Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3120
  • Last Modified:

How to Whitelist/Blacklist /IP addresses on Postfix

We have a Linux Server and on that we are running Centos 4.4, i have created Exchange distribution groups but they are not working, because i believe they need to be whitelisted under postfix so that they reach to Exchange Server, now i am stuck at that.
Can anyone please guide me step by step on how to do that, because i am not that much familiar with Linux.

Thanks.
0
usmansultan
Asked:
usmansultan
  • 3
  • 2
1 Solution
 
Kamran ArshadIT AssociateCommented:
0
 
usmansultanAuthor Commented:
I have already came across that tutorial, but i believe we already have a file in which host names are listed which are allowed, so in that tutorial where should i start, and how to get there and access it.......
0
 
Kamran ArshadIT AssociateCommented:
Hi,

So it is not whitelisting even after following the howtoforge tutorial. What are the values in the SMTP logs?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
usmansultanAuthor Commented:
I have to do the whitelisting under postfix, as i said earlier i am not sure how to access the whitelisting file and how to reach there.....

The SMTP error is;


Reporting-MTA: dns;bay0-omc1-s23.bay0.hotmail.com
Received-From-MTA: dns;BAY131-W27
Arrival-Date: Wed, 11 Jun 2008 19:11:56 -0700

Final-Recipient: rfc822;rtafacet@facet.com.au
Action: failed
Status: 5.5.0
Diagnostic-Code: smtp;554 <rtafacet@facet.com.au>: Recipient address rejected: Access denied
0
 
EmpireIronCommented:
do a search for local.cf
I believe that is the file you're looking for.
0
 
usmansultanAuthor Commented:
Worked out by doing the following steps.

The whitelist is maintained on the linux based proxy server as part of the postfix software suite.  Postfix refers to a table implemented in the file /etc/postfix/whitelist.db to determine what action to take when processing an incoming email.  This file is referenced in the main configuration file of /etc/postfix/main.cf, the relevant entry being
smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/whitelist, permit_mynetworks, reject_unauth_destination, reject
Reference material for postfix can be found at http://www.postfix.org.  
Maintenance
Maintenance of the whitelist table is achieved by editing a standard text file, converting this to a table and then making this table available to the postfix service.
Update text file
Logon to the proxy server with suitable credentials.  At the command prompt issue the commands
pushd /etc/postfix/
vi whitelist.txt
These commands
a) Set the current directory to the location of the files of interest while retaining the previous working directory, reducing typing, and,
b) Invoke the editor vi to allow you to update the file.  

Update the text file as needed bearing in mind the following rules
(a)A table entry has the form
<email address><whitespace>permit
where the email address cannot contain whitespace characters.
(b)Empty lines and whitespace-only lines are ignored, as are lines whose first non-whitespace character is a #
(c)A logical line starts with non-whitespace text.  A line  that starts with whitespace continues a logical line
(d)Entries are not case sensitive
 
Press i to enter into Insert Mode
Once finished adding the email addresses enter
:wq
To save the document and quit Vi.
 
 
Comment out lines no longer required by inserting a # symbol at the beginning of the line and the current date in the format dd  Mmm yyyy at the end of the line.  Insert new lines in the correct alphabetic sequence.
Convert to a table
The postfix application provides a program, postmap, to support the operation of converting a text file into a table for use with postfix.
postmap hash:whitelist.txt
will create a file /etc/postfix/whitelist.txt.db.
If there are errors, messages will be displayed.  Conversely, if there are no error messages, the process has been successful.
The table in active use is /etc/postfix/whitelist.db and you have just created the /etc/postfix/whitelist.txt.db file.  If the creation is successful, you now need to copy this new database file over the existing one.
mv whitelist.txt.db whitelist.db
The response should be
mv: overwrite whitelist.db?
Key in y and press the Enter key.
Activate the table
The postfix service can be reinitialised by using the command
service postfix reload
The response to this should be
Reloading postfix:                                         [  OK  ]
This completes the process.  The changes are now in effect.  Revert to the original working directory.
popd
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now