Does anyone have information on why eFA5 creates the postfix default mynetworks settings as:
mynetworks = 127.0.0.0/8 [::1]/128 hash:/etc/postfix/transport
And this is reset to this prepended string when you use eFA-Configure and add a relay; it becomes:
mynetworks = 127.0.0.0/8 [::1]/128 hash:/etc/postfix/transport 211.128.103.94
The "hash" used in this case does not work, and the entries in the transport db file are never returned as 'mynetworks' items.
This should be changed to a simple list-style file and included here. Then the CLI menu item can just append or delete from this text file.
mynetworks = 127.0.0.0/8 [::1]/128 hash:/etc/postfix/mynetworks_list
It would be nice to re-use the transport file to reduce management of different files when eFA is used with multiple backend internal host servers or domains - but not sure this can be done directly in postfix.
This current configuration seems to require additional steps to setup out-of-the-box, or else you get relay-denied for outbound messages.
Postfix mynetworks default setting
- shawniverson
- Posts: 3782
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: Postfix mynetworks default setting
I'd like to know how "hash:/etc/postfix/transport" ended up here.
mynetworks is initialized out of the box as:
eFa-base-5.0.0-1.eFa.el9.noarch
postfix-config-5.0.0.sh, line 35:
mynetworks is initialized out of the box as:
eFa-base-5.0.0-1.eFa.el9.noarch
postfix-config-5.0.0.sh, line 35:
Code: Select all
postconf -e "mynetworks = 127.0.0.0/8 [::1]/128"
Re: Postfix mynetworks default setting
Sorry, please disregard this and apologies for not updating sooner.
We found this issue with the postfix settings was caused by an error in our Linux OS hardening script. Not related to the eFA installer.
We found this issue with the postfix settings was caused by an error in our Linux OS hardening script. Not related to the eFA installer.
Re: Postfix mynetworks default setting
It looks like the issue is with using the "hash" format for `mynetworks`—it's not working as expected. Switching to a simple text file (like `mynetworks_list`) would make it easier to manage and allow you to add/remove IPs without hassle.