LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 10-21-2007, 09:04 PM   #1
TheZodiac
LQ Newbie
 
Registered: Oct 2007
Posts: 13

Rep: Reputation: 0
Postfix: Relay access denied


Hi all,

Sorry to be posting again in such a short amount of time, but I'm trying to solve a Postfix problem. It relates to my new installation of ispCP, a web hosting control panel.

For some odd reason, I cannot send mail to my server and have it accepted and queued. It simply spits out errors saying, "smtp; 5.1.0 - Unknown address error 554-'<>: Relay access denied' (delivery attempts: 0)". I was looking over the Postfix documentation and it says you can resolve this with a "virtual_alias_domains" or "virtual_mailbox_domains" directive. I have a "virtual_mailbox_domains" directive in my config and it still gives me errors.

Here is my "main.cf" file:
Code:
#
# Postfix MTA Manager Main Configuration File;
#
# Please do NOT edit this file manually;
#

#
# Postfix directory settings; These are critical for normal Postfix MTA functionallity;
#

command_directory = /usr/sbin
daemon_directory  = /usr/lib/postfix
program_directory = /usr/lib/postfix

#
# Some common configuration parameters;
#

inet_interfaces  = all
mynetworks_style = host

myhostname = xetaspace.net
mydomain   = xetaspace.net.local
myorigin   = $mydomain

smtpd_banner = $myhostname ISPCP 1.0 Priamos Managed ESMTP 1.0.0 RC3 OMEGA
setgid_group = postdrop

#
# Receiving messages parameters;
#

mydestination       = $myhostname, $mydomain
append_dot_mydomain = no
append_at_myorigin  = yes
local_transport     = local
virtual_transport   = virtual
transport_maps      = hash:/etc/postfix/ispcp/transport

#
# Delivering local messages parameters;
#

mail_spool_directory = /var/mail

# Mailboxquota
# => 0 for unlimited
# => 104857600 for 100 MB
mailbox_size_limit = 0
mailbox_command    = procmail -a "$EXTENSION"

biff = no

alias_database                    = hash:/etc/aliases

local_destination_recipient_limit = 1
local_recipient_maps              = unix:passwd.byname $alias_database

#
# ISPCP Autoresponder parameters;
#

ispcp-arpl_destination_recipient_limit = 1

#
# Delivering virtual messages parameters;
#

virtual_mailbox_base    = /var/mail/virtual
virtual_mailbox_limit   = 0

virtual_mailbox_domains = hash:/etc/postfix/ispcp/domains
virtual_mailbox_maps    = hash:/etc/postfix/ispcp/mailboxes

virtual_alias_maps      = hash:/etc/postfix/ispcp/aliases

virtual_minimum_uid     = 2887
virtual_uid_maps        = static:2887
virtual_gid_maps        = static:8

#
# SASL paramters;
#

smtpd_sasl_auth_enable       = yes
smtpd_sasl2_auth_enable      = yes
smtpd_sasl_security_options  = noanonymous
smtpd_sasl_local_domain      =
broken_sasl_auth_clients     = yes
smtpd_sender_restrictions    = permit_mynetworks,
                               permit_sasl_authenticated,
                               reject_unauth_destination
smtpd_recipient_restrictions = permit_mynetworks,
                               permit_sasl_authenticated,
                               reject_unauth_destination
                               check_policy_service inet:127.0.0.1:60000
Any ideas on what to do to fix this?

Thanks very much! You guys are awesome and helpful!

--Todd
 
Old 10-22-2007, 08:24 AM   #2
wolfperkins
Member
 
Registered: Oct 2007
Location: Val-des-Monts, Québec, Canada
Distribution: CentOS, RHEL, Fedora
Posts: 109

Rep: Reputation: 16
I run postfix and have a line in main.cf that reads:

mynetworks = 192.168.1.0/24, 127.0.0.0/8

That covers every host on my subnet and allows me to relay from internal hosts only.
 
Old 10-22-2007, 07:29 PM   #3
TheZodiac
LQ Newbie
 
Registered: Oct 2007
Posts: 13

Original Poster
Rep: Reputation: 0
I tried that but I figured out that adding a "relay_domains" directive makes it go away. But now it says, "mail for xetaspace.net loops back to myself". How can I fix this? My "relay_domains" variable contains "xetaspace.net" and nothing else.
 
Old 10-23-2007, 08:28 PM   #4
TheZodiac
LQ Newbie
 
Registered: Oct 2007
Posts: 13

Original Poster
Rep: Reputation: 0
I was skimming over the Postfix docs and it says you can disable relaying with "virtual_mailbox_domains" or "virtual_alias_domains". I have "virtual_mailbox_domains" in my config but why is Postfix still attempting to relay all mail? Is there a way to disable it completely?
 
Old 10-24-2007, 10:23 AM   #5
wolfperkins
Member
 
Registered: Oct 2007
Location: Val-des-Monts, Québec, Canada
Distribution: CentOS, RHEL, Fedora
Posts: 109

Rep: Reputation: 16
Here is what my config looks like. With this I can relay through all hosts on my internal LAN and exclude any mail relaying attemps from the outside:

Code:
queue_directory = /opt/postfix/var/spool
command_directory = /opt/postfix/sbin
daemon_directory = /opt/postfix/libexec
mail_owner = postfix
myhostname = <MAIL SERVER FQDN>
mydomain = <MAIL SERVER DOMAIN>
myorigin = $mydomain
mydestination = <MAIL SERVER FQDN>, <MAIL SERVER DOMAIN>
virtual_alias_domains = hash:/etc/postfix/virtual_alias_domains
virtual_alias_maps = hash:/etc/postfix/virtual_alias_maps
unknown_local_recipient_reject_code = 550
mynetworks = 192.168.1.0/24, 127.0.0.0/8
alias_maps = dbm:/etc/mail/aliases
canonical_maps = hash:/etc/postfix/canonical
debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /opt/postfix/sbin/sendmail
newaliases_path = /opt/postfix/bin/newaliases
mailq_path = /opt/postfix/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /opt/postfix/man
sample_directory = /opt/postfix/etc
readme_directory = no
smtpd_recipient_restrictions =
  reject_non_fqdn_sender
  reject_unknown_sender_domain
  reject_unknown_recipient_domain
  permit_sasl_authenticated
  permit_mynetworks
  reject_non_fqdn_recipient
  reject_multi_recipient_bounce
  reject_unauth_destination
  reject_non_fqdn_hostname
  reject_invalid_hostname
  reject_rbl_client sbl.spamhaus.org
  reject_rbl_client bl.spamcop.net
  reject_rhsbl_sender dsn.rfc-ignorant.org
  reject_unverified_sender
  permit
smtpd_helo_required = yes
smtpd_use_tls = yes
smtpd_tls_key_file = /etc/postfix/certs/postfix_private_key.pem
smtpd_tls_cert_file = /etc/postfix/certs/postfix_mydomain.crt
smtpd_tls_CAfile = /etc/postfix/certs/ca-bundle.crt
smtpd_tls_loglevel = 0
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = noanonymous
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix Relay Access Denied dwpondscum Linux - Networking 2 09-20-2007 04:37 AM
postfix: relay access denied cope Linux - Server 1 05-10-2007 01:35 AM
HELP! POSTFIX Relay access denied cozyk1515 Linux - Software 3 07-21-2006 08:56 AM
Postfix as a mail relay (getting relay access denied) hypexr Linux - Software 3 09-13-2005 07:15 PM
Postfix and Relay access denied jamiguel77 Linux - Software 3 03-12-2005 10:53 AM


All times are GMT -5. The time now is 07:40 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration