LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices



Reply
 
Search this Thread
Old 05-29-2008, 08:17 AM   #1
alitrix
Member
 
Registered: Jun 2003
Location: Netherlands, The
Distribution: Ubuntu, Kernel 2.6.7
Posts: 169

Rep: Reputation: 30
postfix / smtpd is rejecting all incoming emails


Hi,

I finally installed SASL so my IMAP user(s) need to login to use the SMTP server.

But know, the problem, every email from outside (tested from gmail.com/hotmail.com) are rejected. I understand why, because they are not in the "trusted" domain list.
This means I have to add all the domains that are gonna mail us in that list that's gonna take some time?

Is there a way to configure it like this:
IMAP users that use SMTP, AUTH required!
Outside users, in this example gmail.com, just deliver the email IF the email is one of the domains I specify.

My /etc/postfix/main.cf:
Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = server1.example.com
mydomain = alitrix.nl
mydestination = $myhostname, localhost.$mydomain, localhost, phoenix, r1k7s19.kdiss.com, localhost.kdiss.com
mynetworks = 127.0.0.0/8, 217.170.21.50, alitrix.nl, mail.alitrix.nl, mail.spelladder.nl, spelladder.nl
myorigin = alitrix.nl
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
home_mailbox = .mailbox/

mailbox_size_limit = 0
recipient_delimiter = +

local_destination_concurrency_limit = 10
ignore_mx_lookup_error = yes

# Don't accept mail from domains that don't exist.
smtpd_sender_restrictions = reject_unknown_sender_domain

mailbox_command = /usr/bin/procmail
smtpd_helo_required = yes

relay_recipient_maps = hash:/etc/postfix/relay_recipients

allow_untrusted_routing = yes
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks, reject_unauth_destination
inet_interfaces = all

smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
/var/log/mail
Code:
May 29 14:10:33 r1k7s19 postfix/smtpd[5596]: disconnect from unknown[121.170.129.117]
May 29 14:10:34 r1k7s19 dovecot: IMAP(alitrix): Disconnected: Logged out
May 29 14:11:29 r1k7s19 postfix/smtpd[5596]: connect from an-out-0708.google.com[209.85.132.251]
May 29 14:11:30 r1k7s19 postfix/smtpd[5596]: NOQUEUE: reject: RCPT from an-out-0708.google.com[209.85.132.251]: 554 5.7.1 <alitrix@alitrix.nl>: Relay access denied; from=<alitrix@gmail.com> to=<alitrix@alitrix.nl> proto=ESMTP helo=<an-out-0708.google.com>
May 29 14:11:30 r1k7s19 postfix/smtpd[5596]: disconnect from an-out-0708.google.com[209.85.132.251]
May 29 14:12:22 r1k7s19 postfix/smtpd[5596]: connect from an-out-0708.google.com[209.85.132.246]
May 29 14:12:22 r1k7s19 postfix/smtpd[5596]: NOQUEUE: reject: RCPT from an-out-0708.google.com[209.85.132.246]: 554 5.7.1 <alitrix@alitrix.nl>: Relay access denied; from=<alitrix@gmail.com> to=<alitrix@alitrix.nl> proto=ESMTP helo=<an-out-0708.google.com>
May 29 14:12:22 r1k7s19 postfix/smtpd[5596]: disconnect from an-out-0708.google.com[209.85.132.246]
May 29 14:13:31 r1k7s19 postfix/smtpd[5596]: connect from 190-76-126-138.dyn.movilnet.com.ve[190.76.126.138]
May 29 14:13:31 r1k7s19 postfix/smtpd[5596]: disconnect from 190-76-126-138.dyn.movilnet.com.ve[190.76.126.138]
As u see, I'm trying to send from alitrix@gmail.com => alitrix@alitrix.nl

Can somebody please explain what I'm dong wrong?

Greetz,

alitrix
 
Old 05-29-2008, 08:19 AM   #2
alitrix
Member
 
Registered: Jun 2003
Location: Netherlands, The
Distribution: Ubuntu, Kernel 2.6.7
Posts: 169

Original Poster
Rep: Reputation: 30
Btw, this is a email that returned from my server back to gmail:
Code:
                                                                                                                                                                                                                                                               
Delivered-To: alitrix@gmail.com
Received: by 10.100.178.6 with SMTP id a6cs109208anf;
        Thu, 29 May 2008 05:11:26 -0700 (PDT)
Received: by 10.100.47.13 with SMTP id u13mr6268404anu.56.1212063086478;
        Thu, 29 May 2008 05:11:26 -0700 (PDT)
Return-Path: <>
Received: by 10.100.47.13 with SMTP id u13mr9772439anu.56;
        Thu, 29 May 2008 05:11:26 -0700 (PDT)
Message-ID: <0016e6464fbeb703de044e5d6d29@googlemail.com>
From: Mail Delivery Subsystem <mailer-daemon@googlemail.com>
To: alitrix@gmail.com
Subject: Delivery Status Notification (Failure)
Date: Thu, 29 May 2008 05:11:26 -0700 (PDT)

This is an automatically generated Delivery Status Notification

Delivery to the following recipient failed permanently:

     alitrix@alitrix.nl

Technical details of permanent failure: 
PERM_FAILURE: Gmail tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 554 554 5.7.1 <alitrix@alitrix.nl>: Relay access denied (state 14).

   ----- Original message -----

Received: by 10.100.47.13 with SMTP id u13mr6256746anu.56.1212062701016;
        Thu, 29 May 2008 05:05:01 -0700 (PDT)
Received: by 10.100.178.6 with HTTP; Thu, 29 May 2008 05:05:00 -0700 (PDT)
Message-ID: <d004dafc0805290505o2c397dedt87d61c37d754cb04@mail.gmail.com>
Date: Thu, 29 May 2008 14:05:00 +0200
From: "Alitrix aka Ali" <alitrix@gmail.com>
To: "alitrix@alitrix.nl" <alitrix@alitrix.nl>
Subject: does it work?
MIME-Version: 1.0
Content-Type: multipart/alternative; 
	boundary="----=_Part_8380_3437810.1212062700989"

------=_Part_8380_3437810.1212062700989
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline



------=_Part_8380_3437810.1212062700989
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

   ----- Message truncated -----
 
Old 06-06-2008, 05:10 PM   #3
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 59
Setup the submission port (587) for your SASL AUTH users, and don't bother with TLS/SASL on port 25.
 
  


Reply

Tags
access, denied, incoming, mail, postfix, reject, relay


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix error: /usr/lib/postfix/smtpd pid 7529 exit status 1 Chiragrs Linux - Networking 7 05-16-2008 01:42 AM
Postfix rejecting connections atmadrau Linux - Server 5 02-20-2007 08:56 AM
Postfix doesn't receive incoming emails El Mago Linux - Software 8 08-04-2006 11:57 AM
Rejecting domains with Postfix... CRCool75 Linux - Networking 4 03-09-2006 08:42 AM
Rejecting Spam Emails vk1985 Linux - Networking 3 04-11-2003 05:36 AM


All times are GMT -5. The time now is 07:33 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration