AmandaEmily
20th October 2007, 09:55 PM
I've been banging my head in frustration with this problem with Postfix 2.4.3 on Fedora 7.
The basics is that the server sits behind a cisco pix, which NATs the fake example address of 10.99.2.15 (the real address is a public one) to the server's address behind the firewall of 10.10.10.2
Postfix will answer internally on the 10.10.10.2 address, but not the 10.99.2.15 address externally. I have set proxy_interfaces = 10.99.2.15, but postfix seems to ignore it.
My config is below
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myhostname = lists.example.com
mydomain = lists.example.com
#inet_interfaces = $myhostname, localhost
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
mynetworks_style = subnet
mynetworks = 127.0.0.0/8
alias_maps = hash:/etc/aliases, hash:/usr/local/mailman/data/aliases
alias_database = hash:/etc/aliases
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
smtpd_client_restrictions = permit_mynetworks, reject_rbl_client relays.ordb.org, reject_rbl_client sbl.spamhaus.org, permit
proxy_interfaces = 10.99.2.15
The basics is that the server sits behind a cisco pix, which NATs the fake example address of 10.99.2.15 (the real address is a public one) to the server's address behind the firewall of 10.10.10.2
Postfix will answer internally on the 10.10.10.2 address, but not the 10.99.2.15 address externally. I have set proxy_interfaces = 10.99.2.15, but postfix seems to ignore it.
My config is below
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myhostname = lists.example.com
mydomain = lists.example.com
#inet_interfaces = $myhostname, localhost
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
mynetworks_style = subnet
mynetworks = 127.0.0.0/8
alias_maps = hash:/etc/aliases, hash:/usr/local/mailman/data/aliases
alias_database = hash:/etc/aliases
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
smtpd_client_restrictions = permit_mynetworks, reject_rbl_client relays.ordb.org, reject_rbl_client sbl.spamhaus.org, permit
proxy_interfaces = 10.99.2.15
