[rt-users] Postfix configuration and fetchmail

Tue May 22 08:11:41 EDT 2012

On Tuesday, May 22, 2012 at 11:32:11 UTC, sjalexander at mpbx.com confabulated:

> In a nutshell, you'll want to prevent unprivileged traffic going to your
> SMTP port(s). In other words, write firewall (iptables) rules to allow only
> authorized clients to use them - if the RT machine is the only machine that
> will be using the service, then  you can drop anything and everything
> coming to the SMTP port(s) on external interfaces like eth0, eth1 and so
> forth. If you're unfamiliar with iptables, fwbuilder is a gui tool than can
> ease the transition. You'll still need to do some reading though.

> It may also be possible to configure postfix to only listen on the loopback
> interface, or only listen to localhost, but I don't know offhand about that.

Setting inet_interfaces in main.cf to localhost will do the trick:

inet_interfaces = localhost

> Regards,

> Stephen J Alexander
> MPBX, LLC
> http://mpbx.com
> 832-713-6729

> On Tue, May 22, 2012 at 1:48 AM, Scott Sjodin <scott.sjodin at gmail.com>wrote:

>> Thanks Dave, I followed your advice and have postfix sending mail for me.
>>
>> This article helped a ton:
>> http://www.howtoforge.com/postfix_relaying_through_another_mailserver
>>
>> Any advice on setting up security to prevent an open relay on my server?
>>
>> Thanks,
>>
>> Scott
>>
>> On Mon, May 21, 2012 at 8:03 PM, Dave Burgess <burgess at cynjut.com> wrote:
>>
>>>  In order to relay through a mail server, you either need to be sending
>>> mail to someone on that server, or have authorization.
>>>
>>> There are thousands of posts on setting up Postfix for relaying.
>>>
>>> Basically, you need to "sign in" to the mail server you want to use using
>>> some kind of authentication protocol.  This will depend largely on the
>>> configuration of the server.
>>>
>>> Since you are running PostFix, you can skip that step altogether and set
>>> up Postfix to send mail out directly to the recipient.  This would probably
>>> be much easier in the long run.  Just be sure to set up your own security
>>> so that no one can use you as an open relay.
>>>
>>> Dave
>>>
>>>
>>>
>>> On 5/20/2012 8:40 AM, Scott Sjodin wrote:
>>>
>>> Hi all,
>>>
>>>  If you recall (you probably don't) I was attempting to use msmtp to
>>> send mail with my new RT 4.0.5 install. I have since abandoned
>>> those efforts and am now attempting to use Postfix to do so. Fetchmail is
>>> working fine, and I've followed the steps outlined in several install
>>> guides for setting up postfix to send mail (I can post my main.cf file
>>> for reference if requested).
>>>
>>>  I am getting much further with Postfix already, but am still unable to
>>> send mail. When I look in /var/log/syslog I see the following after
>>> attempting to send a test message:
>>>
>>>   May 20 06:35:08 Galactica postfix/smtp[14385]: C9F539019A: to=<
>>> scott.sjodin at gmail.com>, relay=smtp.mailanyone.net[72.35.23.195]:25,
>>> delay=0.53, delays=0.03/0.01/0.39/0.11, dsn=5.0.0, status=bounced (host
>>> smtp.mailanyone.net[72.35.23.195] said: 550 relay not permitted (in
>>> reply to RCPT TO command))
>>>
>>>  Any ideas? I'm at a loss here.

-- 
If at first you don't succeed...
...so much for skydiving.