Mappings file syntax
iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)
What is the preferred method of configuring an MTA to not take outside connections at all but only those generated on the local host?
Do I comment out the " * $YEXTERNAL" line in my mappings file ?
Also, if I wanted to only take connections from a couple subnets what is the syntax, eg from 128.111.207/206 subnets.
Pasted below is the current mappings settings for the MTA in question:
! Modified by IMS administration server on: Sat Jun 05 22:43:51 PDT 2004
!
PORT_ACCESS
*|*|*|*|* $C$|INTERNAL_IP;$3|$Y$E
* $YEXTERNAL
INTERNAL_IP
$(128.111.207.251/32) $Y
127.0.0.1 $Y
* $N
[722 byte] By [
goubeauxa] at [2007-11-27 11:52:22]
# 1
Hi,
> What is the preferred method of configuring an MTA to
> not take outside connections at all but only those
> generated on the local host?
>
> Do I comment out the " * $YEXTERNAL" line in my
> mappings file ?
I don't know about a preferred method but one method would be to replace " * $YEXTERNAL" with " * $N". Any host/IP address that doesn't match your INTERNAL_IP mapping table will be rejected.
> Also, if I wanted to only take connections from a
> couple subnets what is the syntax, eg from
> 128.111.207/206 subnets.
If you wanted to treat these subnets as 'internal' (so they can relay through your system) you would add the following to your INTERNAL_IP mapping file (just above the $N line):
$(128.111.206.0/24) $Y
$(128.111.207.0/24) $Y
Otherwise you would add the same lines to your PORT_ACCESS mapping table just above the $N (and then the emails from these hosts would be treated as 'external', namely on tcp_local.
You need to run ./imsimta cnbuild; ./imsimta refresh after making the changes.
Regards,
Shane.
