LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 10-15-2009, 05:37 PM   #1
periferral
LQ Newbie
 
Registered: Oct 2009
Posts: 5

Rep: Reputation: 0
SOLVED postfix error Relay access denied. trying to setup virtual domains


Hello all
I am trying to get postfix working as a part of my email server. I am running this on debian and using LDAP. Here is the output of my configuration

dns:/etc/postfix# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
inet_interfaces = all
mailbox_size_limit = 0
mydestination = dns.example.com, localhost.example.com, , localhost
myhostname = dns.example.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_sasl_auth_enable = no
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_sasl_auth_enable = yes
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/CA/keys/example.crt
smtpd_tls_key_file = /etc/ssl/CA/keys/example.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = ldap:ldapalias
virtual_gid_maps = static:999
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = ldap:domains
virtual_mailbox_maps = ldap:accounts
virtual_minimum_uid = 999
virtual_transport = dovecot
virtual_uid_maps = static:999

The LDAP stuff seems to be working fine.
dns:/etc/postfix# postmap -q example@example.com ldap:accounts
example/,postmaster/
dns:/etc/postfix# postmap -q example@example.com ldap:ldapalias
example@example.com,postmaster@example.com
dns:/etc/postfix# postmap -q example@example.com ldap:domains
example.com,example.com
dns:/etc/postfix#

However, when I send an email from an external address to postfix, I see this in my error logs

Oct 15 15:34:38 dns postfix/smtpd[8639]: connect from smtp1.company.com[190.70.196.45]
Oct 15 15:34:38 dns postfix/smtpd[8639]: NOQUEUE: reject: RCPT from smtp1.company.com[190.70.196.45]: 554 5.7.1 <example@example.com>: Relay access denied; from=<user@company.com> to=<example@example.com> proto=ESMTP helo=<smtp1.company.com>
Oct 15 15:34:43 dns postfix/smtpd[8639]: disconnect from smtp1.company.com[190.70.196.45]


If I add mydomain to mydestination, the local transport takes over and it seems to work. However I want to user virtual transport and I'm having no luck with it.

Any help is appreciated.
thanks

Last edited by periferral; 10-20-2009 at 12:53 AM. Reason: remove real domain names.
 
Old 10-16-2009, 11:36 AM   #2
Berhanie
Senior Member
 
Registered: Dec 2003
Location: phnom penh
Distribution: Fedora
Posts: 1,625

Rep: Reputation: 165Reputation: 165
Quick answer: something might be wrong with your ldap:domains table.

In case you haven't done so you should read the LIST MEMBERSHIP section here. The lookup behavior we're aiming for is something this:
Code:
# something is returned for one of our domains
#
$ postmap -q periferral.com ldap:domains
periferral.com

# nothing is returned otherwise
#
$ postmap -q another_domain.com ldap:domains
$

# same thing (this is not a domain)
$ postmap -q periferral@periferral.com ldap:domains
$
You might also want to follow the advice given here:
Quote:
You can save yourself a lot of time by implementing Postfix first with local files such as Berkeley DB. Local files have few surprises, and are easy to debug with the postmap(1) command...
Once you have local files working properly you can follow the instructions in ldap_table(5), mysql_table(5) or pgsql_table(5) and replace local file lookups with LDAP or SQL lookups.

Last edited by Berhanie; 10-16-2009 at 11:37 AM.
 
Old 10-19-2009, 12:18 PM   #3
periferral
LQ Newbie
 
Registered: Oct 2009
Posts: 5

Original Poster
Rep: Reputation: 0
hi Berhanie
thanks, that was indeed the problem. I fixed the domains ldap setting to match domains rather than email addresses and it fixed my problem. I clearly misread what domain should be using as a search reference.

the domain lookup works just fine now and I dont see any relay issues. Moving on. Hopefully this solves others issues as well
 
Old 10-19-2009, 12:34 PM   #4
Berhanie
Senior Member
 
Registered: Dec 2003
Location: phnom penh
Distribution: Fedora
Posts: 1,625

Rep: Reputation: 165Reputation: 165
You're welcome, periferral. Good work.
 
Old 10-20-2009, 03:51 PM   #5
periferral
LQ Newbie
 
Registered: Oct 2009
Posts: 5

Original Poster
Rep: Reputation: 0
I'm closing this thread but I have another question. It is posted here. If you have any insight, I'd really appreciate you help.

http://www.linuxquestions.org/questi...-login-763238/

Last edited by periferral; 10-20-2009 at 03:52 PM. Reason: forgot link
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix+Dovecot error : RELAY ACCESS DENIED when send mail out to Other domain simon.unix Linux - Networking 6 09-16-2009 10:54 AM
Postfix Relay Access Denied sojelee Linux - Newbie 1 03-30-2009 08:30 AM
Postfix relay access denied multiple domains metalenkist Linux - Server 16 02-21-2008 02:43 PM
Postfix as a mail relay (getting relay access denied) hypexr Linux - Software 3 09-13-2005 07:15 PM
Postfix error - Recipient address rejected: Relay access denied robbiemorgan Linux - Newbie 1 10-01-2004 03:57 AM


All times are GMT -5. The time now is 03:49 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration