Security :: Setup Postfix On A Standalone Server Connected Directly To The Internet?
Jul 1, 2010
venturing into unfamiliar territory so I'm hoping someone can help me and make things a little more understandable for me. I have setup Postfix on a standalone server connected directly to the internet. I have got inbound and outbound email working for the most part, but I am worried about security.My fear is that if I leave port 25 open to the outside world spammers will find this and start relaying mail through it and eventually blacklisting the IP attached to this box.
For now, I am hosting mail for a single domain and single user (me) with a few aliases. I plan on expanding to IMAP and SMTP access from the outside at some point, but for now I've been using Mutt in a shell and it's fine for my needs for now.
Here are my current Postfix settings:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
[code]....
View 3 Replies
ADVERTISEMENT
Feb 16, 2011
I did a basic U9.10 server install of postfix with the minimal config. Added a test user and things worked after a few minutes. I now want to setup a few new things and want to switch to use mysql as the back-end. I have mysql installed, setup postfix.admin which in turn setup the database/tables. Now when I logged in to that admin, the original test user is not there (which is fine), but I created the test domain again, created a user and an outside test failed saying user unknown.
Now I looked through the main.cf page and don't see anything obvious to say hey, put backend is mysql, here is the info. I then noticed via apt that postfix-mysql was not installed, so installed that, I see my .cf was backed up, but still don't see anywhere to connect the 2. So currently mail is still accepted from the test1 user running local. I don't mind wiping everyhing, but is there a simple place to just make a change or 2?
View 1 Replies
View Related
Dec 7, 2009
I was trying out the fedora live cd but I couldn't get my Internet to work. When I open firefox it always said server not kind no matter what I searched or put into the address bar:
I tried many different things but none o them worked
I am able to ping m router an I'm able to login to my routers page
I am also able to login to my modems page and it says connected to the Internet
I tried restarting the modem and the router but I still got the same problem
I also tried disabling the firewall but still had the same problem
I tried a command and I was able to receive packets from google.com, but It never went through in firefox
I also tried out a torrent (I had it saved on a USB) and it worked it was downloading fine
I am able to ping googles web page but I am not able to search anything.
In firefox preferences and in network proxy I tried many different proxy settings bit none o them worked I always get the message server not found. All this was done while connected directly with Ethernet cable modem and router but untried wireless and it didn't work either on the top right corner of the screen the network icon says auto eth0 active. I'm using fedora 12 livecd.
View 2 Replies
View Related
Jun 23, 2011
I have a computer with grub installed, and nothing else. I'd like to install Debian on it without having to burn a CD. (and I don't have any flash disks.) It has a nice ethernet card, and I have another computer right next to it with an ethernet card. I also have an ethernet cable. However, I don't have any router free which I can mess with for these purposes. As I've looked up, apparently modern Ethernet cards don't need crossover cables, normal cables will work for this type of connection.
I've tried several different "tutorials" on how to set up a netboot server, but
None of them are complete. All of them assume that you understand how DHCP works, and that you can do things like set up a dnsmasq server. I don't understand the DHCP protocol, with submasks and whatnot (I know that it is the protocol for assigning computer network addresses, and that's it), and I don't think I should have to in order to simply connect two computers. All of the tutorials give you incomplete configuration files, and ask you to fill in things which I don't understand, and for me it doesn't make sense to customize these settings, as I just want to connect them and I really don't care what ip address the TFTP server has or whatnot. All of these assume that you are going through a router. I am not. When I try googling for ways to directly connect two linux computers with an ethernet cable, I can't even find instructions, just more references to "you need crossover cables".
So basically, I have two computers directly connected by ethernet cables. Tell me what packages I need to install, what the contents of my configuration files should look like, and what, if any, commands I need to run in order that when I turn on my second computer, and select network boot, it will start up a minimal debian system.
EDIT: Hmmm, it looks like I actually have a linux kernel installed too, but no root filesystem (so no other programs besides busybox).
View 1 Replies
View Related
Sep 26, 2010
Trying to set up VSFTPD on the CentOS 5 box at work, which is an internal web development server. I'm leaving soon, and all knowledge of or desire to learn SSH is going with me so the other employees will need to be able to access the web root using FTP clients.
Essentially there is no need for special user accounts or privileges, it's an internal server in a tiny company. I've got the LocalRoot set to /var/www/ which I can log in to and read all files via FTP, however despite setting everything to 777 in /var/www/ and below, I still can't get any write privileges on the FTP server.
View 3 Replies
View Related
Feb 1, 2011
Is there away to resolve the hostname after creating a new subdomain. So we don't need to wait internet need some times to able to resolve the hostname. For example, if I add new subdomain to "test.example.com", I can directly ping to this hostname from internet.
View 3 Replies
View Related
Jun 28, 2011
just followed the guide on how to setup Ubuntu 10.04 server + postfix from here: [URL]..ports 110, 143, 25 are forwarded on my router to LAN IP of mailserver.
postfix settings
hostname: server1.mydomain.com
example email: user@mydomain.com
I can receive emails in outlook, if they were sent from the mailserver using: mailx user@mydomain.com
However, external emails from hotmail.com to user@mydomain.com never arrive. I'm thinking this is because of the DNS host records for my domain. Here's what I have.
[Code]...
View 8 Replies
View Related
Mar 20, 2011
CentOS 5 box was just setup to replace a crashed old one. I have postfix.admin installed and working, added users (confirmed from mysql command line) and can login using telnet server pop3 with the user information. The problem I am left with is just receiving mail. I have both squirrelmail and roundcube installed, and can also authenticate using both (/var/log/maillog shows);From either webclient I can naturally send mail out and both yahoo and gmail client confirms, yet a reply shows nothing, and nothing ever shows in the maillog. Firewall is shut down but I don't know postfix enough to see how to test, or is something else grabbing the mail.
I can provide anything necessary, just let me know what. As I see it (just so far) Postfix should be the server that answers and receives the mail, dovecot is more the pop/imap the client would use, so I think it's a postfix issue. If so, can I turn up the debugging, etc. but again, I think all mail received should appear in the maillog file 1st as I see the outbound mail go fine!
View 3 Replies
View Related
Nov 4, 2009
How can I setup "reverse dns check" option in Postfix ?
View 1 Replies
View Related
May 22, 2010
I have a Postfix+Dovecot and virtual users setup taken from here. I've got virtual users authenticating using a password file. But I'd like to lock the service down further, so authenticated users can only email other authenticated users (those listed in the same password file) - so it's a closed community. I don't seem to be able to stop authenticated users mailing outside the community.
View 2 Replies
View Related
May 14, 2011
It wasn't too long ago that I discovered Linux/Ubuntu (in terms of actually USING it) and I've been completely blown away by the capabilities it puts in the user's hands! To think that someone can take an old desktop from a trash pile (literally, in my case) and turn it into a web server for ZERO dollars is absolutely crazy.
Anyway, I've been using said desktop as a sort of "dummy" machine to learn Linux. I want to be clear that I've got another computer for personal use and that I understand that setting up server software on any computer poses a security risk. Having said that, I have a few questions regarding mail servers and their setup on Ubuntu. Again - I'm comfortable with what I've done so far in Ubuntu (installing packages, terminal interaction, basic usage)
My question is mainly this: if you have, say, a domain name through DynDNS (let's say example123.com) and it points to an Ubuntu system, does something like Postfix enable you to make your own email addresses such as user1@example123.com and have an email server from wherever the Ubuntu system is?
I've been following the basic Postfix setup here and have had success so far (down to the "Adding your local domains to postfix" section) bu wanted to make sure that what I'm intending to do is what I'm doing (haha... i hope that makes sense). That is: get domain name at DynDNS, host pages on LAMPP server, use Postfix to facilitate incoming/outgoing email for that domain name.
View 7 Replies
View Related
Jun 21, 2011
I have set up a couple of postfix servers for my domains, but the only thing I am missing now is this: How to block the public sending mail from my email to my email? I have managed it with SPF, but surely there must be a better way, that returns "relay not allowed" to the client. The SPF method costs too much, since it must make a dns request for each mail. So far, I have not gotten many of these mails, unless when testing my mailserver, but as I see it, anyone should not be allowed to send mail from abuse@mydomain.com to abuse@mydomain.com.
Somebody must have thought about this a long time ago, and there is simply that little line in main.conf that I'm missing.. My setup is this (virtual): I have a primary mx, with postfix, courier IMAP/POP3 server, a user database, and sasl via saslauthd. I also have a secondary mail server (backup mx) with no sasl auth, but with a copy of the mail users in the virtual tables, but added as relay_* users instead.
Spamassassin and SPF testing is replicated too, so most of the stuff should work, but I simply cannot find a setting in Postfix that denies someone to mail FROM my address TO my address. When mailing from my address and out in the open, they are required to authenticate, but not when using one of my my domain addresses, and also targeting my domain addresses.
As said, It is possible with a strict SPF setting, but that is at a cost for every lookup. It would be quicker for postfix to lookup the sender and the recipient in the relay/virtual tables, and deny if both addresses were in the recipient tables, and sender is not authenticated.
View 5 Replies
View Related
Jan 5, 2011
I have setup postfix and postfixadmin on a CentOS 5.5 server and the install appears to be ready to go. I have never used postfix and postfixadmin and I am having a hard time finding any documentation on how to setup and administer the postfix server with Postfixadmin. This is simply a test and alerting server and will not be hosting user mailboxes. I am only looking for the basics I am not going to need to setup anything complex
View 1 Replies
View Related
Nov 12, 2010
I'm using a linux server where nat server is running. Local user are connected from this server. So is there in tool that i can check that local user getting internet? or how can i check that a user connected from linux server using internet or where he visited?
View 1 Replies
View Related
Apr 24, 2011
i need to configure postfix on centos to relay email from the internet to the Exchange Server and i also need that emails sent from the exchange within the same domain be sent to postfix then resent to exchange because i have spamassassin and clamav installed on centos to filter all incoming and outgoing mails ...
View 1 Replies
View Related
Aug 21, 2010
I want to set a up a network of inter connected pcs, for example on pc A linux is installed.now pcs B, C , D, etc should connect to A and do there work, for example A want to do C/C++, development, whereas B wants to do some PERL development or whatever, this is just an example, 2 different pc users might do same work also, and the connecting pcs may have Windows or linux or bsd.OSes now what h/w or s/w is required and what steps are required to set up this network, main pc would be connected to internet and also connected pcs might want to use internet also..have installed opensuse edulife , and use this as PC A for testing.. and I use bridged dsl Broadband connection to connect to internet , by the username and password provided by the ISP, in windows its easy to setup this connection, however not able to do on linux,
View 9 Replies
View Related
Feb 23, 2010
Setup my postfix mail server and courier-imap/pop. My postfix server now is working with tls and saslauthd, I can send/receive email inside my domain as well as outside. However, I need two separate smtp and imap/pop3 server, I mean two machine - one with smtp function and one with imap/pop3 function working together.
View 4 Replies
View Related
Sep 8, 2010
How would one setup a header_check that would discard all emails that have more than 6 words in it? Such as, if there are more than 6 spaces in the entire message it would be deleted? I cannot find this out but it would reduce my spam intake by 50+ a day.
View 2 Replies
View Related
Oct 3, 2010
I have a network printer directly connected via ethernet cable to an Ubuntu netbook, but pinging the printer fails, giving "Host Unreachable". The network light on the ethernet socket is lit green, and there is nothing else cable-connected to the network - just a simple cable connection between the netbook ethernet socket and the Network printer (a HP Laserjet 4200n). Ping works fine if I plug the cable into a different machine (a Win XP box) and ping from there, so it's not a cable or IP address problem.
This sounds simple enough and should work, but I'm stumped. Clues, anyone?
View 2 Replies
View Related
Dec 3, 2010
I've set up both Postfix and Dovecot on my server. I can currently send mail via Outlook to Postfix over Port 587 (rather than Port 25), and receive mail from Dovecot on Outlook. However, the only mails I am able to receive are those originated from within the server itself. If I attempt to send an e-mail to the address my Outlook listens to, the mail will never reach my Outlook. In other words, no one on the Internet is able to send mail to me.
Can someone tell me:
1) If setting Postfix to listen over Port 587 for my Outlook to send mail outwards is preventing me to have Postfix to listen to mails coming from the Internet? Would I have to turn on both Ports 25 and 587 in /etc/postfix/master.cf?
2) I have configured my Postfix to use saslauthd by authenticating those who are on /etc/passwd. This means I can enter my Linux account details into Outlook in order to connect and download messages. However, does this mean other MTA servers on the Internet who doesn't know my account details are unable to authenticate with my Postfix server and send mails to it?
View 9 Replies
View Related
Sep 20, 2010
I just reinstalled debian on my computer, I've had it working for a long time, only difference is I used to have Cable Internet and now I use DSL. Anywho, I reinstalled debian from the kde CD on the debian website, it auto-configured my network out of the box. My network is connected to the computer, pinging google works perfectly, and ifconfig shows that eth0 is working correctly without any errors. However on both Konqueror and Iceweasel, every time I try to connect to a website, it tells me the server cannot be found. Basically it acts like I don't have internet. Using the terminal works though, I have installed KDE-FULL from the terminal and wicd, so I know I do have internet. I don't know what it could be, like I said, I installed from the cd and this happened. Maybe there's a bug on the KDE debian cd
View 14 Replies
View Related
Feb 5, 2011
Turning an old computer of mine into a server and I don't have an ethernet with me to connect it to the router so I was just wondering if I can install Ubuntu Server without being connected to the internet.
View 2 Replies
View Related
May 4, 2010
I'm somewhat familiar with Linux and became pretty decent at installing and configuring packages in Ubuntu. One of the things I was able to do with my tinkering was set up a functioning imap and pop3 mail server using dovecot-postfix. Now I'm experimenting with Slackware to get the feel of another distro, and I noticed that the mail server packages were already installed. On my client computer they can pick up that I have users configured and my mx record is working.
However it is failing to send mail saying that it is failing to relay the e-mail message and that the server responded 5.7.1 which was a problem that I was having in Ubuntu when first configuring the mail server. The fix was to edit the postfix.conf file and adding the localhost name of my server. Does anybody know of the file that I need to edit to make it possible to relay my messages with both pop3 and imap.
View 1 Replies
View Related
Dec 12, 2010
Fork bombs can also very easily be standalone shell scripts? https://bugs.launchpad.net/ubuntu/+s...sh/+bug/689176
View 4 Replies
View Related
Jan 5, 2010
Using SuSE 11.2 can anybody suggest a decent compatible Ethernet / Network Colour Printer. Just a printer not a multifunction device. The printer will be connected to a Fast Ethernet Switch or directly into the ADSL Router.
View 4 Replies
View Related
Jun 4, 2010
I am using this usb wifi adapter, it uses zd1211rw and it works fine if I connect it directly to the usb port, but if I add a cable (around 5mts) between the usb port and the usb plug, the device doesn't appear (I used iwconfig to check). The green light on the wifi adapter turns on but it doesn't blink like it does when connecting it directly without the cable. What could be happening?
I use the same cable + usb wifi adapter in windows, and it works fine, I can scan and connect without problems. When I use the cable, lsusb doesn't show the device neither, it does when connecting the adapter directly.
View 2 Replies
View Related
Dec 26, 2010
I am trying to set up a Mail Server -- Virtual Users with Postfix, PostfixAdmin, Courier, Mailscanner, ClamAV On CentOS 5.5 using this guide. These are the version and softwares I have used till now:-
[Code]....
View 4 Replies
View Related
Apr 18, 2011
I currently have a personal use server setup in my home and would like to be able to send emails from my domain name.
At&t blocks the standard ports used so some form of forwarding would have to be used. I've looked at other guides and followed them to the key but it appears I'm always missing something.
So my question here is could anyone write a detailed guide from start to finish on how to install a postfix server behind an at&t connection complete with MX record and firewall configuration information?
View 4 Replies
View Related
Feb 3, 2010
i have a website, there is a button that u click fill out a form and sends u a link to download a trial version of our software, the message gets sent with out html.. i copied a sample below (edited out some personal info)
Code:
Content-type: text/html; charset=iso-8859-1
From: ******.com>
[code]...
View 10 Replies
View Related
Feb 26, 2010
I followed this How To (https://help.ubuntu.com/community/Postfix) in order to add smtp authentication to my Postfix installation used as spam filter for my exhange server, and it'seem all ok; the only thing that I don't understand is where I list all the users (with passwords) that I authorize to send mail through my server...
View 3 Replies
View Related