Thursday, October 26, 2006

Figured out my Postfix Problem

The other day I posted about how the new mail server I installed at a client site wasn't listening for SMTP connections on the network. As I'd susprected, it was a little too locked down. I had to go into the /etc/postfix/main.cf config file and change the "inet_interfaces" value to "all".

After doing this I wanted to make damn sure that I hadn't inadvertantly created an open relay. I wasn't too concerned, since the box is setup to require SMTP authentication before allowing a user to send mail via the box, but complacency isn't something I can afford here. I tested this three ways:

  1. Attempted to send mail through the box using my test account, using Mail.app. The unauthenticated SMTP session was rejected, while the authenticated session worked.
  2. While logged into the box via SSH, I telnetted to relay-test.mail-abuse.org, which runs a script that attemtps to relay mail through the box. All attempts to do so failed.
  3. Ran SpamHelp.org's web-based test on the box's IP. It came up negative.

Now all we need to do is schedule a time to migrate them over. It looks like we'll be recyling the old box into a secondary mail server, to be located at their other office. I'll create a clone of the new box on the old one, with appropriate changes such as hostname, etc.

No comments: