Solved

How to Whitelist/Blacklist /IP addresses on Postfix

Posted on 2008-06-11
6
2,890 Views
Last Modified: 2013-12-16
We have a Linux Server and on that we are running Centos 4.4, i have created Exchange distribution groups but they are not working, because i believe they need to be whitelisted under postfix so that they reach to Exchange Server, now i am stuck at that.
Can anyone please guide me step by step on how to do that, because i am not that much familiar with Linux.

Thanks.
0
Comment
Question by:usmansultan
  • 3
  • 2
6 Comments
 
LVL 32

Expert Comment

by:Kamran Arshad
Comment Utility
0
 
LVL 1

Author Comment

by:usmansultan
Comment Utility
I have already came across that tutorial, but i believe we already have a file in which host names are listed which are allowed, so in that tutorial where should i start, and how to get there and access it.......
0
 
LVL 32

Expert Comment

by:Kamran Arshad
Comment Utility
Hi,

So it is not whitelisting even after following the howtoforge tutorial. What are the values in the SMTP logs?
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 1

Author Comment

by:usmansultan
Comment Utility
I have to do the whitelisting under postfix, as i said earlier i am not sure how to access the whitelisting file and how to reach there.....

The SMTP error is;


Reporting-MTA: dns;bay0-omc1-s23.bay0.hotmail.com
Received-From-MTA: dns;BAY131-W27
Arrival-Date: Wed, 11 Jun 2008 19:11:56 -0700

Final-Recipient: rfc822;rtafacet@facet.com.au
Action: failed
Status: 5.5.0
Diagnostic-Code: smtp;554 <rtafacet@facet.com.au>: Recipient address rejected: Access denied
0
 
LVL 1

Expert Comment

by:EmpireIron
Comment Utility
do a search for local.cf
I believe that is the file you're looking for.
0
 
LVL 1

Accepted Solution

by:
usmansultan earned 0 total points
Comment Utility
Worked out by doing the following steps.

The whitelist is maintained on the linux based proxy server as part of the postfix software suite.  Postfix refers to a table implemented in the file /etc/postfix/whitelist.db to determine what action to take when processing an incoming email.  This file is referenced in the main configuration file of /etc/postfix/main.cf, the relevant entry being
smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/whitelist, permit_mynetworks, reject_unauth_destination, reject
Reference material for postfix can be found at http://www.postfix.org.  
Maintenance
Maintenance of the whitelist table is achieved by editing a standard text file, converting this to a table and then making this table available to the postfix service.
Update text file
Logon to the proxy server with suitable credentials.  At the command prompt issue the commands
pushd /etc/postfix/
vi whitelist.txt
These commands
a) Set the current directory to the location of the files of interest while retaining the previous working directory, reducing typing, and,
b) Invoke the editor vi to allow you to update the file.  

Update the text file as needed bearing in mind the following rules
(a)A table entry has the form
<email address><whitespace>permit
where the email address cannot contain whitespace characters.
(b)Empty lines and whitespace-only lines are ignored, as are lines whose first non-whitespace character is a #
(c)A logical line starts with non-whitespace text.  A line  that starts with whitespace continues a logical line
(d)Entries are not case sensitive
 
Press i to enter into Insert Mode
Once finished adding the email addresses enter
:wq
To save the document and quit Vi.
 
 
Comment out lines no longer required by inserting a # symbol at the beginning of the line and the current date in the format dd  Mmm yyyy at the end of the line.  Insert new lines in the correct alphabetic sequence.
Convert to a table
The postfix application provides a program, postmap, to support the operation of converting a text file into a table for use with postfix.
postmap hash:whitelist.txt
will create a file /etc/postfix/whitelist.txt.db.
If there are errors, messages will be displayed.  Conversely, if there are no error messages, the process has been successful.
The table in active use is /etc/postfix/whitelist.db and you have just created the /etc/postfix/whitelist.txt.db file.  If the creation is successful, you now need to copy this new database file over the existing one.
mv whitelist.txt.db whitelist.db
The response should be
mv: overwrite whitelist.db?
Key in y and press the Enter key.
Activate the table
The postfix service can be reinitialised by using the command
service postfix reload
The response to this should be
Reloading postfix:                                         [  OK  ]
This completes the process.  The changes are now in effect.  Revert to the original working directory.
popd
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now