2

I'm working on a server with some very old mail configurations that have recently started getting some difficulties. I decided to just redo the configuration from scratch since there's a lot of useless and obsolete code in this setup, but there seems to be a lot of missing config info for sendmail/postfix that I'd need.

All the relevant information I could find was in /etc/postfix/main.cf:

myhostname = foo.bar.com
myorigin = /etc/mailname
mydestination = web1, localhost.localdomain, localhost

and /etc/mailname:

noreply@bar.com

There's no relayhost or passwords defined anywhere I can find. The server is set up to use PHP's mail(), which in turn uses /usr/sbin/sendmail. There's nothing in /var/mail, /var/spool/mail, /etc/mail, /etc/postfix/sasl, or anywhere else I can find.

So my question is: Is it possible that this configuration doesn't store the relayhost or password data for these accounts anywhere? If no, is there somewhere I've missed checking?

jono
  • 123
  • 3
  • Are you actually sure authenticated relay is in use? – Massimo Nov 30 '15 at 13:04
  • @Massimo It has been able to send emails from the noreply@bar.com address in the past. Is there any way it could have done that without using an authenticated relay? – jono Nov 30 '15 at 13:09
  • Oh yes. There are lots of possible reasons, the easiest one being the relay server trusting this server's IP address and thus allowing open relay without authentication. – Massimo Nov 30 '15 at 13:47
  • @Massimo This has to be it. I didn't think Google allowed senders based on IP, but apparently [they do.](https://support.google.com/a/answer/2956491?hl=en) I'm just going to have to hunt down someone with the login credentials, or ability to get them. If you want to put this as an answer I'd love to mark it as solved :) – jono Nov 30 '15 at 14:08

2 Answers2

2

It's actually possible your server isn't using authenticated relay at all; either it's sending messages directly to their destinations without any relay, or it's using an unauthenticated relay host which is configured to allow open relay from your server's IP address.

Massimo
  • 70,200
  • 57
  • 200
  • 323
0

All config files are supposed to be in /etc/postfix or /etc/mail; another file to check is /etc/aliases.

However, instead of hunting down config files put in non-canonical places, it would be better to remove the packages with the option to purge all the config files, then reinstall the packages again. This will give you a clean slate on which to work. Use either apt-get purge postfix sendmail or yum remove postfix sendmail, depending on your system.

dr_
  • 1,085
  • 12
  • 19
  • That's exactly what I'd like to do :) Problem is that the login and connection credentials for the mail account are either lost or with someone in the organization that's difficult to track down. So before I purge everything I just need to find out where it is currently defined, so I can use it in a new config – jono Nov 30 '15 at 12:58