, I try to explain my problem.

I have several postfix servers which are MX for my local domains, routed
internally through transport table.

I would like to deny my MX postfix servers to contact Internet directly
to send  DSN mails. I would like to use only another smtp server for
this scope.

Why not use "relayhost" on MX servers?
Relayhost parameter probably is a solution to problem above. In a
perfect environment I can use relayhost to relay DSN, but I would like
to avoid unexpected loops from other mails. If I can find a parameter to
define relayhost only for DSN I'm sure that only DSN are routed to the
needed server.

I would also define a server to relay all mail but not DSN, that I would
  route to different server.

I don't know if I explained right, but I thank you very much for the
attention on this.

Best Regards
Marco
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: DSN relay host

Wietse Venema
Marco Favero:

> Wietse Venema:
> > Marco Favero:
> >> Hi all,
> >> just a question. Could I configure postfix to set a relay host only for
> >> server-made DSN?
> >> "relayhost" is for all mail.
> >
> > What problem are you trying to solve? Please do not describe your
> > solution (the DSN relay).
>
> First I thank you very much for the answer.
> Ok, I try to explain my problem.
>
> I have several postfix servers which are MX for my local domains, routed
> internally through transport table.
>
> I would like to deny my MX postfix servers to contact Internet directly
> to send  DSN mails. I would like to use only another smtp server for
> this scope.

Why are the MX servers sending (non-)delivery status notifications?
Is it because they try to deliver mail for non-existent email addresses?

In that case, the MX servers must be configured to that they do not
accept such email in the first place.

        Wietse
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: DSN relay host

Marco Favero
Wietse Venema:

> Marco Favero:
>> Wietse Venema:
>>> Marco Favero:
>>>> Hi all,
>>>> just a question. Could I configure postfix to set a relay host only for
>>>> server-made DSN?
>>>> "relayhost" is for all mail.
>>> What problem are you trying to solve? Please do not describe your
>>> solution (the DSN relay).
>> First I thank you very much for the answer.
>> Ok, I try to explain my problem.
>>
>> I have several postfix servers which are MX for my local domains, routed
>> internally through transport table.
>>
>> I would like to deny my MX postfix servers to contact Internet directly
>> to send  DSN mails. I would like to use only another smtp server for
>> this scope.
>
> Why are the MX servers sending (non-)delivery status notifications?
> Is it because they try to deliver mail for non-existent email addresses?
>
> In that case, the MX servers must be configured to that they do not
> accept such email in the first place.
>
> Wietse

We already check recipient access (sending "550" to not existent) and
non existent domain. I see that MX sometimes try to send DSN requested
by ESMTP, in particular to trace success delivery. Our next hop does not
support ESMTP (for now...), these DSN start from MX servers.
Yes, I can disable ehlo feature.
Really I try to ask how to configure a DSN relay host to prevent all
possible situation like described above and have a kind of DSN server.

Thanks again
Marco
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: DSN relay host

Wietse Venema
Marco Favero:

> Wietse Venema:
> > Marco Favero:
> >> Wietse Venema:
> >>> Marco Favero:
> >>>> Hi all,
> >>>> just a question. Could I configure postfix to set a relay host only for
> >>>> server-made DSN?
> >>>> "relayhost" is for all mail.
> >>> What problem are you trying to solve? Please do not describe your
> >>> solution (the DSN relay).
> >> First I thank you very much for the answer.
> >> Ok, I try to explain my problem.
> >>
> >> I have several postfix servers which are MX for my local domains, routed
> >> internally through transport table.
> >>
> >> I would like to deny my MX postfix servers to contact Internet directly
> >> to send  DSN mails. I would like to use only another smtp server for
> >> this scope.
> >
> > Why are the MX servers sending (non-)delivery status notifications?
> > Is it because they try to deliver mail for non-existent email addresses?
> >
> > In that case, the MX servers must be configured to that they do not
> > accept such email in the first place.
> >
> > Wietse
>
> We already check recipient access (sending "550" to not existent) and
> non existent domain. I see that MX sometimes try to send DSN requested
> by ESMTP, in particular to trace success delivery. Our next hop does not
> support ESMTP (for now...), these DSN start from MX servers.
> Yes, I can disable ehlo feature.

Then you should use smtpd_discard_ehlo_keywords. Fix the problem
at its origin.

> Really I try to ask how to configure a DSN relay host to prevent all
> possible situation like described above and have a kind of DSN server.

That is the wrong question. I will not answer it.

        Wietse
Loading...