[Gllug] mail servers / pop3

Stephen Harker steve at pauken.co.uk
Mon Nov 12 11:40:24 UTC 2001 

On Monday 12 November 2001 11:07, you wrote:
> Just need a few pointers to check I'm going in the right direction.
> I've set up a postfix mail server that's sharing a physical machine with
> a web server.
> I want the machine to be able to email out (this works OK) plus anyone
> to be able to send emails in to local users/mail account holders (can't
> check this yet because still waiting for DNS entry to come through).
>
> I *don't* want it to accept emails that aren't for local users i.e. like
> when I dial up Demon I send my email to their mail server that then
> sends it onwards.
> How do I shut off incoming emails that aren't for local users? Is it
> within postfix or at a lower level?
Postfix denies  relaying by default and you have to specify (by IP 
range or address) the machines for which you want to allow relaying.
eg 'mynetworks	192.168.1.0/24 192.168.3.2 192.168.3.3' etc... in the main.cf 
file

> Presumably emails for local users and emails to be forwarded both come
> in on port 25 so a firewall won't help.
>
> If I look to see what ports are open I get 25 but also "submission" and
> some other one. Do I just need port 25 open for incoming mail? (Plus
> port 110(?) for pop3?)

For SMTP, 'only' port 25 needs to be open and for pop3 'only' port 110. You 
can also use your firewall to let out smtp connections only to your isps smtp 
server and also to only accept connections to port 25 from a particular ip 
address range (your local users). You should be able to do this with ipchains 
on the mail server itself (Is it in a DMZ?) just to be sure.

> Also, what recommendations do people have for pop3 servers? I could only
> find 3: Cyrus, Courier & Qpopper.
> I went for Qpopper because it seemed the simplest and it seems to work
> OK, though I couldn't find rpms and had to install from source.
I just use Washington Univ imap/ipop daemon that comes as default with most 
distros. But I don't need anything more than this. Haven't investigated the 
others.

> The other thing I'm a bit confused about is the hostname.
> If my machine has a hostname of "foo" and a domain of "bar.com" then the
> FQDN is "foo.bar.com"
> But the webserver is accessed as "www.bar.com" - this is set in apache
> virtual hosting I think?
> What about other things like "mail.bar.com" or "pop3.bar.com"? Are these
> names that can be set in the appropriate application or does it all have
> to be foo.bar.com?
>
> I presume big companies have a separate machine for each server so the
> web server *is* called "www", the pop3 server called "pop3" etc.
You should be able to set up aliases with your dns hoster (I assume your isp 
is hosting dns for your domain) such that mail.bar.com and pop3.bar.com or 
relay.bar.com or whatever actually resolve to foo.bar.com. Actually, that is 
exactly what is happening with www.bar.com (www is always, I think, an alias 
to a real name in dns)

-- 
Stephen Harker
steve at pauken.co.uk, http://www.pauken.co.uk
"Stockhausen? I haven't conducted any but I once trod in some"
				 - Sir Thomas Beecham

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug

More information about the GLLUG mailing list