how to allow postfix to relay a single user@domain.com

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

how to allow postfix to relay a single user@domain.com

Jeff Lacki

Im sorry if this is a basic question, but googling it
has me more confused.  I need to relay my user@domain
(where Im located) to a remote server I own to email.

Im not located on my own domain name, Im on an AT&T
connection, but want to send to a domain I own
(which runs postfix).

I thought all I needed was to add:

transport_maps = hash:/etc/postfix/transport

in transport:

[hidden email] smtp:[mail.optonline.net]:25
(optonline.net is my domains relayhost)

postmap transport
postfix reload

but in thunderbird when I try to email using
my email ([hidden email]) I get:

---The mail server sent an incorrect greeting:
cannot connect to SMTP server --- error 10060

I see nothing in my /var/log/maillog file on the server

Im sure this is simple and Im missing something small
as usual.

Thanks

Reply | Threaded
Open this post in threaded view
|

Re: how to allow postfix to relay a single user@domain.com

Sahil Tandon
On Wed, 10 Feb 2010, Jeff Lacki wrote:

> in transport:
>
> [hidden email] smtp:[mail.optonline.net]:25

This means email sent through your Postfix server that is addressed to
[hidden email] will be relayed to mail.optonline.net.  Is that
your goal?

> but in thunderbird when I try to email using
> my email ([hidden email]) I get:

This is confusing.  What do you mean "try to email using my email"?  Are
you SENDING email to [hidden email] or trying to send AS (i.e.
setting your MAIL FROM) [hidden email]?

> ---The mail server sent an incorrect greeting:
> cannot connect to SMTP server --- error 10060
>
> I see nothing in my /var/log/maillog file on the server

If you see nothing in your logs, then this is not a Postfix issue or you
are looking for logs on the wrong server.  To test your configuration,
speak SMTP to Postfix via telnet.  This removes variables like
Thunderbird that complicate debugging.  Also see DEBUG_README for more
tips.

--
Sahil Tandon <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: how to allow postfix to relay a single user@domain.com

Jeff Lacki
In reply to this post by Jeff Lacki
On Wed, 10 Feb 2010, Jeff Lacki wrote:

>> in transport:
>>
>> [hidden email] smtp:[mail.optonline.net]:25

> This means email sent through your Postfix server that is addressed to
> [hidden email] will be relayed to mail.optonline.net.  Is that
> your goal?

Yes sorry for the confusion.  I want to send email from
basically anywhere in the world through my postfix server.
Since my email address that I use is constant,
can I setup postfix to recognize that its me (from anywhere -
based on my email address) and relay it through
"mail.optonline.net" as in my example above?


The email address I use is not my servers domain name
however, but can postfix recognize my From field and
allow it to relay?  If so, how do I do this?

Thanks

Reply | Threaded
Open this post in threaded view
|

Re: how to allow postfix to relay a single user@domain.com

Sahil Tandon
On Wed, 10 Feb 2010, Jeff Lacki wrote:

> Yes sorry for the confusion.  I want to send email from basically
> anywhere in the world through my postfix server.  Since my email
> address that I use is constant, can I setup postfix to recognize that
> its me (from anywhere - based on my email address) and relay it
> through "mail.optonline.net" as in my example above?

http://www.postfix.org/postconf.5.html#sender_dependent_relayhost_maps

> The email address I use is not my servers domain name however, but can
> postfix recognize my From field and allow it to relay?  If so, how do
> I do this?

Yes, but allowing anyone with that MAIL FROM to relay through your
Postfix server is unwise since that "credential" is easily spoofed.
Only allow trusted networks and authenticated clients to relay through
your server.  This is a good opportunity for you to review SASL_README.

--
Sahil Tandon <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: how to allow postfix to relay a single user@domain.com

Jeff Lacki
In reply to this post by Jeff Lacki
>> The email address I use is not my servers domain name however, but can
>> postfix recognize my From field and allow it to relay?  If so, how do
>> I do this?

> Yes, but allowing anyone with that MAIL FROM to relay through your
> Postfix server is unwise since that "credential" is easily spoofed.
> Only allow trusted networks and authenticated clients to relay through
> your server.  This is a good opportunity for you to review SASL_README.

Thanks, thats good advice for sure.  Turns out Im not
able to get to port 25 on my postfix box from my current
location.

Whats odd is that I went to 2 other servers on the net
and I can telnet to port 25, but here at home, I cannot.
I can telnet to port 22, 53, but not 25.  I checked my iptables
on both machines and even disabled them (flushed all the
rules), no luck.

Anyplace where postfix would deny a specific ip from even
connecting?  I cant imagine where that would be, especially
because my IP is dynamic here at home.

Thanks for all your feedback.

Reply | Threaded
Open this post in threaded view
|

Re: how to allow postfix to relay a single user@domain.com

Ansgar Wiechers
In reply to this post by Jeff Lacki
On 2010-02-10 Jeff Lacki wrote:

> On Wed, 10 Feb 2010, Jeff Lacki wrote:
>
>>> in transport:
>>>
>>> [hidden email] smtp:[mail.optonline.net]:25
>
>> This means email sent through your Postfix server that is addressed
>> to [hidden email] will be relayed to mail.optonline.net.  Is
>> that your goal?
>
> Yes sorry for the confusion.  I want to send email from basically
> anywhere in the world through my postfix server. Since my email
> address that I use is constant, can I setup postfix to recognize that
> its me (from anywhere - based on my email address) and relay it
> through "mail.optonline.net" as in my example above?
>
> The email address I use is not my servers domain name however, but can
> postfix recognize my From field and allow it to relay?  If so, how do
> I do this?

That would make your server an open relay to anyone spoofing your
address as the MAIL FROM address.

Don't do that. Ever.

Regards
Ansgar Wiechers
--
"Abstractions save us time working, but they don't save us time learning."
--Joel Spolsky
Reply | Threaded
Open this post in threaded view
|

Re: how to allow postfix to relay a single user@domain.com

Ansgar Wiechers
In reply to this post by Jeff Lacki
On 2010-02-10 Jeff Lacki wrote:

> Thanks, thats good advice for sure.  Turns out Im not able to get to
> port 25 on my postfix box from my current location.
>
> Whats odd is that I went to 2 other servers on the net and I can
> telnet to port 25, but here at home, I cannot. I can telnet to port
> 22, 53, but not 25.  I checked my iptables on both machines and even
> disabled them (flushed all the rules), no luck.
>
> Anyplace where postfix would deny a specific ip from even connecting?
> I cant imagine where that would be, especially because my IP is
> dynamic here at home.

The reason most likely isn't your Postfix, but the ISP blocking outbound
connections to port 25/tcp. The rationale behind this is to prevent home
computer bots from sending spam.

Use submission (SMTP with authentication enforced on port 587/tcp)
instead. You should use authentication (and encrypted connections)
anyway, if you want to relay through your MTA from anywhere in the
world. See Postfix' TLS README:

  http://www.postfix.org/TLS_README.html

Regards
Ansgar Wiechers
--
"Abstractions save us time working, but they don't save us time learning."
--Joel Spolsky