Postfix cleanup daemon access control

Posted by Flimzy on Server Fault See other posts from Server Fault or by Flimzy
Published on 2012-06-01T21:10:03Z Indexed on 2012/06/01 22:42 UTC
Read the original article Hit count: 175

Filed under:

postfix

|

access-control

Is there any way to control which hosts are permitted to connect to the cleanup daemon over TCP?

Our 'master.cf' contains:

2526      inet  n       -       -       -       0       cleanup

This is necessary because we have a cluster of SMTP servers running custom code, and they can all inject mail to the centralized postfix server via the cleanup daemon.

However, we want to allow only our authorized servers to connect to the cleanup daemon. The current configuration allows any host to connect to port 2526.

Clearly we can use iptables to restrict access, but is there a way to do this within postfix itself?

© Server Fault or respective owner

Related posts about postfix

postfix: Temporary lookup failure

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have followed the tutorials step by step for installing and configuring postfix https://help.ubuntu.com/community/Postfix https://help.ubuntu.com/community/PostfixBasicSetupHowto I am trying to test the services to whether Temporary lookup failure error telnet localhost 25 250 2.1.0 Ok rcpt to:… >>> More
postfix with mailman

as seen on Server Fault - Search for 'Server Fault'
What should happen is that [email protected] should be delivered to that users inbox on localhost, user@localhost. Thunderbird works fine at reading user@localhost. I'm just using a small portion of postfix-dovecot with Ubuntu mailman. How can I get postfix to recognize the FQDN and deliver… >>> More
saslauthd + PostFix producing password verification and authentication errors

as seen on Server Fault - Search for 'Server Fault'
So I'm trying to setup PostFix while using SASL (Cyrus variety preferred, I was using dovecot earlier but I'm switching from dovecot to courier so I want to use cyrus instead of dovecot) but I seem to be having issues. Here are the errors I'm receiving: ==> mail.log <== Aug 10 05:11:49 crazyinsanoman… >>> More
centos postfix send email problem

as seen on Server Fault - Search for 'Server Fault'
Hello. I have a big problem with postfix. I can receive mail in webmin and outlook but I can't send (only on local I can - user to user). Dovecot is working just fine. Sendmail is disable. Please help me. postfix -n postfix: invalid option -- n postfix: fatal: usage: postfix [-c config_dir] [-Dv]… >>> More
Migrating users and mailboxes from postfix / Maildir to Postfix with Mysql backend

as seen on Server Fault - Search for 'Server Fault'
So I've got 60 or so users on a hand rolled postfix installation on openbsd and I'd like to move their mailboxes to our new mail server running iRedMail (postfix, vmail/mysql back end) Does anyone know of a good way to do this? Preferably a script I can run to keep syncing the users mailboxes as… >>> More

Related posts about access-control

LiteSpeed enable Access-Control-Allow-Origin (no response header on CORS request)

as seen on Server Fault - Search for 'Server Fault'
Seriously, I can't find a single page discussing this for litespeed. Using this format in the htaccess "Header set Access-Control-Allow-Origin http://aSite.com" (and https) sends the setting in the http response header, but I still get the "XMLHttpRequest cannot load https://aSite.com/aFile.php.… >>> More
DELETE method not working in Apache 2.4

as seen on Server Fault - Search for 'Server Fault'
I'm running Apache 2.4 locally and dealing with RESTful services authenticating through OAuth. GET, PUT and POST work fine but I can't get DELETE to work. I've tried installing WebDAV and mod_dav, overriding methods in .htaccess, tried Limits, force (enable) DELETE options in configuration and pretty… >>> More
CORS Fails on CloudFront Distribution with Nginx Origin

as seen on Server Fault - Search for 'Server Fault'
I have a CloudFront distribution set up with an Nginx server as the origin (a Media Temple DV server, to be specific). I enabled the Access-Control-Allow-Origin: * header so fonts will work in Firefox. However, Firefox throws a CORS error for fonts loaded from this CloudFront/Nginx distribution. I… >>> More
My MS Access control displays no text for appended items following an append query

as seen on Stack Overflow - Search for 'Stack Overflow'
The control in question is part of a datasheet-style subform that feeds off a multi-field combo-box. The control is bound to the first field of the combo box, an ID field which is hidden from view (column width set to zero). Consequently, the second field (Code) is displayed in the control when an… >>> More
ASP.NET and WIF: Showing custom profile username as User.Identity.Name

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
I am building ASP.NET MVC application that uses external services to authenticate users. For ASP.NET users are fully authenticated when they are redirected back from external service. In system they are logically authenticated when they have created user profiles. In this posting I will show you how… >>> More