Server Blocks use of Aliases from outside: Recipient address rejected: Access denied
I have a user that uses an Exchange server and needs to have access to send to email aliases on my dovecot/postfix server. When she sends to an alias she gets: Recipient address rejected: Access denied
Not sure where to go on this. I think it may be in the smtpd_recipient_restrictions = section of main.cf, but not sure where aliases are restricted. Here is what that section looks like: smtpd_recipient_restrictions = reject_non_fqdn_recipient reject_non_fqdn_sender reject_unknown_sender_domain reject_unknown_recipient_domain permit_sasl_authenticated permit_mynetworks check_client_access hash:/etc/postfix/internal_networks check_sender_access hash:/etc/postfix/not_our_domain_as_sender reject_unauth_destination check_recipient_access hash:/etc/postfix/protect_internal_aliases reject_multi_recipient_bounce reject_rbl_client sbl-xbl.spamhaus.org reject_rbl_client pbl.spamhaus.org check_recipient_access hash:/etc/postfix/role_account_exceptions check_helo_access pcre:/etc/postfix/helo_checks reject_non_fqdn_hostname reject_invalid_hostname check_sender_mx_access cidr:/etc/postfix/bogus_mx check_sender_access hash:/etc/postfix/rhsbl_sender_exceptions reject_rhsbl_sender dsn.rfc-ignorant.org check_sender_access hash:/etc/postfix/common_spam_senderdomains check_sender_access regexp:/etc/postfix/common_spam_senderdomain_keywords permit |
I don't have your exact answer, but just a direction focus to employ. Since you've not gotten an answer in over a day, I decided to post this to see if it might help.
Most likely the problem is that she appears to the Postfix server as an outsider sending email to an outsider. That's relaying and it is rejected because spammers have used that to magnify their efforts. Have her try sending test email to a user on that server to confirm that it works that way. There are a few ways to fix that. If she is on a local LAN, add the LAN address to list of local networks in the main.cf file on "mynetworks =". If she is on an outside network, you need to set up secure submission and user logins. There's lots of different ways to do these things depending on your circumstances and the details of how you need to deny and allow access to others. |
Adding the IP's to "mynetworks" fixed this issue. Getting those IP's from Microsoft was pure pain and anguish!
|
All times are GMT -5. The time now is 11:43 AM. |