Ok..got a weird one..
I have a postfix email server setup so that only authenticated users can relay mail from locations other that the ones I specify (MyNetworks, etc).
When I travel with my laptop and get to some place using DHCP (hotel or something), I get 'relay access denied' when sending mail to certain domains (gmail.com for example).
It only happens when I use Outlook 2010, which for some reason has to be 'rigged' to authenticate with the way I have this thing setup...but even though I am authenticating, it still gets 'relay access denied'.
Only Outlook 2010 or Outlook 2003 seem to have this problem.
It works fine when using an email client other than Outlook 2010 or Outlook 2003 (all other versions of outlook seem to work fine, as does Thunderbird).
I suspect the 'STARTTLS' has something to do with it, as this is not an option on either of those clients.
I want to make this work with any email client that is capable of doing it, and both outlook 2010 and outlook 2003 are supposed to support this type of thing.
postfix main.cf
Code:
broken_sasl_auth_clients = yes
smtpd_client_restrictions =
smtpd_sender_restrictions = reject_invalid_hostname reject_unknown_sender_domain reject_unauthenticated_sender_login_mismatch permit_sasl_authenticated permit_mynetworks permit
Here is what the maillog says
Code:
connect from unknown[{temp-IP}]
postfix/smtpd[24883]: setting up TLS connection from unknown[{temp-IP}]
postfix/smtpd[24883]: TLS connection established from unknown[{temp-IP}]: TLSv1 with cipher AES128-SHA (128/128 bits)
postfix/smtpd[24883]: NOQUEUE: reject: RCPT from unknown[{temp-IP}]: 554 5.7.1 <{recipient@gmail.com}>: Relay access denied; from=<{my_email_address}> to=<{recipient @gmail.com}> proto=ESMTP helo=<{MyPC}>
postfix/smtpd[24883]: disconnect from unknown[{temp-IP}]
Once I get this working, I had planned to move away from TLSv1, but now I am starting to think that TLSv1 may be part of the problem (I want to move up anyway, but am trying to get the silly thing to work first before I go and mess the entire thing up again)
As I understand it, for outgoing mail I can use :
PORT(portDesc) [what to use]
----------------------------
25(smtpd) [standard, could use SSL_client_cert to auth, but what a pain]
465(smpts) [SSL/TLS]
587(submission) [STARTTLS - which is where outlook 2010/2003 has problems because they dont support it the 'normal' way]
(is that right?)
Any ideas on how I can go about fixing this?
Thanks!