LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices



Reply
 
Search this Thread
Old 01-11-2008, 05:00 AM   #1
Proxx
LQ Newbie
 
Registered: Sep 2007
Location: Holland
Posts: 20

Rep: Reputation: 0
Postfix "Relay access denied" cant send to other domain


Hi there,

i have a problem with my Postfix configuration.
and i cant figure it out.

if have installed Fetchmail,Postfix,spamassassin,dovecot on my server.
and i can send and receive mail from local clients in the network
(everything withe @example.com)

but if im tying to send a mail to ...@domain.com my server starts complaining about "Relay access denied"

main.cf
Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

append_dot_mydomain = no

smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

myorigin = /etc/mailname
mydestination = example.com, localhost
mydomain = example.com
myhostname = example.com
mynetworks = example.com

mailbox_size_limit = 0
recipient_delimiter = +
empty_address_recipient = administrator@example.com
mailbox_command = /usr/bin/procmail -f- -a $USER
maximal_queue_lifetime = 1d
queue_run_delay = 30s
bounce_notice_recipient = administrator@example.com
fallback_relay = 
smtpd_recipient_restrictions = permit_mynetworks permit_inet_interfaces reject_unauth_destination
master.cf
Code:
#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
#submission inet n       -       -       -       -       smtpd
#  -o smtpd_enforce_tls=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps     inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628      inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
	-o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache	  unix	-	-	-	-	1	scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#

#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#

ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix	-	n	n	-	2	pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
postconf -n
Code:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
biff = no
bounce_notice_recipient = administrator@example.com
config_directory = /etc/postfix
empty_address_recipient = administrator@example.com
mailbox_command = /usr/bin/procmail -f- -a $USER
mailbox_size_limit = 0
maximal_queue_lifetime = 1d
mydestination = example.com, localhost
mydomain = example.com
myhostname = example.com
mynetworks = example.com
myorigin = /etc/mailname
queue_run_delay = 30s
recipient_delimiter = +
relay_domains = $mydestination
relayhost = [post.demon.nl]
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_mynetworks permit_inet_interfaces reject_unauth_destination
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
administrator@LiSe:/etc$
ive bin to lots of sites and googled it up.
but now im really stuck

Thanx in advance, Marco (Proxx)

Last edited by Proxx; 01-11-2008 at 05:32 AM.
 
Old 01-11-2008, 05:53 AM   #2
rupertwh
Member
 
Registered: Sep 2006
Location: Munich, Germany
Distribution: Debian / Ubuntu
Posts: 297

Rep: Reputation: 49
Hi,

you are missing 'smtpd_client_restrictions'. E.g.
Code:
smtpd_client_restrictions = permit_mynetworks
will allow relaying for users in $mynetworks.

EDIT: Actually, that might not be necessary. I just see that you set 'mynetworks' to your domain name instead of your network. Fix that first.

Last edited by rupertwh; 01-11-2008 at 05:57 AM.
 
Old 01-11-2008, 06:49 AM   #3
marozsas
Senior Member
 
Registered: Dec 2005
Location: Campinas/SP - Brazil
Distribution: SuSE, RHEL, Fedora, Ubuntu
Posts: 1,393
Blog Entries: 1

Rep: Reputation: 64
This host post.demon.nl accept plain connections from your machine ?
I don't have a similar setup here (my server send e-mails directly) but when you use a ISP to relay e-mail, is common to only accept authenticated connections.

If it is your case, you have to put a user and a password your ISP gave to you in file "/etc/postfix/sasl_passwd" and create a binary map for it (/etc/postfix/sasl_passwd.db) and setup postfix to use this.
Code:
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
May be anyone with a similar setup like yours could provide more precise information....
 
Old 01-11-2008, 07:13 AM   #4
gani
Member
 
Registered: Jun 2004
Location: Metro Manila, Philippines
Distribution: OpenBSD, Slackware, XP
Posts: 347

Rep: Reputation: 31
Try first to change your mynetworks parameter as shown.

mynetworks = 127.0.0.0/8, 192.168.x.y/24

So that permit_mynetworks in your smtpd_recipient_restrictions would translate to these network blocks and your local network including other related smtp services running @127.0.0.1 could relay through it.

Are you authorized to relay through post.demon.nl? Is this your ISP? You are using this relay through relayhost parameter.

Just try to make this empty by commenting it out.

#relayhost = [post.demon.nl]

By disabling this parameter, your mail host would simply relay directly to the SMTP server that accepts messages for the domain that you are sending mail to.

Also make sure that you are using a registered domain with your public IP assigned to it with its MX host defined through your DNS host servers since if not, mail servers would simply reject you.

As a suggestion, myhostname must be your box's fully qualified host name like mail.example.com.

myhostname = mail.example.com

Restart now your postfix and test it again.

----------
GANI
 
Old 01-11-2008, 07:33 AM   #5
Proxx
LQ Newbie
 
Registered: Sep 2007
Location: Holland
Posts: 20

Original Poster
Rep: Reputation: 0
Wow Wow, Nice 3 reply's

First i thank you all for your Reply!

now im going to read them

din't tell you at first but this is the first time i have tried to set up a mail server maybe thats why my config is crappy

...
Thanx thanx
 
Old 01-11-2008, 07:36 AM   #6
Proxx
LQ Newbie
 
Registered: Sep 2007
Location: Holland
Posts: 20

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by gani View Post
mynetworks = 127.0.0.0/8, 192.168.x.y/24
192.168.0.0/24 this will accept all messages from ip-range 192.168.0.1 to 192.168.0.254 ?
if not im still going to try it.

--------------------------------------------------------------
Thanx for the help men. i have applied the changes and it seems to works


Many Many thanx!

Last edited by Proxx; 01-11-2008 at 07:45 AM.
 
Old 01-11-2008, 10:10 AM   #7
Proxx
LQ Newbie
 
Registered: Sep 2007
Location: Holland
Posts: 20

Original Poster
Rep: Reputation: 0
Topic Closed!!!

Last edited by Proxx; 01-15-2008 at 09:42 AM.
 
  


Reply

Tags
mail, relay


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
postfix allow relay by "FROM:" domain paddyjoy Linux - Server 4 09-25-2006 06:02 PM
Postfix "554 Relay access denied" alexpopescu Linux - Software 1 10-17-2005 04:22 AM
Postfix as a mail relay (getting relay access denied) hypexr Linux - Software 3 09-13-2005 08:15 PM
Postfix - "Relay Access Denied" clickster Linux - Software 1 09-12-2005 05:28 PM
Email Error - "Recipient address rejected: Relay access denied" ripcord Linux - Newbie 1 10-31-2002 04:00 PM


All times are GMT -5. The time now is 10:35 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration