LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Postfix "Relay access denied" cant send to other domain (https://www.linuxquestions.org/questions/linux-server-73/postfix-relay-access-denied-cant-send-to-other-domain-612804/)

Proxx 01-11-2008 04:00 AM

Postfix "Relay access denied" cant send to other domain
 
Hi there,

i have a problem with my Postfix configuration.
and i cant figure it out.

if have installed Fetchmail,Postfix,spamassassin,dovecot on my server.
and i can send and receive mail from local clients in the network
(everything withe @example.com)

but if im tying to send a mail to ...@domain.com my server starts complaining about "Relay access denied"

main.cf
Code:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

append_dot_mydomain = no

smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

myorigin = /etc/mailname
mydestination = example.com, localhost
mydomain = example.com
myhostname = example.com
mynetworks = example.com

mailbox_size_limit = 0
recipient_delimiter = +
empty_address_recipient = administrator@example.com
mailbox_command = /usr/bin/procmail -f- -a $USER
maximal_queue_lifetime = 1d
queue_run_delay = 30s
bounce_notice_recipient = administrator@example.com
fallback_relay =
smtpd_recipient_restrictions = permit_mynetworks permit_inet_interfaces reject_unauth_destination

master.cf
Code:

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#              (yes)  (yes)  (yes)  (never) (100)
# ==========================================================================
smtp      inet  n      -      -      -      -      smtpd
#submission inet n      -      -      -      -      smtpd
#  -o smtpd_enforce_tls=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps    inet  n      -      -      -      -      smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628      inet  n      -      -      -      -      qmqpd
pickup    fifo  n      -      -      60      1      pickup
cleanup  unix  n      -      -      -      0      cleanup
qmgr      fifo  n      -      n      300    1      qmgr
#qmgr    fifo  n      -      -      300    1      oqmgr
tlsmgr    unix  -      -      -      1000?  1      tlsmgr
rewrite  unix  -      -      -      -      -      trivial-rewrite
bounce    unix  -      -      -      -      0      bounce
defer    unix  -      -      -      -      0      bounce
trace    unix  -      -      -      -      0      bounce
verify    unix  -      -      -      -      1      verify
flush    unix  n      -      -      1000?  0      flush
proxymap  unix  -      -      n      -      -      proxymap
smtp      unix  -      -      -      -      -      smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay    unix  -      -      -      -      -      smtp
        -o smtp_fallback_relay=
#      -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq    unix  n      -      -      -      -      showq
error    unix  -      -      -      -      -      error
retry    unix  -      -      -      -      -      error
discard  unix  -      -      -      -      -      discard
local    unix  -      n      n      -      -      local
virtual  unix  -      n      n      -      -      virtual
lmtp      unix  -      -      -      -      -      lmtp
anvil    unix  -      -      -      -      1      anvil
scache          unix        -        -        -        -        1        scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -      n      n      -      -      pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#

#
uucp      unix  -      n      n      -      -      pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#

ifmail    unix  -      n      n      -      -      pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp    unix  -      n      n      -      -      pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix        -        n        n        -        2        pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman  unix  -      n      n      -      -      pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

postconf -n
Code:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
biff = no
bounce_notice_recipient = administrator@example.com
config_directory = /etc/postfix
empty_address_recipient = administrator@example.com
mailbox_command = /usr/bin/procmail -f- -a $USER
mailbox_size_limit = 0
maximal_queue_lifetime = 1d
mydestination = example.com, localhost
mydomain = example.com
myhostname = example.com
mynetworks = example.com
myorigin = /etc/mailname
queue_run_delay = 30s
recipient_delimiter = +
relay_domains = $mydestination
relayhost = [post.demon.nl]
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_mynetworks permit_inet_interfaces reject_unauth_destination
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
administrator@LiSe:/etc$

ive bin to lots of sites and googled it up.
but now im really stuck

Thanx in advance, Marco (Proxx)

rupertwh 01-11-2008 04:53 AM

Hi,

you are missing 'smtpd_client_restrictions'. E.g.
Code:

smtpd_client_restrictions = permit_mynetworks
will allow relaying for users in $mynetworks.

EDIT: Actually, that might not be necessary. I just see that you set 'mynetworks' to your domain name instead of your network. Fix that first.

marozsas 01-11-2008 05:49 AM

This host post.demon.nl accept plain connections from your machine ?
I don't have a similar setup here (my server send e-mails directly) but when you use a ISP to relay e-mail, is common to only accept authenticated connections.

If it is your case, you have to put a user and a password your ISP gave to you in file "/etc/postfix/sasl_passwd" and create a binary map for it (/etc/postfix/sasl_passwd.db) and setup postfix to use this.
Code:

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous

May be anyone with a similar setup like yours could provide more precise information....

gani 01-11-2008 06:13 AM

Try first to change your mynetworks parameter as shown.

mynetworks = 127.0.0.0/8, 192.168.x.y/24

So that permit_mynetworks in your smtpd_recipient_restrictions would translate to these network blocks and your local network including other related smtp services running @127.0.0.1 could relay through it.

Are you authorized to relay through post.demon.nl? Is this your ISP? You are using this relay through relayhost parameter.

Just try to make this empty by commenting it out.

#relayhost = [post.demon.nl]

By disabling this parameter, your mail host would simply relay directly to the SMTP server that accepts messages for the domain that you are sending mail to.

Also make sure that you are using a registered domain with your public IP assigned to it with its MX host defined through your DNS host servers since if not, mail servers would simply reject you.

As a suggestion, myhostname must be your box's fully qualified host name like mail.example.com.

myhostname = mail.example.com

Restart now your postfix and test it again.

----------
GANI

Proxx 01-11-2008 06:33 AM

Wow Wow, Nice 3 reply's

First i thank you all for your Reply!

now im going to read them

din't tell you at first but this is the first time i have tried to set up a mail server maybe thats why my config is crappy ;)

...
Thanx thanx :D

Proxx 01-11-2008 06:36 AM

Quote:

Originally Posted by gani (Post 3018877)
mynetworks = 127.0.0.0/8, 192.168.x.y/24

192.168.0.0/24 this will accept all messages from ip-range 192.168.0.1 to 192.168.0.254 ?
if not im still going to try it.

--------------------------------------------------------------
Thanx for the help men. i have applied the changes and it seems to works


Many Many thanx! :D

Proxx 01-11-2008 09:10 AM

Topic Closed!!!


All times are GMT -5. The time now is 04:11 PM.