[SOLVED] PMG acting as relay-server for hosts in networks with dynamic public IP's

[klowet]

Hi

I'm trying something with PMG. What I want to accomplish, is that I can sent mails from different hosts in different public networks on the internet via PMG acting as a SMTP relay.

The problem is, that these hosts on the internet are in networks with dynamic public IP's. So I can't at these networks to the Trusted Networks of PMG because they change quite often.
So I was thinking about white-listing the domains that can sent trough PMG. But I've fount (I think?) that the whitelist in Who Objects is only for incoming traffic and not for outgoing traffic. Correct?

Somebody any idea how I can set this up?

Thanks

 

[dcsapak]

you could use the api/cli tools in a script that resolves the domains to ips and modifies the trusted networks..

 

[klowet]

That's a simple but good idea. I'm gonna try that.

 

[klowet]

I've got it working with this script

dig @ns1.my.dns my.host +short AXFR | grep '^[.0-9]*$' | sort --unique | sed 's/$/\/32/' > /etc/pmg/mynetworks

That results in a file like this:

1.1.1.1/32
2.2.2.2/32
3.3.3.3/32

Do I have to reload PMG config after each change of that file?
If yes, how? With a sync --restart 1?

 

[hata_ph]

If the hosts is in dynamic IP ranges, you have to constantly re-run the script as the IP will change unannouce.

 

[klowet]

Yes, that's fine. I can run it eg. each 15min.
But when I edited the files in /etc/pmg, how does that get into the Postfix config files? Do I run pmgconfig sync --restart 1 too each time?

 

[dcsapak]

pmgconfig sync is necessary, altough i am not sure if --restart is... best try it

 

[klowet]

I did the test. Just pmgconfig sync is enough.