Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
03-21-2011, 12:17 PM
|
#1
|
Member
Registered: Dec 2010
Posts: 130
Rep:
|
Postfix SASL - Relay access denied
distro = debian 5
when i tried to send to other domain, i will get "Relay access denied"
below are my configs
main.cf
Code:
# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
inet_interfaces = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mydestination = dubdub.com, mail.dubdub.com, localhost.dubdub.com, localhost
myhostname = mail.dubdub.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = dubdub.com
smtpd_sasl_security_options = noanonymous
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
/etc/default/saslauthd
Code:
START=yes
DESC="SASL Authentication Daemon"
NAME="saslauthd"
MECHANISMS="pam"
MECH_OPTIONS=""
THREADS=5
PWDIR="/var/spool/postfix/var/run/saslauthd"
PARAMS="-m ${PWDIR}"
PIDFILE="${PWDIR}/saslauthd.pid"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
/etc/dovecot/dovecot.conf
Code:
...
auth default {
mechanisms = plain login
passdb pam {
}
userdb passwd {
}
socket listen {
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
}
...
what could cause this?
|
|
|
03-21-2011, 12:49 PM
|
#2
|
Senior Member
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125
|
Relay access denied means that Postfix did not get proper authentication of the user attempting to send the message and that the message was for a domain other than one it receives mail for. You've got permit_mynetworks and permit_sasl_authenticated, which suggests that you were trying to send mail to a different domain via an email client on a different host. Your mymyetworks parameter looks to be configured for various versions of localhost. I would look at the postfix logs and if you think the login should have been authenticated, turn on debugging in Dovecot by switching the debug parameters to yes in the dovecot configuration.
|
|
|
03-22-2011, 08:28 AM
|
#3
|
Member
Registered: Dec 2010
Posts: 130
Original Poster
Rep:
|
i don't know what to make of these dovecot debug messages
Code:
dovecot: 2011-03-22 20:22:17 Info: auth(default2): new auth connection: pid=22224
dovecot: 2011-03-22 20:22:17 Info: auth(default): new auth connection: pid=22224
dovecot: 2011-03-22 20:22:19 Info: auth(default2): client in: AUTH 1 PLAIN service=IMAP secured lip=100.80.200.60 rip=121.120.10.100
dovecot: 2011-03-22 20:22:19 Info: auth(default2): client out: CONT 1
dovecot: 2011-03-22 20:22:19 Info: auth(default2): client in: CONT<hidden>
dovecot: 2011-03-22 20:22:19 Info: auth(default2): pam(user1,121.120.10.100): lookup service=dovecot
dovecot: 2011-03-22 20:22:19 Info: auth(default2): client out: OK 1 user=user1
dovecot: 2011-03-22 20:22:19 Info: auth(default2): master in: REQUEST 1 20328 1
dovecot: 2011-03-22 20:22:19 Info: auth(default2): passwd(user1,121.120.10.100): lookup
dovecot: 2011-03-22 20:22:19 Info: auth(default2): master out: USER 1 user1 system_user=user1 uid=1001 gid=1001 home=/home/user1
dovecot: 2011-03-22 20:22:19 Info: imap-login: Login: user=<user1>, method=PLAIN, rip=121.120.10.100, lip=100.80.200.60, TLS
postfix debug messages
Code:
Mar 22 20:22:07 205202 postfix/smtpd[25728]: disconnect from unknown[121.120.10.100]
Mar 22 20:22:10 205202 postfix/smtpd[25728]: connect from unknown[121.120.10.100]
Mar 22 20:22:42 205202 postfix/smtpd[25728]: NOQUEUE: reject: RCPT from unknown[121.120.10.100]: 554 5.7.1 <malayo@malayo.org>: Relay access denied; from=<user1@dubdub.com> to=<malayo@malayo.org> proto=ESMTP helo=<hoi>
but i can send from outside to local user
Code:
Mar 22 21:09:08 205202 postfix/smtpd[26003]: connect from unknown[121.120.10.100]
Mar 22 21:09:46 205202 postfix/smtpd[26003]: 1F681B93130A: client=unknown[121.120.10.100]
Mar 22 21:10:37 205202 postfix/cleanup[1538]: 1F681B93130A: message-id=<20110322130946.1F681B93130A@dubdub.com>
Mar 22 21:10:37 205202 postfix/qmgr[30240]: 1F681B93130A: from=<malayo@malayo.org>, size=374, nrcpt=1 (queue active)
Mar 22 21:10:37 205202 postfix/local[9971]: 1F681B93130A: to=<user1@dubdub.com>, relay=local, delay=67, delays=67/0.02/0/0.05, dsn=2.0.0, status=sent (delivered to command: procmail -a "$EXTENSION")
Mar 22 21:10:37 205202 postfix/qmgr[30240]: 1F681B93130A: removed
Mar 22 21:10:40 205202 postfix/smtpd[26003]: disconnect from unknown[121.120.10.100]
Last edited by malayo; 03-22-2011 at 09:13 AM.
|
|
|
03-23-2011, 06:45 AM
|
#4
|
Member
Registered: Jul 2004
Location: Zinzinnati, OH
Distribution: RH, FC 1-6, F 7-21, Debian, LinuxPPC, Knoppix, Ubuntu, Yellow Dog
Posts: 176
Rep:
|
Did you turn on authentication in your email client? In your postfix log, if you had turned on authentication, you should see something like the following after the connect statement:
Mar 22 20:22:10 205202 postfix/smtpd[25728]: random string: client=server_name[IP], sasl_method=(login or plain), sasl_username=authenticated_username
|
|
1 members found this post helpful.
|
03-23-2011, 12:47 PM
|
#5
|
Senior Member
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125
|
Cincindie, that is a good observation. The logs they posted appear to indicate that dovecot is authenticating the user and resolving the credentials properly, but this is not being passed on to Postfix.
|
|
|
All times are GMT -5. The time now is 11:20 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|