|
Postfix+Dovecot error : RELAY ACCESS DENIED when send mail out to Other domain
Hi Experts,
I had configured a mail server Postfix + Dovecot on Ubuntu Server , but i got a problem when i send email to other domain : gmail , yahoo .... Client Thurnderbird login by : u1@zeha.vn (123) , send to simon.unix@gmail.com Message: An error occured while sending email , the mail server : 5.7.1 <simon.unix@gmail.com> Relay access denied , pls check message recipients and try again ! This is terrible time , i got 3 days but can not fix up !!!! Grugru !!! Below is main.cf : # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # TLS parameters smtpd_tls_cert_file = /etc/ssl/certs/ssl-mail.pem smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = mail.zeha.vn mydomain= zeha.vn alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname #mydestination = mail.zeha.vn, localhost.zeha.vn, , localhost mydestination = $myhostname, $mydomain, localhost.$mydomain, localhost relayhost = #relay_domains= hash:/etc/postfix/relay_domain relay_domains=$mydestination #transport_maps = hash:/etc/postfix/transport notify_classes = protocol,resource,software #local_transport = local #defer_transports=smtp #relay_recipient_maps = hash:/etc/postfix/relay_recipients mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot-postfix.conf -n -m "${EXTENSION}" mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all home_mailbox = Maildir/ smtpd_sasl_auth_enable = yes smtpd_sasl2_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/dovecot-auth smtpd_sasl_authenticated_header = yes smtpd_sasl_application_name = smtpd smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = zeha.vn smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination,permit_sasl_authenticated broken_sasl_auth_clients = yes #smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sender_restrictions = reject_unknown_sender_domain smtp_use_tls = yes smtpd_tls_received_header = yes smtpd_tls_mandatory_protocols = SSLv3, TLSv1 smtpd_tls_mandatory_ciphers = medium, high smtpd_tls_auth_only = yes tls_random_source = dev:/dev/urandom Pls advice ! Thank so much ! Simon - Jen |
Hello, Simon. Can you post some real logs on this? Use pastebin.com to do so, so we can have a better understanding on what's going on, since i don't think postfix said "pls check message recipients and try again !" :P.
Also, this will show us how the mail traverses the server. Feel free to remove IP addresses from the logs (if you're sensitive about it). |
Postfix+Dovecot error : RELAY ACCESS DENIED when send mail out to Other domain
Quote:
Postfix not show this log , it was been showed from : Thurndervird Client Email , when click send email out from MailClient This is my log : Sep 13 10:27:47 mail postfix/local[4519]: 81953101DB: to=<root@mail.zeha.vn>, orig_to=<postmaster>, relay=local, delay=240503, delays=240502/1.1/0/0.36, dsn=4.3.0, status=deferred (temporary failure) Sep 13 10:27:47 mail deliver(root): chdir(/root) failed: Permission denied Sep 13 10:27:47 mail postfix/local[4526]: 8318D101DD: to=<root@mail.zeha.vn>, orig_to=<postmaster>, relay=local, delay=348180, delays=348179/1.3/0/0.1, dsn=4.3.0, status=deferred (temporary failure) Sep 13 10:27:47 mail postfix/local[4516]: E25F1101C0: to=<root@mail.zeha.vn>, relay=local, delay=402878, delays=402876/1.1/0/0.37, dsn=4.3.0, status=deferred (temporary failure) Sep 13 10:27:47 mail deliver(root): chdir(/root) failed: Permission denied Sep 13 10:27:47 mail deliver(root): stat(/root/.dovecot.sieve) failed: Permission denied Sep 13 10:27:47 mail deliver(root): stat(/root/Maildir/tmp) failed: Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x perm: /root) Sep 13 10:27:47 mail deliver(root): msgid=<20090910030647.5E713101E2@mail.zeha.vn>: save failed to INBOX: Internal error occurred. Refer to server log for more information. [2009-09-13 10:27:46] Sep 13 10:27:47 mail postfix/local[4522]: 225111020D: to=<root@mail.zeha.vn>, relay=local, delay=388048, delays=388046/1.3/0/0.19, dsn=4.3.0, status=deferred (temporary failure) Sep 13 10:27:47 mail deliver(root): stat(/root/.dovecot.sieve) failed: Permission denied Sep 13 10:27:47 mail deliver(root): stat(/root/Maildir/tmp) failed: Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x perm: /root) Sep 13 10:27:47 mail deliver(root): msgid=<20090908114458.D5FD2101D7@mail.zeha.vn>: save failed to INBOX: Internal error occurred. Refer to server log for more information. [2009-09-13 10:27:46] Sep 13 10:27:47 mail postfix/local[4519]: 5E713101E2: to=<root@mail.zeha.vn>, orig_to=<postmaster>, relay=local, delay=260460, delays=260458/1.5/0/0.45, dsn=4.3.0, status=deferred (temporary failure) Sep 13 10:27:47 mail postfix/local[4540]: D5FD2101D7: to=<root@mail.zeha.vn>, orig_to=<postmaster>, relay=local, delay=402168, delays=402167/1.5/0/0.48, dsn=4.3.0, status=deferred (temporary failure) Sep 13 10:27:47 mail deliver(root): chdir(/root) failed: Permission denied Sep 13 10:27:47 mail deliver(root): stat(/root/.dovecot.sieve) failed: Permission denied Sep 13 10:27:47 mail deliver(root): stat(/root/Maildir/tmp) failed: Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x perm: /root) Sep 13 10:27:47 mail deliver(root): msgid=<20090910205439.301E8101E8@mail.zeha.vn>: save failed to INBOX: Internal error occurred. Refer to server log for more information. [2009-09-13 10:27:47] Sep 13 10:27:47 mail postfix/local[4526]: 301E8101E8: to=<root@mail.zeha.vn>, orig_to=<postmaster>, relay=local, delay=196388, delays=196386/1.9/0/0.27, dsn=4.3.0, status=deferred (temporary failure) Sep 13 11:12:45 mail postfix/qmgr[517]: BD73D1020A: from=<u1@zeha.vn>, size=632, nrcpt=2 (queue active) Sep 13 11:12:45 mail postfix/qmgr[517]: 98789101F3: from=<u2@zeha.vn>, size=608, nrcpt=2 (queue active) Sep 13 11:13:18 mail postfix/smtp[4937]: BD73D1020A: host gmail-smtp-in.l.google.com[209.85.222.44] said: 421-4.7.0 [118.69.224.5] Our system has detected an unusual amount of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 blocked. Please visit http://www.google.com/mail/help/bulk_mail.html 421 4.7.0 to review our Bulk Email Sen ders Guidelines. 10si1091471pzk.51 (in reply to end of DATA command) Sep 13 11:13:18 mail postfix/smtp[4938]: 98789101F3: host gmail-smtp-in.l.google.com[209.85.222.44] said: 421-4.7.0 [118.69.224.5] Our system has detected an unusual amount of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 blocked. Please visit http://www.google.com/mail/help/bulk_mail.html 421 4.7.0 to review our Bulk Email Sen ders Guidelines. 10si1106493pzk.17 (in reply to end of DATA command) Sep 13 11:13:50 mail postfix/smtp[4938]: 98789101F3: to=<simon.unix@gmail.com>, relay=alt1.gmail-smtp-in.l.google.com[209.85.211.64]:25, delay=403298, delays=403233/0.02/34/32, dsn=4.7.0, status=deferred (host alt1.gmail-smt p-in.l.google.com[209.85.211.64] said: 421-4.7.0 [118.69.224.5] Our system has detected an unusual amount of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent fr om your IP address has been temporarily 421-4.7.0 blocked. Please visit http://www.google.com/mail/help/bulk_mail.html 421 4.7.0 to review our Bulk Email Senders Guidelines. 38si4350078ywh.122 (in reply to end of DATA comman d)) Sep 13 11:13:51 mail postfix/smtp[4937]: BD73D1020A: to=<simon.unix@gmail.com>, relay=alt1.gmail-smtp-in.l.google.com[209.85.211.64]:25, delay=391765, delays=391700/0.01/34/32, dsn=4.7.0, status=deferred (host alt1.gmail-smt p-in.l.google.com[209.85.211.64] said: 421-4.7.0 [118.69.224.5] Our system has detected an unusual amount of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent fr om your IP address has been temporarily 421-4.7.0 blocked. Please visit http://www.google.com/mail/help/bulk_mail.html 421 4.7.0 to review our Bulk Email Senders Guidelines. 38si4350077ywh.122 (in reply to end of DATA comman d)) Sep 13 10:03:51 mail postfix/smtp[4320]: BD73D1020A: to=<simon.unix@gmail.com>, relay=alt1.gmail-smtp-in.l.google.com[209.85.211.78]:25, delay=387566, delays=387500/0.03/34/32, dsn=4.7.0, status=deferred (host alt1.gmail-smtp-in.l.google.com[209.85.211.78] said: 421-4.7.0 [118.69.224.5] Our system has detected an unusual amount of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 blocked. Please visit http://www.google.com/mail/help/bulk_mail.html 421 4.7.0 to review our Bulk Email Senders Guidelines. 10si4193529ywh.102 (in reply to end of DATA command)) Sep 13 11:13:50 mail postfix/smtp[4938]: 98789101F3: to=<simon.unix@gmail.com>, relay=alt1.gmail-smtp-in.l.google.com[209.85.211.64]:25, delay=403298, delays=403233/0.02/34/32, dsn=4.7.0, status=deferred (host alt1.gmail-smtp-in.l.google.com[209.85.211.64] said: 421-4.7.0 [118.69.224.5] Our system has detected an unusual amount of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 blocked. Please visit http://www.google.com/mail/help/bulk_mail.html 421 4.7.0 to review our Bulk Email Senders Guidelines. 38si4350078ywh.122 (in reply to end of DATA command)) Sep 13 11:13:51 mail postfix/smtp[4937]: BD73D1020A: to=<simon.unix@gmail.com>, relay=alt1.gmail-smtp-in.l.google.com[209.85.211.64]:25, delay=391765, delays=391700/0.01/34/32, dsn=4.7.0, status=deferred (host alt1.gmail-smtp-in.l.google.com[209.85.211.64] said: 421-4.7.0 [118.69.224.5] Our system has detected an unusual amount of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 blocked. Please visit http://www.google.com/mail/help/bulk_mail.html 421 4.7.0 to review our Bulk Email Senders Guidelines. 38si4350077ywh.122 (in reply to end of DATA command)) Sep 13 12:47:47 mail deliver(root): chdir(/root) failed: Permission denied Sep 13 12:47:47 mail deliver(root): stat(/root/.dovecot.sieve) failed: Permission denied Sep 13 12:47:47 mail deliver(root): stat(/root/Maildir/tmp) failed: Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +x perm: /root) Sep 13 12:47:47 mail deliver(root): msgid=<20090910205439.301E8101E8@mail.zeha.vn>: save failed to INBOX: Internal error occurred. Refer to server log for more information. [2009-09-13 12:47:47] Sep 13 12:47:47 mail postfix/local[5811]: 301E8101E8: to=<root@mail.zeha.vn>, orig_to=<postmaster>, relay=local, delay=204788, delays=204786/1.6/0/0.08, dsn=4.3.0, status=deferred (temporary failure) Sep 13 13:02:58 mail dovecot: imap-login: Login: user=<u1>, method=PLAIN, rip=115.72.215.1, lip=192.168.5.13, TLS Sep 13 13:03:46 mail postfix/smtpd[6076]: connect from unknown[115.72.215.1] Sep 13 13:03:46 mail postfix/smtpd[6076]: NOQUEUE: reject: RCPT from unknown[115.72.215.1]: 554 5.7.1 <simon.unix@gmail.com>: Relay access denied; from=<u1@zeha.vn> to=<simon.unix@gmail.com> proto=ESMTP helo=<[10.10.10.3]> ===> Pls help me , thanks so much ! Simon Jen |
Well.. there're a couple issues here
Code:
Sep 13 11:12:45 mail postfix/qmgr[517]: BD73D1020A: from=<u1@zeha.vn>, size=632, nrcpt=2 (queue active)Code:
Sep 13 10:27:47 mail deliver(root): chdir(/root) failed: Permission deniedCode:
Sep 13 12:47:47 mail postfix/local[5811]: 301E8101E8: to=<root@mail.zeha.vn>, orig_to=<postmaster>, relay=local, delay=204788, delays=204786/1.6/0/0.08, dsn=4.3.0, status=deferred (temporary failure)Hope this helps :) |
hi ,
i am using a statis IP ! I will try more but i not clear on this "You should check that your computer is not an open relay and it's being used a spam gateway." THanks Simon - Jen |
Hi Walruz!
My problem with Gmail just one of various domain i will use for staff email communication (gmail , yahoo , msn , me.com , mac.com , simplesolutions.vn , .....) If i can fix gmail problem how can we fix other !!! Pls advice me , i really need help ! THanks Simon |
Hello there, Simon
As i've told you before, you should check that your mail server is not an open relay. An open relay is a mail server that requires no authentication (wether it is SASL, TLS or other means) for mail sending/forwarding and enables spammers to use it as a spam gateway. Be certain that if you don't have an authentication method, spammers may be using it. Gmail, and other mail services, and ISPs, use assorted blacklisting methods. If your mail server was used for spamming, it's surely blacklisted. Try checking Spamhaus, Spamcop & MX Tool Box to check if your IP is blacklisted. Try contacting hotmail, gmail & yahoo through their postmaster@ mail address and, politely, ask for removal. Before doing this, you should be 100% that your server is correctly configured and is not a spam gateway, since if they remove you from the blacklist and your server keeps on spamming, they will enforce the ban not only for your IP address, but for your domains, etc. You should read Postfix's documentation, which is vast & helpful, specially this section, which will give you some tips on how to enforce authentication. |
| All times are GMT -5. The time now is 01:47 PM. |