"Configuring header/body checks... from outside users only" && main.cf

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

"Configuring header/body checks... from outside users only" && main.cf

dave@powerstandards.com
Hi,

(I believe I have found the problem here and it is unrelated to postfix,
but I would like to confirm a couple of things that are a bit
hazy in the docs. After googling a lot yesterday, this may be a
useful find for someone in the future.)

I got header checks working, but ran into the Catch-22 that the subject
check would not pass for outgoing email, so I found the section of the
manual titled as the subject of this email.

Note that this may be impacted by the effect of the other topic I have
posted on "spontaneous appearance...".

I set up master.cf as described in that section:

1.2.3.5:smtp      inet  n       -       n       -       -       smtpd
1.2.3.4:smtp      inet  n       -       n       -       -       smtpd
        -o receive_override_options=no_header_body_checks
127.0.0.1:smtp      inet  n       -       n       -       -       smtpd
        -o receive_override_options=no_header_body_checks
pickup    fifo  n       -       n       60      1       pickup
         -o receive_override_options=no_header_body_checks

After some time, I figured out how (I believe, I'm a C programmer, not a
great admin, so please bear with me) to define 1.2.3.4 and 1.2.3.5

ip addr add 1.2.3.5/16 dev eth0
ip addr add 1.2.3.4/8 dev lo


Question 1) (admin oriented)

Is that ip addr setting sufficient?  (Will set up firewall.)

(The relevant post-setting output of ifconfig and ip addr are below.)

Question 2)

What should the settings be in main.cf for:

inet_interfaces (currently "all")
smtp_bind_address (unset: 1.2.3.5??, 172.17.69.230??) (Tried both.)
mynetworks (unset: 172.17.69.230/16, 1.2.3.5/16, 1.2.3.4/8 ??)

Question 3 & 4)

Could this re-routing cause the connection to the relay server to time out?

Does it affect the arguments to, or behaviour of, (postfix's) sendmail?

Thanks,

Dave

Network settings:

$ uname -a
Linux P1234567 2.6.37_PQube_Bob+ #152 PREEMPT Thu Jan 16 14:47:05 PST 2014
armv5tejl GNU/Linux

$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet 1.2.3.4/8 scope global lo
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP qlen 1000
    link/ether xx:yy:zz:11:22:33 brd ff:ff:ff:ff:ff:ff
    inet 172.17.69.230/16 brd 172.17.255.255 scope global eth0
    inet 1.2.3.5/16 scope global eth0

$ ifconfig
eth0      Link encap:Ethernet  HWaddr 56:CE:EC:23:65:10
          inet addr:172.17.69.230  Bcast:172.17.255.255  Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          ...

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          ...















Reply | Threaded
Open this post in threaded view
|

Re: "Configuring header/body checks... from outside users only" && main.cf

Wietse Venema
[hidden email]:

> Hi,
>
> (I believe I have found the problem here and it is unrelated to postfix,
> but I would like to confirm a couple of things that are a bit
> hazy in the docs. After googling a lot yesterday, this may be a
> useful find for someone in the future.)
>
> I got header checks working, but ran into the Catch-22 that the subject
> check would not pass for outgoing email, so I found the section of the
> manual titled as the subject of this email.
>
> Note that this may be impacted by the effect of the other topic I have
> posted on "spontaneous appearance...".
>
> I set up master.cf as described in that section:
>
> 1.2.3.5:smtp      inet  n       -       n       -       -       smtpd
> 1.2.3.4:smtp      inet  n       -       n       -       -       smtpd
>         -o receive_override_options=no_header_body_checks
> 127.0.0.1:smtp      inet  n       -       n       -       -       smtpd
>         -o receive_override_options=no_header_body_checks
> pickup    fifo  n       -       n       60      1       pickup
>          -o receive_override_options=no_header_body_checks


None of the above runs postmap commands.

> After some time, I figured out how (I believe, I'm a C programmer, not a
> great admin, so please bear with me) to define 1.2.3.4 and 1.2.3.5
>
> ip addr add 1.2.3.5/16 dev eth0
> ip addr add 1.2.3.4/8 dev lo
>
>
> Question 1) (admin oriented)
>
> Is that ip addr setting sufficient?  (Will set up firewall.)
>
> (The relevant post-setting output of ifconfig and ip addr are below.)
>
> Question 2)
>
> What should the settings be in main.cf for:
>
> inet_interfaces (currently "all")
> smtp_bind_address (unset: 1.2.3.5??, 172.17.69.230??) (Tried both.)
> mynetworks (unset: 172.17.69.230/16, 1.2.3.5/16, 1.2.3.4/8 ??)

None of the above runs postmap commands. either.

> Question 3 & 4)
>
> Could this re-routing cause the connection to the relay server to time out?
>
> Does it affect the arguments to, or behaviour of, (postfix's) sendmail?

Sure, playing with routing or with smtp_bind_address can break TCP
connections. If you don't know why it can break them. then please
don't do that.

        Wietse