Solved

How to Whitelist/Blacklist /IP addresses on Postfix

Posted on 2008-06-11
6
2,945 Views
Last Modified: 2013-12-16
We have a Linux Server and on that we are running Centos 4.4, i have created Exchange distribution groups but they are not working, because i believe they need to be whitelisted under postfix so that they reach to Exchange Server, now i am stuck at that.
Can anyone please guide me step by step on how to do that, because i am not that much familiar with Linux.

Thanks.
0
Comment
Question by:usmansultan
  • 3
  • 2
6 Comments
 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 21766198
0
 
LVL 1

Author Comment

by:usmansultan
ID: 21766221
I have already came across that tutorial, but i believe we already have a file in which host names are listed which are allowed, so in that tutorial where should i start, and how to get there and access it.......
0
 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 21766289
Hi,

So it is not whitelisting even after following the howtoforge tutorial. What are the values in the SMTP logs?
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 1

Author Comment

by:usmansultan
ID: 21766389
I have to do the whitelisting under postfix, as i said earlier i am not sure how to access the whitelisting file and how to reach there.....

The SMTP error is;


Reporting-MTA: dns;bay0-omc1-s23.bay0.hotmail.com
Received-From-MTA: dns;BAY131-W27
Arrival-Date: Wed, 11 Jun 2008 19:11:56 -0700

Final-Recipient: rfc822;rtafacet@facet.com.au
Action: failed
Status: 5.5.0
Diagnostic-Code: smtp;554 <rtafacet@facet.com.au>: Recipient address rejected: Access denied
0
 
LVL 1

Expert Comment

by:EmpireIron
ID: 21796567
do a search for local.cf
I believe that is the file you're looking for.
0
 
LVL 1

Accepted Solution

by:
usmansultan earned 0 total points
ID: 22149599
Worked out by doing the following steps.

The whitelist is maintained on the linux based proxy server as part of the postfix software suite.  Postfix refers to a table implemented in the file /etc/postfix/whitelist.db to determine what action to take when processing an incoming email.  This file is referenced in the main configuration file of /etc/postfix/main.cf, the relevant entry being
smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/whitelist, permit_mynetworks, reject_unauth_destination, reject
Reference material for postfix can be found at http://www.postfix.org.  
Maintenance
Maintenance of the whitelist table is achieved by editing a standard text file, converting this to a table and then making this table available to the postfix service.
Update text file
Logon to the proxy server with suitable credentials.  At the command prompt issue the commands
pushd /etc/postfix/
vi whitelist.txt
These commands
a) Set the current directory to the location of the files of interest while retaining the previous working directory, reducing typing, and,
b) Invoke the editor vi to allow you to update the file.  

Update the text file as needed bearing in mind the following rules
(a)A table entry has the form
<email address><whitespace>permit
where the email address cannot contain whitespace characters.
(b)Empty lines and whitespace-only lines are ignored, as are lines whose first non-whitespace character is a #
(c)A logical line starts with non-whitespace text.  A line  that starts with whitespace continues a logical line
(d)Entries are not case sensitive
 
Press i to enter into Insert Mode
Once finished adding the email addresses enter
:wq
To save the document and quit Vi.
 
 
Comment out lines no longer required by inserting a # symbol at the beginning of the line and the current date in the format dd  Mmm yyyy at the end of the line.  Insert new lines in the correct alphabetic sequence.
Convert to a table
The postfix application provides a program, postmap, to support the operation of converting a text file into a table for use with postfix.
postmap hash:whitelist.txt
will create a file /etc/postfix/whitelist.txt.db.
If there are errors, messages will be displayed.  Conversely, if there are no error messages, the process has been successful.
The table in active use is /etc/postfix/whitelist.db and you have just created the /etc/postfix/whitelist.txt.db file.  If the creation is successful, you now need to copy this new database file over the existing one.
mv whitelist.txt.db whitelist.db
The response should be
mv: overwrite whitelist.db?
Key in y and press the Enter key.
Activate the table
The postfix service can be reinitialised by using the command
service postfix reload
The response to this should be
Reloading postfix:                                         [  OK  ]
This completes the process.  The changes are now in effect.  Revert to the original working directory.
popd
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
nagios remote hosts 9 56
CentOS 7 Installation 7 74
Configuring windows 7 host in Nagios 4 5 62
Using sort and uniq to pare down large syslog 5 28
Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question