<html><head><style>body{font-family:Helvetica,Arial;font-size:13px}</style></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px; color: rgba(0,0,0,1.0); margin: 0px; line-height: auto;">Thanks - it’s all working fine now. Final question. Are there any settings that should be optimized for postscreen? Or just turn it loose and let it do its thing??</div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px; color: rgba(0,0,0,1.0); margin: 0px; line-height: auto;"><br></div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px; color: rgba(0,0,0,1.0); margin: 0px; line-height: auto;">Thanks.</div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px; color: rgba(0,0,0,1.0); margin: 0px; line-height: auto;"><br></div> <br> <div id="bloop_sign_1484363086163152896" class="bloop_sign"><b>Danita Zanrè</b>, <i>Move Out of the Office</i><div>I love my job, and you can too!</div><div>Tel: (720) 319-7530 - Caledonia Network Consulting</div><div>Tel: (720) 319-8240 - Move Out of the Office</div><div><div><br></div></div></div> <br><p class="airmail_on">On January 13, 2017 at 4:41:26 PM, Peter Lemieux (<a href="mailto:mailscanner@replies.cyways.com">mailscanner@replies.cyways.com</a>) wrote:</p> <blockquote type="cite" class="clean_bq"><span><div><div></div><div>If mail is coming from all over the Internet to your host, setting
<br>
<br>mynetworks = 0.0.0.0/0
<br>
<br>in main.cf works as well. Many modern distributions like Ubuntu have only
<br>127.0.0.1 and similar local addresses in the mynetworks field by default.
<br>
<br>I recommend reading http://www.postfix.org/SMTPD_ACCESS_README.html for a
<br>comprehensive overview of how Postfix handles incoming mail.
<br>
<br>Peter
<br>
<br>
<br>On 01/13/2017 05:30 PM, Danita Zanre wrote:
<br>> Ah! See, something simple! Because this was all coming from “localhost” it
<br>> was working - I think I know now!
<br>>
<br>> Let me work on that.
<br>>
<br>>
<br>>
<br>> *Danita Zanrè*, /Move Out of the Office/
<br>> I love my job, and you can too!
<br>> Tel: (720) 319-7530 - Caledonia Network Consulting
<br>> Tel: (720) 319-8240 - Move Out of the Office
<br>>
<br>>
<br>> On January 13, 2017 at 4:32:33 PM, Shawn Iverson
<br>> (iversons@rushville.k12.in.us <mailto:iversons@rushville.k12.in.us>) wrote:
<br>>
<br>>> I don't see a relay_domains definition in your config
<br>>>
<br>>> relay_domains = hash:/etc/postfix/transport
<br>>>
<br>>> On Fri, Jan 13, 2017 at 5:21 PM, Danita Zanre <danita@caledonia.net
<br>>> <mailto:danita@caledonia.net>> wrote:
<br>>>
<br>>> so, for example,
<br>>>
<br>>> caledonia.net <http://caledonia.net> smtp:192.223.10.61
<br>>>
<br>>>
<br>>> And it works fine until we have mail coming directly to the
<br>>> mailscanner server.
<br>>>
<br>>>
<br>>> Full disclosure:
<br>>>
<br>>>
<br>>> We have a xeams server that we are replacing. It and mailscanner are
<br>>> on the same box. So, during the switchover, mail has been coming to
<br>>> the xeams server, it has been set to not scan anything, and then it
<br>>> relays to 127.0.0.1 for postfix to pick it up. I did it this way,
<br>>> because we have multiple domain names, and I was switching them over
<br>>> one at a time to make sure there were no problems. Xeams continued to
<br>>> scan for zanre.com <http://zanre.com>, for example, and passed mail
<br>>> for caledonia.net <http://caledonia.net> unscanned to
<br>>> postix/mailscanner via localhost.
<br>>>
<br>>>
<br>>> So, if I set postfix to listen on all interfaces and turn the xeams
<br>>> server off, nothing has really changed except the mail is hitting
<br>>> postfix first. I also have postscreen on in “ignore” mode until I can
<br>>> make sure that everything else works, and then I had intended to set
<br>>> postscreen to “enable”.
<br>>>
<br>>>
<br>>> Thanks
<br>>>
<br>>>
<br>>> *Danita Zanrè*, /Move Out of the Office/
<br>>> I love my job, and you can too!
<br>>> Tel: (720) 319-7530 <tel:(720)%20319-7530> - Caledonia Network Consulting
<br>>> Tel: (720) 319-8240 <tel:(720)%20319-8240> - Move Out of the Office
<br>>>
<br>>>
<br>>> On January 13, 2017 at 4:15:33 PM, Shawn Iverson
<br>>> (iversons@rushville.k12.in.us <mailto:iversons@rushville.k12.in.us>)
<br>>> wrote:
<br>>>
<br>>>> What's in your transport maps?
<br>>>>
<br>>>> On Fri, Jan 13, 2017 at 5:00 PM, Danita Zanre <danita@caledonia.net
<br>>>> <mailto:danita@caledonia.net>> wrote:
<br>>>>
<br>>>> Sorry - this is a dumb postfix question I’m sure - it’s been awhile!
<br>>>>
<br>>>> In setting up my system, I had my mailscanner server behind our
<br>>>> existing anti-spam server so that I could test it. So,
<br>>>> everything was coming from the existing anti-spam server as a
<br>>>> front-end relay server. Working perfectly, but now I’m ready to
<br>>>> move forward.
<br>>>>
<br>>>> But when I redirect mail to come directly to the new mailscanner
<br>>>> server, everything says Relay access denied.
<br>>>>
<br>>>> So, for some reason, postfix is ONLY accepting mail from the
<br>>>> relay server. Here’s what is in main.cf <http://main.cf> -
<br>>>> please tell me what silly thing I’ve overlooked! I’ve togged the
<br>>>> sender_restrictions on and off thinking something was in there.
<br>>>>
<br>>>> Thanks
<br>>>>
<br>>>> inet_protocols = all
<br>>>>
<br>>>> biff = no
<br>>>>
<br>>>> mail_spool_directory = /var/mail
<br>>>>
<br>>>> canonical_maps = hash:/etc/postfix/canonical
<br>>>>
<br>>>> virtual_alias_maps = hash:/etc/postfix/virtual
<br>>>>
<br>>>> virtual_alias_domains = hash:/etc/postfix/virtual
<br>>>>
<br>>>> relocated_maps = hash:/etc/postfix/relocated
<br>>>>
<br>>>> transport_maps = hash:/etc/postfix/transport
<br>>>>
<br>>>> sender_canonical_maps = hash:/etc/postfix/sender_canonical
<br>>>>
<br>>>> masquerade_exceptions = root
<br>>>>
<br>>>> masquerade_classes = envelope_sender, header_sender, header_recipient
<br>>>>
<br>>>> myhostname = iris.caledonia.net <http://iris.caledonia.net>
<br>>>>
<br>>>> delay_warning_time = 1h
<br>>>>
<br>>>> message_strip_characters = \0
<br>>>>
<br>>>> #inet_interfaces = localhost
<br>>>>
<br>>>> inet_interfaces = all
<br>>>>
<br>>>> masquerade_domains =
<br>>>>
<br>>>> mydestination = $myhostname, localhost.$mydomain
<br>>>>
<br>>>> defer_transports =
<br>>>>
<br>>>> mynetworks_style = subnet
<br>>>>
<br>>>> disable_dns_lookups = no
<br>>>>
<br>>>> relayhost =
<br>>>>
<br>>>> mailbox_command =
<br>>>>
<br>>>> mailbox_transport =
<br>>>>
<br>>>> strict_8bitmime = no
<br>>>>
<br>>>> disable_mime_output_conversion = no
<br>>>>
<br>>>> #smtpd_sender_restrictions = hash:/etc/postfix/access
<br>>>>
<br>>>> smtpd_client_restrictions =
<br>>>>
<br>>>> smtpd_helo_required = no
<br>>>>
<br>>>> smtpd_helo_restrictions =
<br>>>>
<br>>>> strict_rfc821_envelopes = no
<br>>>>
<br>>>> smtpd_recipient_restrictions =
<br>>>> permit_mynetworks,reject_unauth_destination,reject_unknown_recipient_domain,reject_unverified_recipient,reject_unauth_pipelining,permit_auth_destination,reject
<br>>>>
<br>>>> smtp_sasl_auth_enable = no
<br>>>>
<br>>>> smtpd_sasl_auth_enable = no
<br>>>>
<br>>>> smtpd_use_tls = no
<br>>>>
<br>>>> smtp_use_tls = no
<br>>>>
<br>>>> smtp_enforce_tls = no
<br>>>>
<br>>>> alias_maps = hash:/etc/aliases
<br>>>>
<br>>>> mailbox_size_limit = 0
<br>>>>
<br>>>> message_size_limit = 91820000
<br>>>>
<br>>>> default_process_limit = 100
<br>>>>
<br>>>>
<br>>>> postscreen_access_list = permit_mynetworks,
<br>>>> cidr:/etc/postfix/postscreen_access.cidr
<br>>>>
<br>>>> postscreen_greet_action = ignore
<br>>>>
<br>>>>
<br>>>>
<br>>>> *Danita Zanrè*, /Move Out of the Office/
<br>>>> I love my job, and you can too!
<br>>>> Tel: (720) 319-7530 <tel:(720)%20319-7530> - Caledonia Network
<br>>>> Consulting
<br>>>> Tel: (720) 319-8240 <tel:(720)%20319-8240> - Move Out of the Office
<br>>>>
<br>>>>
<br>>>>
<br>>>>
<br>>>> --
<br>>>> MailScanner mailing list
<br>>>> mailscanner@lists.mailscanner.info
<br>>>> <mailto:mailscanner@lists.mailscanner.info>
<br>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
<br>>>> <http://lists.mailscanner.info/mailman/listinfo/mailscanner>
<br>>>>
<br>>>>
<br>>>>
<br>>>>
<br>>>>
<br>>>> --
<br>>>> Shawn Iverson
<br>>>> Director of Technology
<br>>>> Rush County Schools
<br>>>> 765-932-3901 x271 <tel:(765)%20932-3901>
<br>>>> iversons@rushville.k12.in.us <mailto:iversons@rushville.k12.in.us>
<br>>>>
<br>>>>
<br>>>>
<br>>>> --
<br>>>> This message has been scanned for viruses and
<br>>>> dangerous content by *Iris MailScanner* <http://iris.caledonia.net/>,
<br>>>> and is
<br>>>> believed to be clean.
<br>>>>
<br>>>> --
<br>>>> MailScanner mailing list
<br>>>> mailscanner@lists.mailscanner.info
<br>>>> <mailto:mailscanner@lists.mailscanner.info>
<br>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
<br>>>> <http://lists.mailscanner.info/mailman/listinfo/mailscanner>
<br>>>>
<br>>>
<br>>>
<br>>>
<br>>> --
<br>>> Shawn Iverson
<br>>> Director of Technology
<br>>> Rush County Schools
<br>>> 765-932-3901 x271
<br>>> iversons@rushville.k12.in.us <mailto:iversons@rushville.k12.in.us>
<br>>>
<br>>>
<br>>> ------------------------------------------------------
<br>>> Powered by Xeams. Visit xeams.com for more information
<br>>> ------------------------------------------------------
<br>>>
<br>>> --
<br>>> This message has been scanned for viruses and
<br>>> dangerous content by *Iris MailScanner* <http://iris.caledonia.net/>, and is
<br>>> believed to be clean.
<br>>
<br>>
<br>>
<br>>
<br>
<br>
<br>--
<br>MailScanner mailing list
<br>mailscanner@lists.mailscanner.info
<br>http://lists.mailscanner.info/mailman/listinfo/mailscanner
<br>
<br>--
<br>This message has been scanned for viruses and
<br>dangerous content by Iris MailScanner, and is
<br>believed to be clean.
<br>
<br></div></div></span></blockquote></body></html>