Allow sending emails through UCS Server to another Server


#1

Hi
My UCS Server is configured to send email through relay, so I get alert emails. I have a second Server, I would like it to be able to send mail through the UCS Server, through the already configured relay.
UCS Server - IP 192.168.1.1
Second Server - IP 192.168.1.2
What should I configure or enable so that Second Server can send mail through UCS Server, since the relay is already configured on the UCS Server and running

Best Regards,
Michael Voigt


#2

Hey,

Postfix allows all machines whose addresses are part of Postfix’ mynetworks setting to relay to arbitrary addresses[1]. The corresponding UCR variable is mail/postfix/mynetworks. If you modify this, make sure to include at least 127.0.0.0/8 [::1]/128 in the new value, the IPv4 & IPv6 local loopback addresses.

The Postfix documentation contains a whole document about relay control. You should probably read that at one point.

Kind regrads
mosu

[1] Actually, this is a simplification. mynetworks is only evaluated by the permit_mynetworks client restriction. However, that restriction is enabled by default, and pretty much every Postfix system I’ve ever laid hands on had it turned on.


#3

Hey,

Mosu, it still did not work, he had already taken that step.
Do I need to get the correct port on the firewall? But what is the correct port? 25? 465 " 587?
Anyway, how will the other server get to the UCS?

Best Regards,
Michael Voigt


#4

Hey,

on the host that will relay messages you have to adjust Postfix’ mynetworks parameter as explained.

On the host that wants to send mails via the relaying host you have to set Postfix’ relayhost parameter to the IP of the relaying server. The corresponding UCR variable is mail/relayhost.

Don’t forget to reload Postfix in order to apply the changes. Simply setting the UCR variables will only rewrite the configuration files but not apply the settings to the running Postfix instances. Run the following on both servers after the changes:

postfix reload

m.


#5

Hey,
Mosu, I’m doing just that, however, I realize that in UCS there does not seem to be a rule for it to be possible for another Server to reach SMTP to send messaging. Note that the other server can not send message using UCS for retransmission.
What else could I be missing?

Best Regards,
Michael Voigt


#6

Hey Mosu,
Forgive my failure. It would not work even without installing the Mail Server. After I installed it, it worked like a glove.
If you can help me with one last question, I ended up facing another difficulty because here I use ipv6 disabled, because the ISP does not yet have ipv6. I know it’s the Stone Age, but could you tell me how to disable ipv6 in dovecot and what more settings should I do to safely disable ipv6 in UCS?

Best Regards,
Michael Voigt


#7

Not having IPv6 connectivity isn’t really a reason for having to deactivate it on your machines. Sure, network adapters will have a link-local address set (fe80:…), but that doesn’t interfere with local networking or internet access. Dual-stack hosts will only chose to connect via IPv6 if they have a globally-routable unicast address. Having link-local addresses doesn’t suffice.

Having a server such as Dovecot listening on IPv6 is actually even less of a problem. Note that the following output actually means that the service listens on both IPv6 and IPv4, not just on IPv6:

[0 root@liselle ~] lsof -PniTCP:8090 -sTCP:LISTEN
COMMAND PID        USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
java    220 mailarchiva   50u  IPv6  82207      0t0  TCP *:8090 (LISTEN)
[0 root@liselle ~] telnet -6 localhost 8090
Trying ::1...
Connected to localhost.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
[0 root@liselle ~] telnet -4 localhost 8090
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
[0 root@liselle ~]

What are your actual problems with IPv6?


#8

Hi Mosu
ISP is implementing IPv6, and in the process is causing some problems when using ipv6. Bank access for example is one of them, and on some sites. So we have chosen to leave disabled, it has been much better for now.
What do you think I can do about it?

Best Regards,
Michael Voigt


#9

UCS servers only use IPv6 if you configure static IPv6 addresses or if you enable SLAAC. So just make sure not to configure static addresses and disable SLAAC on your routers. There’s really no need to deactivate Linux’ IPv6 functionality; it suffices to prevent servers from having globally-routable IPv6 addresses.


#10

Hey, Mosu
You’re right, I’ll leave default with active IPv6, and if I notice any issues I’ll keep you posted.
Thank you for your help,

Best regards,
Michael Voigt