qmail question - allowing relay from local LAN? [SOLVED]

[trellis]

I'm a complete qmail newbie, but I've managed to get qmail working, the only problem is I want to allow relaying from addresses on my local lan.

I have added the necessary lines to /etc/tcp.smtp, e.g.:

x.x.x.x:allow,RELAYCLIENT="",RBLSMTPD=""

Rebuilt the database (the comment at the top of tcp.smtp explaining how to do this is totally wrong, BTW) , and restarted svscan, and even rebooted the entire box!

Still getting the error that "host is not in rcpthosts" when trying to relay.

What have I screwed up?

[cselkirk]

When you say addresses do you mean all address on the subnet? I see in the above rules you have "x.x.x.x:allow" which would define one host, the "x.x.x.x".
If this is not what you want then the following maybe what you are looking for:

[trellis]

Thanks for that.

I have a /29 subnet, and couldn't find any examples dealing with subnets so I thought it would be safer to enumerate all the addresses (there are only 6 of them!)

It definitely did rebuild the database (I checked the time stamp), so I'm now wondering whether it matters where the "allow" lines appear in the input file? I put them right at the end - will this work?

[cselkirk]

tcpserver will use the first rule it finds (begining with the top most rule I believe). eg:

[cselkirk]

Forgot to mention that you can check the rules in your cdb with the following:

[trellis]

Many thanks for your help, but still no luck, unfortunately

[cselkirk]

OK, well at least we know your rules are in order .. hehe.

I'm inclinded to agree with your appraisal, however I should ask the obvious question.

So, /var/qmail/control/rcpthosts contains a valid FQDN? And that FQDN is the machines name (qualified by reverse DNS lookup)?
_________________
cn=cselkirk,dc=xs4all,dc=nl

[cselkirk]

After a little digging I come accross this. So, your not the only person witht this particular problem. It is possible the tcpserver is broken (at least under some installs), aggressive CFLAGS perhaps?

I'm less inclined to think it's the compile process, but perhaps. Have you checked bugs.gentoo.org?
_________________
cn=cselkirk,dc=xs4all,dc=nl

[cselkirk]

Just a thought, I wonder if this is related to the +ipv6 bug.

Try re-mergeing sys-apps/ucspi-tcp with -ipv6.

[trellis]

I have checked bugs.gentoo.org, but couldn't find any relating specifically to this problem (although I couldn't think of a search term to achieve less than 200 results!)

Should I raise a new bug?

[cselkirk]

[trellis]

Thanks - will try that, but which packages should I re-merge? Should I un-merge them first? Will I lose my configs?

[cselkirk]

I'm sorry, I completly omited to say which packge, "sys-apps/ucspi-tcp". And, no you don't need to unmerge and there are no configuration files that come with the package to etc-update.
_________________
cn=cselkirk,dc=xs4all,dc=nl

[trellis]

many thanks! It is busy emerging as I write this...

(Being of a semi-paranoid nature, I backed up my config files anyway!)

[Bojan]

I hope this will help ... I had similar problems with qmail when I was trying to enable relaying mail for LAN users.
It turned out that I've made a mistake in FQDN section of /var/qmail/control/servercert.cnf

Perhaps it is worth re-checking that ...

[trellis]

It worked!

Looks like it was associated with ipv6.

Many thanks for all your help, cselkirk !

Thanks to you, I now have a fully working qmail server

[cselkirk]

Ahh good .. now to turn you into the spam kings .. hehe

The bug has been reported, but it's probably a good idea to file another bug WRT the guide as the issue should probably be mentioned there.

Good your up and working ...
_________________
cn=cselkirk,dc=xs4all,dc=nl

[trellis]

The guide I was working to was the Virtual domains qmail/courier-imap one, but I didn't bother with courier-imap - just used qmail's own pop3d. This guide didn't mention configuring relaying in this way - I made it up

[cselkirk]

Still, the Guide should probably mention this as a gotcha. uspci-tcp is a component/dependency of qmail and so anyone installing qmail on gentoo will encounter this problem. Not only if relaying, tcpserver looses the ability to understand ipv4 addressing. Fortunatly tcpservers default behavior is only to allow relaying when explictly defined and even an empty cdb will still only mean ":allow".

I wasn't saying you specificly need to report it but the guides author should probably get a heads up.
_________________
cn=cselkirk,dc=xs4all,dc=nl

[cmoad]

I have done everything on this forum and I am still having problems. I can receive mail and send to a local account but weird things happen when I try to send to a remote account. First of all, everything acts as if it works fine. The qmail-smtpd log acts as if the mail was processed fine. The weird thing I am seeing is a spawned process that is not doing anything.

If I send an email from cmoad@mydomain.com to cmoad@gmail.com for example, I see a process named:

[j-m]

[cmoad]

Haha! Did you post this exact response in another thread? I swear I saw it there too. One question to you though, is the gentoo guide, http://www.gentoo.org/doc/en/virt-mail-howto.xml, a good one to follow?

[j-m]

[cselkirk]

[j-m]