LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 12-19-2007, 05:45 AM   #1
gabsik
Member
 
Registered: Dec 2005
Location: italia
Distribution: Debian Kali
Posts: 541

Rep: Reputation: 30
postfix: Relay access denied


I'm running postfix and courier-pop-ssl on a debian etch 2.6.18 .I have a dynamic ip and a dyndns.org domain name.
Mails get rejected with a Relay access denied and that's what logs say:

Code:
Dec 19 12:29:39 localhost postfix/smtpd[3840]: connect from py-out-1112.google.com[64.233.166.178]
Dec 19 12:29:40 localhost postfix/smtpd[3840]: NOQUEUE: reject: RCPT from py-out-1112.google.com[64.233.166.178]: 554 5.7.1 <admin@gabrix.ath.cx>: Relay access denied; from=<admin@gmail.com> to=<admin@gabrix.ath.cx> proto=ESMTP helo=<py-out-1112.google.com>
Dec 19 12:29:40 localhost postfix/smtpd[3840]: disconnect from py-out-1112.google.com[64.233.166.178]
and also a # postconf -n :

Code:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
debug_peer_level = 6
debug_peer_list = $mydomain
default_privs = nobody
delay_warning_time = 4h
disable_dns_lookups = yes
home_mailbox = Maildir/
inet_interfaces = all
mail_owner = postfix
mailbox_command =
mailbox_size_limit = 0
mydestination = mail.$mydomain , argo.$mydomain, ns1.$mydomain, localhost, localhost.localdomain, localhost
mydomain = gabrix.ath.cx
myhostname = mail.gabrix.ath.cx
mynetworks = 10.0.0.0/24,127.0.0.0/8
mynetworks_style = subnet
myorigin = /etc/mailname
queue_directory = /var/mail
recipient_delimiter = +
relayhost = [gmail-smtp.l.google.com]
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =
smtp_sasl_tls_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_cert_file = /etc/postfix/mailcert.pem
smtp_tls_key_file = /etc/postfix/mailkey.pem
smtp_tls_note_starttls_offer = no
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_error_sleep_time = 1s
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/mailcert.pem
smtpd_tls_key_file = /etc/postfix/mailkey.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
I'm also going to configure an anonymous remailer so i wouldn't set too strict rules about relaying mail through my mail server and offcourse i wouldn't be an openrelay for the bloody spam ... i did it before and i don't know why it's not working this time . Anything else you need to know just ask , thanks !!!!
 
Old 12-19-2007, 08:19 AM   #2
farslayer
Guru
 
Registered: Oct 2005
Location: Willoughby, Ohio
Distribution: linuxdebian
Posts: 7,231
Blog Entries: 5

Rep: Reputation: 189Reputation: 189
is Google your ISP ? If not, then why would they allow you to relay mail off their server without knowing who you are ?

you need to use the Mail server of YOUR isp as a relayhost, not googles mail server. Your ISP will know who you are because your public IP address will be from their IP Address pool.. Typically that is all the authentication they need.
 
Old 12-19-2007, 09:40 AM   #3
Berhanie
Senior Member
 
Registered: Dec 2003
Location: phnom penh
Distribution: Fedora
Posts: 1,625

Rep: Reputation: 165Reputation: 165
It looks like you just need to add $mydomain to mydestination.
 
Old 12-19-2007, 10:36 AM   #4
gabsik
Member
 
Registered: Dec 2005
Location: italia
Distribution: Debian Kali
Posts: 541

Original Poster
Rep: Reputation: 30
Google is not my isp ( ... it's a search engine ... ) and i always used it sucessfully as a relayhost .
 
Old 12-19-2007, 08:16 PM   #5
pengaru
LQ Newbie
 
Registered: Dec 2007
Distribution: GNU/Linux
Posts: 9

Rep: Reputation: 0
Quote:
Originally Posted by gabsik View Post
Google is not my isp ( ... it's a search engine ... ) and i always used it sucessfully as a relayhost .

google runs open relays?
 
Old 12-19-2007, 09:40 PM   #6
farslayer
Guru
 
Registered: Oct 2005
Location: Willoughby, Ohio
Distribution: linuxdebian
Posts: 7,231
Blog Entries: 5

Rep: Reputation: 189Reputation: 189
That is what I was thinking at first, but it looks as though he's authenticating against the Google mail server with his gmail account information.

so I would check the /etc/postfix/sasl_passwd file make sure the authentication info is correct, and then verify postmap was run against it and try again...

http://linuxgazette.net/115/chirico1.html

Last edited by farslayer; 12-19-2007 at 09:42 PM.
 
Old 12-20-2007, 01:16 AM   #7
gabsik
Member
 
Registered: Dec 2005
Location: italia
Distribution: Debian Kali
Posts: 541

Original Poster
Rep: Reputation: 30
Thanks farslayer your link was helpfull , my mail server is working now i can relay mail to my gmail account and everything else is working as expected , cheers !!!!
 
Old 12-20-2007, 04:10 AM   #8
Berhanie
Senior Member
 
Registered: Dec 2003
Location: phnom penh
Distribution: Fedora
Posts: 1,625

Rep: Reputation: 165Reputation: 165
I think people have misunderstood the logs. It's gabsik's mailserver that rejected google, not the other way around. postfix rejected mail to admin@$mydomain because $mydomain wasn't listed under mydestination.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix Relay Access Denied dwpondscum Linux - Networking 2 09-20-2007 04:37 AM
postfix: relay access denied cope Linux - Server 1 05-10-2007 01:35 AM
HELP! POSTFIX Relay access denied cozyk1515 Linux - Software 3 07-21-2006 08:56 AM
Postfix as a mail relay (getting relay access denied) hypexr Linux - Software 3 09-13-2005 07:15 PM
Postfix and Relay access denied jamiguel77 Linux - Software 3 03-12-2005 10:53 AM


All times are GMT -5. The time now is 11:42 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration