Details
-
Type:
Task
-
Status: In Progress
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: Systems & Operations
-
Component/s: None
-
Labels:None
-
Sprint:Sprint 7, Sprint 8, Sprint 9
Description
Postfix configuration changes on Core1 and Monman1 Systems to allow core1 to email out via smtp relaying through monman1.
required steps to implement this change.
===
Change iptables configuration on monman1 :: allow from host core1 to monman1 tcp/25
Reload iptables on monman1
Verify postfix, mailx & not exim are installed on core1 & monman1:: rpm –qa | grep –E ‘exim|postfix|mailx’
Remove exim
Install postfix
Install mailx
Changing postfix configuration file on core1 & monman1
Restart postfix on core1 & monman1
Test by sending email with mailx from core1 to self.
mailx -s "TEST MESAGE" nathan.faust@thesearchagency.com
aklfjadslkjfasljfaslf
.
===
Aq-dev2-monman1:
/etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
# ---------
# TSA Rules
# ---------
-A INPUT -m state --state NEW -m tcp -p tcp -s 10.181.1.205 --dport 514 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp -s 10.181.1.205 --dport 514 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 70.166.144.17 --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 70.166.144.17 --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 212.36.33.246 --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 10.181.28.130 --dport 25 -j ACCEPT
# ---------
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
# -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
/etc/postfix/main.cf
mydomain = serveraq-dev2-monman1 biff = no append_dot_mydomain = no smtpd_tls_cert_file=/etc/pki/tls/certs/localhost.crt smtpd_tls_key_file=/etc/pki/tls/private/localhost.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache smtp_sasl_auth_enable = yes smtp_sasl_password_maps = static:searchagency1:Gr@d13n7 smtp_sasl_security_options = noanonymous smtp_tls_security_level = may start_tls = yes header_size_limit = 4096000 relayhost = [smtp.sendgrid.net]:587 smtp_use_tls = yes myorigin = $myhostname smtpd_banner = $myhostname ESMTP $mail_name alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases mydestination = aq-dev2-monman1.localdomain, aq-dev2-monman1, localhost.localdomain, localhost mynetworks = 127.0.0.0/8 10.181.28.130/32 inet_interfaces = all mailbox_size_limit = 0 recipient_delimiter = +
===
Aq-dev2-core1:
/etc/postfix/main.cf
mydomain = serveraq-dev2-core1
biff = no
append_dot_mydomain = no
header_size_limit = 4096000
relayhost = [aq-dev2-monman1]:25
myorigin = $myhostname
smtpd_banner = $myhostname ESMTP $mail_name
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = aq-dev2-core1.localdomain, aq-dev2-core1, localhost.localdomain, localhost
mynetworks = 127.0.0.0/8
inet_interfaces = 127.0.0.1
mailbox_size_limit = 0
recipient_delimiter = +
smtp_host_lookup = native
