James Marcinek enlightened us with the following gems on 11/04/2005
05:22 PM:
I thought postfix did not relay mail by default?
That's a misconception
try this:
postconf -n | grep mynetworks
to see any non-default settings for relaying
postconf -d | grep mynetworks
to see if the default settings are still in place
postfix ships with a default configuration parameter:
mynetworks_style = subnet
which means that postfix will relay mail (unless you implement other
restrictions, such as smtp-auth and TLS) for any host on the same subnet
as your server.
if this is a public facing server that's a lot of hosts!
My master.cf file had an
uncommented 'relay' service. I know I didn't add it. I commented it out and hope
that it corrects the problem (plea for help on how to make sure no relaying is
happening).
who should be able to use your server as a relay?
you can restrict this to certain subnets/hosts with the 'mynetworks'
parameter
or you could go the whole hog and implement authentication and only
allow relaying by authenticated users (as I use my mailserver from many
different IP addresses - the travelling laptop scenario - I need to do
things this way...)
smtpd_recipient_restrictions =
permit_sasl_authenticated
permit_mynetworks
reject_unauth_destination
reject_rbl_client dnsbl.ahbl.org
reject_rhsbl_sender rhsbl.ahbl.org
...with a very restrictive mynetworks setting
much more info in 'man 5 postconf'
Regards
Stuart
