Pls Help - Postfix Multi-Domain SMTP Banner with Postscreen
20 views
Skip to first unread message
Nitin
Jan 30, 2022, 10:50:03 PMJan 30
to
Hi friends,
I have managed to successfully setup a single Postfix server with multiple domains to show the correct smtpd banner for each domain with the following setup (mx.abc.com being the primary domain):
abc.xxx.xxx.xxx:smtp inet n - n - 1 smtpd -o myhostname=mx.abc.com -o smtp_helo_name=mx.abc.com -o tlsp
roxy_service_name=tlsproxy_mx.abc.com -o smtpd_service_name=smtpd_mx.abc.com -o smtp_bind_address=abc.xxx.xxx.xxx -o smtpd_tls_c
hain_files=/path/private.pem,/path/mx.abc.com/fullchain.pem -o syslog_name=postfix-mx.abc.com
xyz.xxx.xxx.xxx:smtp inet n - n - 1 smtpd -o myhostname=mx.xyz.com -o smtp_helo_name=mx.xyz.com -o tlsp
roxy_service_name=tlsproxy_mx.xyz.com -o smtpd_service_name=smtpd_mx.xyz.com -o smtp_bind_address=xyz.xxx.xxx.xxx -o smtpd_tls_c
hain_files=/path/mx.xyz.com/private.pem,/path/mx.xyz.com/fullchain.pem -o syslog_name=postfix-mx.xyz.com
smtpd_mx.abc.com pass - - n - - smtpd -o syslog_name=postfix-mx.abc.com
smtpd_mx.xyz.com pass - - n - - smtpd -o syslog_name=postfix-mx.xyz.com
dnsblog unix - - n - 0 dnsblog
tlsproxy_mx.abc.com unix - - n - 0 tlsproxy -o syslog_name=postfix-mx.abc.com
tlsproxy_mx.xyz.com unix - - n - 0 tlsproxy -o syslog_name=postfix-mx.xyz.com
However, if I change the smtpd to postscreen as below:
abc.xxx.xxx.xxx:smtp inet n - n - 1 postscreen -o myhostname=mx.abc.com -o smtp_helo_name=mx.abc.com -o tlsp
roxy_service_name=tlsproxy_mx.abc.com -o smtpd_service_name=smtpd_mx.abc.com -o smtp_bind_address=abc.xxx.xxx.xxx -o smtpd_tls_c
hain_files=/path/private.pem,/path/mx.abc.com/fullchain.pem -o syslog_name=postfix-mx.abc.com
xyz.xxx.xxx.xxx:smtp inet n - n - 1 postscreen -o myhostname=mx.xyz.com -o smtp_helo_name=mx.xyz.com -o tlsp
roxy_service_name=tlsproxy_mx.xyz.com -o smtpd_service_name=smtpd_mx.xyz.com -o smtp_bind_address=xyz.xxx.xxx.xxx -o smtpd_tls_c
hain_files=/path/mx.xyz.com/private.pem,/path/mx.xyz.com/fullchain.pem -o syslog_name=postfix-mx.xyz.com
it is always responding with the primary domain in the SMTP banner for the second domain mx.xyz.com as well :(
Not sure what I am doing wrong... any help to get this working with postscreen would be greatly appreciated.
Below is my Postscreen setup in main.cf:
postscreen_access_list = permit_mynetworks,
cidr:/path/postscreen_access.cidr
postscreen_greet_action = enforce
postscreen_greet_banner = Welcome to abc mail service. Please wait...
postscreen_cache_map = proxy:btree:$data_directory/postscreen_cache
postscreen_cache_cleanup_interval = 0
postscreen_blacklist_action = drop
#postscreen_dnsbl_threshold = 2
#postscreen_dnsbl_sites =
# list.dnswl.org*-5
#postscreen_dnsbl_sites = zen.spamhaus.org*2
# dnbsbl.sorbs.net
# bl.spamcop.net
#postscreen_dnsbl_action = enforce
postscreen_pipelining_enable = no
#postscreen_pipelining_action = enforce
postscreen_non_smtp_command_enable = no
#postscreen_non_smtp_command_action = drop
postscreen_bare_newline_enable = no
#postscreen_bare_newline_action = enforce
Thanks in advance.
Nitin
I have managed to successfully setup a single Postfix server with multiple domains to show the correct smtpd banner for each domain with the following setup (mx.abc.com being the primary domain):
abc.xxx.xxx.xxx:smtp inet n - n - 1 smtpd -o myhostname=mx.abc.com -o smtp_helo_name=mx.abc.com -o tlsp
roxy_service_name=tlsproxy_mx.abc.com -o smtpd_service_name=smtpd_mx.abc.com -o smtp_bind_address=abc.xxx.xxx.xxx -o smtpd_tls_c
hain_files=/path/private.pem,/path/mx.abc.com/fullchain.pem -o syslog_name=postfix-mx.abc.com
xyz.xxx.xxx.xxx:smtp inet n - n - 1 smtpd -o myhostname=mx.xyz.com -o smtp_helo_name=mx.xyz.com -o tlsp
roxy_service_name=tlsproxy_mx.xyz.com -o smtpd_service_name=smtpd_mx.xyz.com -o smtp_bind_address=xyz.xxx.xxx.xxx -o smtpd_tls_c
hain_files=/path/mx.xyz.com/private.pem,/path/mx.xyz.com/fullchain.pem -o syslog_name=postfix-mx.xyz.com
smtpd_mx.abc.com pass - - n - - smtpd -o syslog_name=postfix-mx.abc.com
smtpd_mx.xyz.com pass - - n - - smtpd -o syslog_name=postfix-mx.xyz.com
dnsblog unix - - n - 0 dnsblog
tlsproxy_mx.abc.com unix - - n - 0 tlsproxy -o syslog_name=postfix-mx.abc.com
tlsproxy_mx.xyz.com unix - - n - 0 tlsproxy -o syslog_name=postfix-mx.xyz.com
However, if I change the smtpd to postscreen as below:
abc.xxx.xxx.xxx:smtp inet n - n - 1 postscreen -o myhostname=mx.abc.com -o smtp_helo_name=mx.abc.com -o tlsp
roxy_service_name=tlsproxy_mx.abc.com -o smtpd_service_name=smtpd_mx.abc.com -o smtp_bind_address=abc.xxx.xxx.xxx -o smtpd_tls_c
hain_files=/path/private.pem,/path/mx.abc.com/fullchain.pem -o syslog_name=postfix-mx.abc.com
xyz.xxx.xxx.xxx:smtp inet n - n - 1 postscreen -o myhostname=mx.xyz.com -o smtp_helo_name=mx.xyz.com -o tlsp
roxy_service_name=tlsproxy_mx.xyz.com -o smtpd_service_name=smtpd_mx.xyz.com -o smtp_bind_address=xyz.xxx.xxx.xxx -o smtpd_tls_c
hain_files=/path/mx.xyz.com/private.pem,/path/mx.xyz.com/fullchain.pem -o syslog_name=postfix-mx.xyz.com
it is always responding with the primary domain in the SMTP banner for the second domain mx.xyz.com as well :(
Not sure what I am doing wrong... any help to get this working with postscreen would be greatly appreciated.
Below is my Postscreen setup in main.cf:
postscreen_access_list = permit_mynetworks,
cidr:/path/postscreen_access.cidr
postscreen_greet_action = enforce
postscreen_greet_banner = Welcome to abc mail service. Please wait...
postscreen_cache_map = proxy:btree:$data_directory/postscreen_cache
postscreen_cache_cleanup_interval = 0
postscreen_blacklist_action = drop
#postscreen_dnsbl_threshold = 2
#postscreen_dnsbl_sites =
# list.dnswl.org*-5
#postscreen_dnsbl_sites = zen.spamhaus.org*2
# dnbsbl.sorbs.net
# bl.spamcop.net
#postscreen_dnsbl_action = enforce
postscreen_pipelining_enable = no
#postscreen_pipelining_action = enforce
postscreen_non_smtp_command_enable = no
#postscreen_non_smtp_command_action = drop
postscreen_bare_newline_enable = no
#postscreen_bare_newline_action = enforce
Thanks in advance.
Nitin
Reply all
Reply to author
Forward
0 new messages