# postfix: mynetworks config



## cbrace (Oct 29, 2012)

Hi all,

I have mail/postfix working in conjunction with mail/dspam on my server.

Postfix pipes a mail to dspam, the latter scans it and returns it to postfix via an alternative port, in this case 10026. Postfix then delivers the mail. This is a fairly standard config I believe. Here is the relevant entry in master.cf:

```
localhost:10026 inet  n -       n       -       -        smtpd
  -o content_filter=
  -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
  -o smtpd_helo_restrictions=
  -o smtpd_client_restrictions=
  -o smtpd_sender_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o mynetworks=127.0.0.0/8,###.##.##.###
```
This works fine. 

I also use this alternative port (10026) for outgoing mail which doesn't need to get scanned by dspam.

For my mailserver on my LAN, I had email clients also use port 10026 for outgoing mail, and enabled is like this:

```
-o mynetworks=127.0.0.0/8,192.168.2.0/24
```

For a mailserver on a remote host, I am trying the same, only this time adding an external IP number: 

```
-o mynetworks=127.0.0.0/8,192.168.2.0/24,###.##.##.###
```
I've also added that external IP to main.cf in "mynetworks" 

But it doesn't work. I've opened 10026 in PF:

```
$ nmap my.server -p 10026
Starting Nmap 6.01 ( http://nmap.org ) at 2012-10-29 10:46 CET
Host is up (0.019s latency).
PORT      STATE SERVICE
10026/tcp open  unknown
```
But when I telnet in, I don't get the postfix prompt:

```
$ telnet my.server 10026
Trying ##.###.#.#...
Connected to my.server.
Escape character is '^]'.
```
This is what I see when I try the same on the server:

```
$ telnet localhost 10026
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 my.server ESMTP Postfix
```
For some reason, postfix appears to refuse an incoming connection on port 10026 from my IP number, even though I've explicitly enabled it. Any ideas why?


----------



## plamaiziere (Nov 4, 2012)

cbrace said:
			
		

> For a mailserver on a remote host, I am trying the same, only this time adding an external IP number:
> 
> ```
> -o mynetworks=127.0.0.0/8,192.168.2.0/24,###.##.##.###
> ...



If I remember well you need to specify a /32 for a single ipv4 address "##.##.##.###/32"
(not sure).
Regards.


----------

