{"id":981,"date":"2017-06-26T05:45:41","date_gmt":"2017-06-26T02:45:41","guid":{"rendered":"https:\/\/community.virtono.com\/?p=981"},"modified":"2017-06-26T05:52:27","modified_gmt":"2017-06-26T02:52:27","slug":"con%ef%ac%81guring-and-securing-your-postfix-mail-relay-policy","status":"publish","type":"post","link":"https:\/\/www.virtono.com\/community\/knowledgebase\/con%ef%ac%81guring-and-securing-your-postfix-mail-relay-policy\/","title":{"rendered":"Con\ufb01guring and Securing Your Postfix Mail Relay Policy"},"content":{"rendered":"<p id=\"introduction\">Post\ufb01x\u2019s relaying policy (allowing users to send mail through the mail server) is dictated by default via the mynetworks parameter. The mynetworks parameter tells Post\ufb01x what networks or speci\ufb01c hosts are trusted by Post\ufb01x to allow mail to be sent through the mail server to any destination based on this trust. When the mynetworks parameter has been set, you can then use the variable to explicitly tell Post\ufb01x the networks that your installation trusts.<\/p>\n<p>Figure shows an example setup for your always-connected corporate mail server. You can see where the mynetworks parameter comes into use. By default, the mynetworks parameter contains your localhost network (127.0.0.0\/8) and your network connections that have been con\ufb01gured in your system.<br \/>\nIn this example, you can see the Post\ufb01x server in the DMZ (demilitarized zone) on an IP address of 192.168.0.4\/24. Your internal network is in the subnet of 10.0.0.0\/24. Given Post\ufb01x\u2019s default mynetworks parameter, the 10.0.0.0\/24 network will not be allowed to relay mail through Post\ufb01x because it is not part of the Post\ufb01x server\u2019s network. To remedy this, you need to add the 10.0.0.0\/24\u00a0network to the mynetworks clause:<br \/>\nmynetworks = 127.0.0.0\/8, 192.168.0.0\/24, 10.0.0.0\/24<\/p>\n<p><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"982\" data-permalink=\"https:\/\/www.virtono.com\/community\/knowledgebase\/con%ef%ac%81guring-and-securing-your-postfix-mail-relay-policy\/attachment\/as\/\" data-orig-file=\"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/06\/as.png?fit=440%2C412&amp;ssl=1\" data-orig-size=\"440,412\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"as\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/06\/as.png?fit=300%2C281&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/06\/as.png?fit=440%2C412&amp;ssl=1\" class=\"alignnone size-medium wp-image-982\" src=\"https:\/\/i0.wp.com\/community.virtono.com\/wp-content\/uploads\/2017\/06\/as-300x281.png?resize=300%2C281&#038;ssl=1\" alt=\"\" width=\"300\" height=\"281\" srcset=\"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/06\/as.png?resize=300%2C281&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/06\/as.png?w=440&amp;ssl=1 440w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><br \/>\nThis entry now allows relaying from localhost, the DMZ network, and also your internal network.<br \/>\nWhen mynetworks has been con\ufb01gured, the parameter smtpd_recipient_restrictions actually allows the relaying to take place. As you can see from the default main.cf con\ufb01guration we talked about before, this parameter has two objectives:<br \/>\n\u25a0 To allow all relays from machines that are in mynetworks<\/p>\n<p>\u25a0 To deny all other relays using the reject_unauth_destination(reject all unauthorized connections) clause<\/p>\n<p>Post\ufb01x also allows relaying to any domains listed in relay_domains. This parameter, by default, contains whatever is in the $mydomain parameter, which by default is your machine\u2019s con\ufb01gured domain. If you use the default setting, any untrusted sender (not in mynetworks) can relay mail through Post\ufb01x to any user at $mydomain. It should be obvious why this is the default, as this would mean that Post\ufb01x would accept mail for the domain it is hosting.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Post\ufb01x\u2019s relaying policy (allowing users to send mail through the mail server) is dictated by default via the mynetworks parameter. The mynetworks parameter tells Post\ufb01x what networks or speci\ufb01c hosts are trusted by Post\ufb01x to allow mail to be sent through the mail server to any destination based on this<\/p>\n","protected":false},"author":3,"featured_media":985,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[5],"tags":[],"class_list":["post-981","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/06\/postfix1.gif?fit=300%2C300&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7ISfL-fP","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":3492,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-install-and-configure-mail-server-on-ubuntu\/","url_meta":{"origin":981,"position":0},"title":"How to Install and Configure Mail Server on Ubuntu","author":"George B.","date":"June 11, 2023","format":false,"excerpt":"Setting up a mail server on Ubuntu can be a daunting task for many, but with the right guidance and understanding, it becomes an achievable goal. In this article, we will provide a step-by-step guide on how to install and configure a mail server on Ubuntu. By the end, you'll\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/06\/How-to-Install-and-Configure-Mail-Server-on-Ubuntu.png?fit=600%2C330&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/06\/How-to-Install-and-Configure-Mail-Server-on-Ubuntu.png?fit=600%2C330&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/06\/How-to-Install-and-Configure-Mail-Server-on-Ubuntu.png?fit=600%2C330&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":3191,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-install-postfix-on-linux\/","url_meta":{"origin":981,"position":1},"title":"How to install Postfix on Linux","author":"George B.","date":"April 8, 2023","format":false,"excerpt":"Install Postfix on CentOS 7 To install Postfix on CentOS 7, follow these steps: Open a terminal or login to your server via SSH as a root user. Update your system packages by running the following command: yum update Install Postfix using the following command: yum install postfix Start the\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-install-Postfix-on-Linux.png?fit=600%2C330&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-install-Postfix-on-Linux.png?fit=600%2C330&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-install-Postfix-on-Linux.png?fit=600%2C330&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":1204,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/set-up-postfix-under-debian\/","url_meta":{"origin":981,"position":2},"title":"Set up Postfix under Debian","author":"Shreyash Sharma","date":"October 28, 2017","format":false,"excerpt":"Postfix\u00a0is a widely used mail server, more specifically an MTA (\u00a0Mail Transfer Agent\u00a0).\u00a0In this article we describe how to install Postfix under Debian Lenny 5.0.\u00a0In the example we use a test server (lists.wefi.net).\u00a0Replace this name with the name of your server. Install package On the command line, start the Postfix\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=1200%2C900&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=1200%2C900&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=1200%2C900&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=1200%2C900&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=1200%2C900&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":1201,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/set-up-mailman-under-debian\/","url_meta":{"origin":981,"position":3},"title":"Set up Mailman under Debian","author":"Shreyash Sharma","date":"October 28, 2017","format":false,"excerpt":"GNU Mailman\u00a0is a free software for managing mailing lists.\u00a0This article describes how to set up Mailman on Debian Lenny (Debian 5.0). Install MTA To operate mailing lists with Mailman you need an MTA (Mail Transfer Agent).\u00a0In this example, we use Postfix.\u00a0The next time you install Postfix, select\u00a0Internet Site\u00a0as 'General type\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.thomas-krenn.com\/de\/wikiDE\/images\/thumb\/4\/4f\/Mailman-Installation-unter-Debian-Lenny-01-languages-to-support.png\/300px-Mailman-Installation-unter-Debian-Lenny-01-languages-to-support.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":481,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-install-zpanel-on-centos-6-6\/","url_meta":{"origin":981,"position":4},"title":"How to install zPanel on CentOS 6.6 VPS","author":"Daniel Draga","date":"August 18, 2016","format":false,"excerpt":"If you are looking for a light, small, free, web hosting control panel, look no further ZPanel\u00a0is the ultimate answer, its build on open-source freeware model, with the development team describing it as a part-time hobby. ZPanel is the right buddy for your VPS or dedicated server. If you have\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"1","src":"https:\/\/i0.wp.com\/community.virtono.com\/wp-content\/uploads\/2016\/08\/1-7-300x40.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/community.virtono.com\/wp-content\/uploads\/2016\/08\/1-7-300x40.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/community.virtono.com\/wp-content\/uploads\/2016\/08\/1-7-300x40.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":3255,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-install-nagios-on-centos-7\/","url_meta":{"origin":981,"position":5},"title":"How to install Nagios on CentOS 7","author":"George B.","date":"April 16, 2023","format":false,"excerpt":"In this article, we will discuss how to install Nagios on CentOS 7. Nagios is a powerful monitoring system that can help you keep track of your network resources, services, and applications. Before we begin, make sure that you have root access to the server you will be installing Nagios.\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-install-Nagios-on-CentOS.png?fit=600%2C330&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-install-Nagios-on-CentOS.png?fit=600%2C330&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-install-Nagios-on-CentOS.png?fit=600%2C330&ssl=1&resize=525%2C300 1.5x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/981","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/comments?post=981"}],"version-history":[{"count":1,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/981\/revisions"}],"predecessor-version":[{"id":983,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/981\/revisions\/983"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media\/985"}],"wp:attachment":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media?parent=981"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/categories?post=981"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/tags?post=981"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}