LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 04-10-2017, 11:09 PM   #1
Vernicronz
Member
 
Registered: Jul 2014
Distribution: Redhat,Centos,Ubuntu
Posts: 54

Rep: Reputation: Disabled
Postfix Relay access denied


Hi All ,

Recently i have built 2 servers with ubuntu 16.04 - one as main postfix and another as another app server (nginx). Whenever i set the postfix server to the nginx server as a relay host - i can't seem to send mails out. I am getting relay access denied error. Kindly advise.. Thanks.

Postfix server main.cf (local IP : 172.31.25.243)
===================================
Code:
root@chatpostfix:/etc/postfix# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
default_process_limit = 100
disable_dns_lookups = yes
inet_interfaces = all
inet_protocols = ipv4
mailbox_size_limit = 0
mydestination = $myhostname, chatpostfix.xxxxx, localhost, localhost.localdomain, localhost
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.31.0.0/20
readme_directory = no
recipient_delimiter = +
relayhost = xxxxx
smtp_generic_maps = hash:/etc/postfix/generic
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
root@chatpostfix:/etc/postfix#

Nginx server main.cf (local IP : 172.31.25.241)
=================================

Code:
root@chatnginx:/etc/postfix# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
mydestination = $myhostname, chatnginx.xxxxx, localhost, localhost.localdomain, localhost
myhostname = localhost.xxxxx
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.31.0.0/20
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost = 172.31.12.243
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes

Mail.log errors in postfix server
=======================
Code:
Apr 11 12:04:51 localhost postfix/smtpd[7156]: connect from ip-172-31-25-241.xxxxx[172.31.25.241]
Apr 11 12:04:51 localhost postfix/smtpd[7156]: NOQUEUE: reject: RCPT from ip-172-31-25-241.xxxx[172.31.25.241]: 454 4.7.1 <xcodehawk@gmail.com>: Relay access denied; from=<root@localhost> to=<xcodehawk@gmail.com> proto=ESMTP helo=<localhost.xxxx>
Apr 11 12:04:51 localhost postfix/smtpd[7156]: disconnect from ip-172-31-25-241.xxxx[172.31.25.241] ehlo=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=4/6

Mail.log errors in nginx server
=======================
Code:
Apr 11 12:07:02 localhost postfix/pickup[20854]: E64BE61A33: uid=0 from=<root@localhost>
Apr 11 12:07:02 localhost postfix/cleanup[20971]: E64BE61A33: message-id=<20170411040702.E64BE61A33@localhost.xxxxx>
Apr 11 12:07:02 localhost postfix/qmgr[20856]: E64BE61A33: from=<root@localhost>, size=392, nrcpt=1 (queue active)
Apr 11 12:07:02 localhost postfix/smtp[20951]: E64BE61A33: to=<xcodehawk@gmail.com>, relay=172.31.12.243[172.31.12.243]:25, delay=0.01, delays=0.01/0/0/0, dsn=4.7.1, status=deferred (host 172.31.12.243[172.31.12.243] said: 454 4.7.1 <xcodehawk@gmail.com>: Relay access denied (in reply to RCPT TO command))
 
Old 04-11-2017, 01:07 AM   #2
descendant_command
Senior Member
 
Registered: Mar 2012
Posts: 1,743

Rep: Reputation: 560Reputation: 560Reputation: 560Reputation: 560Reputation: 560Reputation: 560
Quote:
Code:
smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
Looks like you are missing some comma's (,) between the elements.
 
Old 04-13-2017, 03:50 AM   #3
Vernicronz
Member
 
Registered: Jul 2014
Distribution: Redhat,Centos,Ubuntu
Posts: 54

Original Poster
Rep: Reputation: Disabled
Hi ,

Thanks for the advice. I have done as said , but still getting the issue .
Code:
root@chatpostfix:/etc/postfix# postconf -n|egrep 'smtpd_recipient_restrictions|smtpd_relay_restrictions'
smtpd_recipient_restrictions = permit_sasl_authenticated , permit_mynetworks , reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks , permit_sasl_authenticated , defer_unauth_destination
 
Old 04-13-2017, 04:51 AM   #4
descendant_command
Senior Member
 
Registered: Mar 2012
Posts: 1,743

Rep: Reputation: 560Reputation: 560Reputation: 560Reputation: 560Reputation: 560Reputation: 560
OK, so it's working as you've designed it.

Your nginx server is not authenticating, is not in your 'mynetworks' and is not sending to a local address, so is rejected.
 
1 members found this post helpful.
Old 04-25-2017, 01:43 AM   #5
Vernicronz
Member
 
Registered: Jul 2014
Distribution: Redhat,Centos,Ubuntu
Posts: 54

Original Poster
Rep: Reputation: Disabled
Smile

hi descendant_command ,

yes , your suggestion worked . thanks so much

wondering how i hv missed it ...damn
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix Relay Access Denied sojelee Linux - Newbie 1 03-30-2009 08:30 AM
postfix: Relay access denied gabsik Linux - Server 7 12-20-2007 04:10 AM
postfix: relay access denied cope Linux - Server 1 05-10-2007 01:35 AM
Postfix as a mail relay (getting relay access denied) hypexr Linux - Software 3 09-13-2005 07:15 PM
postfix: Relay access denied SolidSnake Linux - Networking 4 02-20-2004 09:05 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 09:35 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration