Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Additional Mac OS X mail server settings

The restriction is the "reject" at the end of the list, not the cidr map, so it doesn't matter what order the first three are in. OS X doesn't use the mynetworks variable by default, so you would either have to set that or add your networks to the cidr map. I thought adding them to the cidr map would be easier and it saved some typing. I could have just left out permit_mynetworks, as it does nothing here, but in case it is used in the future, either by Paul or OS X, I decided put it in.

Nathan

On Jan 25, 2007, at 12:00 PM, Gino Cerullo wrote:

On 25-Jan-07, at 2:54 PM, Nathan Florea wrote:

I did 1 not too long ago, but I can't find the config files I created. Here it is from memory:

In main.cf, add the following line:
smtpd_client_restrictions = check_client_access cidr:allowed_clients, permit_mynetworks, permit_sasl_authenticated, reject

Create a file called allowed_clients in /etc/postfix containing:
64.18.0.0/20 OK
207.126.144.0/20 OK

The IPs above are the ones that Postini uses. You'll want to add your internal networks to that, as well.

If you adjust the order of that list then you don't need to add your own internal networks since it would already be implied. The list should be as follows.

smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, check_client_access cidr:allowed_clients, reject

This way you've already allowed your internal networks with 'permit_mynetwork' and you've allowed authenticated users 'permit_sasl_authenticated' before the restriction list comes into play.



Nathan

On Jan 25, 2007, at 8:11 AM, Paul Chernoff wrote:

Now that I have a Mac OS X Server mail server running, I would like to do some additional settings to match settings that I have created in EIMS. I haven't found this information in Apple's manuals, but I would be happy for references to where to find this information in Postfix or Cyrus documentation.

1) I want to restrict the mail servers that this server will accept e-mail from. We use Postini to filter our e-mail and I want to ensure that senders are not bypassing Postini by sending mail directly to my mail servers IP address. In EIMS I have define what IP addresses and ranges that can access our SMTP service (this is not the Relay Security setting).

2) If someone is in my LAN they can use port 25 for sending e- mail through our server, but if they are not on our LAN they should use port 587. This is done partly to get around various ISPs who block port 25. 

--
Gino Cerullo

Pixel Point Studios
21 Chesham Drive
Toronto, ON  M3M 1W6

416-247-7740


_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/florea% 40wenworld.com

This email sent to email@hidden 

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden
References: 
 >Additional Mac OS X mail server settings (From: Paul Chernoff <email@hidden>)
 >Re: Additional Mac OS X mail server settings (From: "Nathan Florea" <email@hidden>)
 >Re: Additional Mac OS X mail server settings (From: Gino Cerullo <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.