D. J. Bernstein’s Qmail, now in the public domain, is a powerful yet clumsy SMTP messaging system. One of the most common problems is updating the rules for allowing SMTP relay, or denying the same.
If you qmail-smtpd under tcpserver, the following will update relay allow and relay forbid rules.
Create a file called /etc/tcp.smtp and put in it:
127.:allow,RELAYCLIENT=""
1.1.1.1:allow,RELAYCLIENT=""
2.2.:allow,RELAYCLIENT=""
2.2.2.5:deny
Qmail uses simple pattern matching so only classful subnets are allowed. Sorry, no CIDR notation.
The example above will allow/deny:
- Allow relaying from 127.* your localhost subnet of 127.0.0.0/8
- Allow the /32 address of 1.1.1.1
- Allow 2.2.* the /16 subnet of 2.2.0.0/16
- Specifically forbid 2.2.2.5
In order to implement these rules you need to update the server tcp.smpt.cbd file and restart Qmail.
First, back up /etc/tcp.smtp, then run the command:
tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
If the rules don’t update, make sure -x /etc/tcp.smtp.cdb is after tcpserver in your start script, then restart Qmail.
Did you find this post useful or have questions or comments? Please let me know!