Configuring Postfix as SMTP relay (only)

1

I have a Postfix 2.5.1 on a Debian 4.0 PPC server. I intend to use this as an SMTP relay for outgoing email from my mobile phone (as my phone service provider recently dropped their SMTP server).

The Postfix server is behind a NAT router to which I have added some port-forwarding rules for inbound SMTP. This works OK.

Currently the main.cf has a large set of restrictions listed under smtpd_recipient_restrictions which are not needed and which end with permit (which I understand is the default anyway if all rules are inapplicable)

I don't know why the existing main.cf doesn't have rules organised under other sections like smtpd_client_restrictions etc as the Postfix docs do. However I feel it's best for me to use the conventions in the main.cf supplied with the software rather than re-organise.

in main.cf can I simplify my restrictions to this?

smtpd_recipient_restrictions =
 permit_mynetworks
 permit_sasl_authenticated
 reject

RedGrittyBrick

Posted 2014-05-09T10:14:26.690

Reputation: 70 632

Answers

1

As far as I understand, yes, you can simplify your configuration to the example you've given.

In general, I don't think there would be any problem with setting smtpd_client_restrictions in your configuration as well. The default configuration is probably set up with goals different from yours in mind.

Just keep in mind that smtpd_client_restrictions apply before the client even had the ability to communicate over SMTP. So there is no SASL authentication data available anyway.

Given that you only want to use the server yourself, from your phone, you

  1. don't know which IP address you'll have, so applying a reject based on mynetworks wouldn't be useful to you.

  2. allowing anyone but yourself (being an authenticated user) to send email through the server isn't something you care about.

Der Hochstapler

Posted 2014-05-09T10:14:26.690

Reputation: 77 228

Your statement about smtpd_client_restrictions applied before AUTH is true when parameter smtpd_delay_reject = no. In the default configuration however, the value of smtpd_delay_reject is yes. See this page for the reason.

– masegaloeh – 2014-05-09T12:53:34.360

Asked: 2014-05-09T10:14:26.690

Viewed: 1 458 times

Active: 2014-05-09T10:35:15.963