UbuntuThis forum is for the discussion of Ubuntu Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am trying to get postfix on Ubuntu Natty Narwhal to send mail. I have A and MX records for the mail server and a reverse DNS entry pointing from mail.mydomain.com (not the real domain name) back to the IP of the server.
I am testing the install by telnetting in on port 25 to the fully qualified mail server name and doing the following:
mail from:<admin-user@mydomain.com>
rcpt to:<test-user@gmail.com>
As soon as I type in the "rcpt to:" line and hit Enter, I get:
554 5.7.1 <test-user@gmail.com>: Relay access denied
Note that although test-user is not the real name of the account, what I am actually using is a real gmail account.
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = mail.mydomain.com # ("mydomain.com" is not the real domain)
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = $mydomain
mydestination = mail.mydomain.com, localhost.mydomain.com, mydomain.com, , localhost
relayhost =
mynetworks = 192.168.1.0/24 127.0.0.0/8 12.34.567.89 # this last IP is not the real IP either, but points to the mydomain.com server which is different from the mail.mydomain.com server postfix is hosted on
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
Last edited by Speak2Animals; 03-19-2012 at 03:05 PM.
inet_protocols = all #Provide support for IPv4 and IPv6 protocol if configured.
mydomain = domain.tld #As you are using myorigin=$mydomain then you should define your domain as well
mydestination = $mydomain #This will work instead of defining individual names
relayhost = # Put a pound sign if you are not using this param like #relayhost =
Putting the above things in main.cf does not mean it will resolve the issue. We need to find other things as well. Things that I would like to know are:
1. Do you have mail exchanger setup for your mail server / domain name.
2. What is the output of the following command:
Code:
alternatives --display mta | grep current
3. Output of:
Code:
tail /var/log/maillog
The above output I need after you try to send the email and you get access denied.
Thanks very much for the quick response! I'm not sure of the meaning of question 1 unless you are asking if I have an MX record set up, which I do (and an A record also). I'm guessing you mean something else, though.
When I try
alternatives --display mta | grep current
bash tells me the command is not found. Ditto if I
sudo !!
The mail log on my system is stored in /var/log/mail.log and contains:
Mar 19 20:10:21 mail postfix/anvil[1603]: statistics: max cache size 1 at Mar 19 20:01:21
Mar 19 20:27:57 mail postfix/postfix-script[2665]: refreshing the Postfix mail system
Mar 19 20:27:57 mail postfix/master[29779]: reload -- version 2.8.5, configuration /etc/postfix
Mar 19 20:27:57 mail postfix/master[29779]: warning: ignoring inet_protocols parameter value change
Mar 19 20:27:57 mail postfix/master[29779]: warning: old value: "ipv4", new value: "all"
Mar 19 20:27:57 mail postfix/master[29779]: warning: to change inet_protocols, stop and start Postfix
Mar 19 20:29:23 mail postfix/smtpd[2704]: connect from mail.mydomain.com[111.222.333.44]
Mar 19 20:29:48 mail postfix/smtpd[2704]: NOQUEUE: reject: RCPT from mail.mydomain.com[111.222.333.44]: 554 5.7.1 <test-user@gmail.com>: Relay access denied; from=<admin-user@mydomain.com> to=<test-user@gmail.com> proto=SMTP
Mar 19 20:29:53 mail postfix/smtpd[2704]: lost connection after RCPT from mail.mydomain.com[111.222.333.44]
Mar 19 20:29:53 mail postfix/smtpd[2704]: disconnect from mail.mydomain.com[111.222.333.44]
Speak2Animals
P.S. I have to go but will be checking in in a few hours. Thanks in advance for your help!
Last edited by Speak2Animals; 03-19-2012 at 03:38 PM.
Yes I was looking for the same that is if you have got mx record and A record setup for your mail server. As you said that you have then we are clean on that part.
I just checked on my Ubuntu system and found that alternatives command does not exist there. I was running that on my CentOS system and it is there so we can forget that.
Moving forward things that I need to know are:
1. Output of:
Code:
sudo postfix check
This time I remember that it is Ubuntu system ;-). Let me know if you get any error message when you run this command.
2. I need to know if you have got mail spool directory setup in main.cf as I do not see that in the initial configuration that you have pasted. It should look something like:
Code:
mail_spool_directory = /var/spool/mail
As it is complaining about queue so I thought I should be look at this param.
There was no entry for mail_spool_directory so I added one just now, did a sudo postfix reload and tried telnetting an email to my gmail recipient, but unfortunately I still got the same result: 554 5.7.1 <test-user@gmail.com>: Relay access denied
Now when I tail -f my mail.log it looks like this:
Code:
Mar 19 20:33:13 mail postfix/anvil[2706]: statistics: max cache size 1 at Mar 19 20:29:23
Mar 20 13:32:53 mail postfix/postfix-script[9897]: refreshing the Postfix mail system
Mar 20 13:32:53 mail postfix/master[29779]: reload -- version 2.8.5, configuration /etc/postfix
Mar 20 13:32:53 mail postfix/master[29779]: warning: ignoring inet_protocols parameter value change
Mar 20 13:32:53 mail postfix/master[29779]: warning: old value: "ipv4", new value: "all"
Mar 20 13:32:53 mail postfix/master[29779]: warning: to change inet_protocols, stop and start Postfix
Mar 20 13:33:19 mail postfix/smtpd[9949]: connect from mail.mydomain.com[111.222.333.44]
Mar 20 13:33:50 mail postfix/smtpd[9949]: NOQUEUE: reject: RCPT from mail.mydomain.com[111.222.333.44]: 554 5.7.1 <test-user@gmail.com>: Relay access denied; from=<admin-user@mydomain.com> to=<test-user@gmail.com> proto=SMTP
Mar 20 13:34:11 mail postfix/smtpd[9949]: lost connection after RCPT from mail.mydomain.com[111.222.333.44]
Mar 20 13:34:11 mail postfix/smtpd[9949]: disconnect from mail.mydomain.com[111.222.333.44]
Mar 20 13:37:31 mail postfix/anvil[9951]: statistics: max connection rate 1/60s for (smtp:111.222.333.44) at Mar 20 13:33:19
Mar 20 13:37:31 mail postfix/anvil[9951]: statistics: max connection count 1 for (smtp:111.222.333.44) at Mar 20 13:33:19
Mar 20 13:37:31 mail postfix/anvil[9951]: statistics: max cache size 1 at Mar 20 13:33:19
P.S. /var/spool/mail on my system is a link to /var/mail -- I used /var/spool/mail for my mail_spool_directory setting, figuring that should work just as well....
For security reasons I can only let you have an anonymized version (one without specific IPs and domain names). But I can also show you what our (anonymized) A and MX records look like relative to (the anonymized) main.cf, in hopes their structure relative to each other provides you a clue.
Here's what (anonymized) main.cf looks like:
Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=no
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = mail.mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydomain = mydomain.com
myorigin = $mydomain
mydestination = mail.mydomain.com, localhost.mydomain.com, mydomain.com, , localhost
# relayhost =
mynetworks = 192.168.1.0/24 127.0.0.0/8 123.456.78.99
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
mail_spool_directory = /var/spool/mail
Here's what dig on (not the real domain) mydomain.com looks like:
Code:
dig mydomain.com
; <<>> DiG 9.7.3 <<>> mydomain.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11070
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;mydomain.com. IN A
;; ANSWER SECTION:
mydomain.com. 300 IN A 123.456.78.99
;; AUTHORITY SECTION:
mydomain.com. 1555 IN NS dns1.somenameserverdomain.com.
mydomain.com. 1555 IN NS dns2.somenameserverdomain.com.
;; ADDITIONAL SECTION:
dns1.somenameserverdomain.com. 85 IN A 1.2.3.4
dns2.somenameserverdomain.com. 300 IN A 12.34.56.78
and finally, here's what dig on mail.mydomain.com looks like:
Code:
dig mail.mydomain.com
; <<>> DiG 9.7.3 <<>> mail.mydomain.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32883
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;mail.mydomain.com. IN A
;; ANSWER SECTION:
mail.mydomain.com. 300 IN A 111.222.333.44
;; AUTHORITY SECTION:
mydomain.com. 701 IN NS dns2.somenameserverdomain.com.
mydomain.com. 701 IN NS dns1.somenameserverdomain.com.
;; ADDITIONAL SECTION:
dns1.somenameserverdomain.com. 261 IN A 1.2.3.4
dns2.somenameserverdomain.com. 152 IN A 12.34.56.78
I think I found what the problem is. In your main.cf there is no queue directory for postfix. Put this line at the end of your main.cf file:
Code:
queue_directory = /var/spool/postfix
Restart postfix and I hope it will work this time. If it does not then post the error log again and I hope we will get different error (if any) this time.
Make sure that you take a backup of existing /etc/postfix/main.cf file before editing it. This will make sure that we do have a copy of initial configuration
Last edited by T3RM1NVT0R; 03-21-2012 at 04:32 PM.
There are no new entries in mail.err for today (in fact, none since Mar. 19). Here are the new entries in mail.log from today:
Code:
Mar 22 11:27:16 mail postfix/master[29779]: terminating on signal 15
Mar 22 11:27:17 mail postfix/master[18684]: daemon started -- version 2.8.5, configuration /etc/postfix
Mar 22 11:27:29 mail postfix/smtpd[18690]: connect from mail.mydomain.com[111.222.333.44]
Mar 22 11:28:04 mail postfix/smtpd[18690]: NOQUEUE: reject: RCPT from mail.mydomain.com[111.222.333.44]: 554 5.7.1 <test-user@gmail.com>: Relay access denied; from=<admin-user@mydomain.com> to=<test-user@gmail.com> proto=SMTP
Mar 22 11:28:42 mail postfix/smtpd[18690]: lost connection after RCPT from mail.mydomain.com[111.222.333.44]
Mar 22 11:28:42 mail postfix/smtpd[18690]: disconnect from mail.mydomain.com[111.222.333.44]
Mar 22 11:29:17 mail postfix/postfix-script[18780]: refreshing the Postfix mail system
Mar 22 11:29:17 mail postfix/master[18684]: reload -- version 2.8.5, configuration /etc/postfix
Mar 22 11:29:17 mail postfix/anvil[18692]: statistics: max connection rate 1/60s for (smtp:111.222.333.44) at Mar 22 11:27:29
Mar 22 11:29:17 mail postfix/anvil[18692]: statistics: max connection count 1 for (smtp:111.222.333.44) at Mar 22 11:27:29
Mar 22 11:29:17 mail postfix/anvil[18692]: statistics: max cache size 1 at Mar 22 11:27:29
Mar 22 11:29:25 mail postfix/smtpd[18787]: connect from mail.mydomain.com[111.222.333.44]
Mar 22 11:29:44 mail postfix/smtpd[18787]: NOQUEUE: reject: RCPT from mail.mydomain.com[111.222.333.44]: 554 5.7.1 <test-user@gmail.com>: Relay access denied; from=<admin-user@mydomain.com> to=<test-user@gmail.com> proto=SMTP
Mar 22 11:29:49 mail postfix/smtpd[18787]: lost connection after RCPT from mail.mydomain.com[111.222.333.44]
Mar 22 11:29:49 mail postfix/smtpd[18787]: disconnect from mail.mydomain.com[111.222.333.44]
Mar 22 11:33:09 mail postfix/anvil[18789]: statistics: max connection rate 1/60s for (smtp:111.222.333.44) at Mar 22 11:29:25
Mar 22 11:33:09 mail postfix/anvil[18789]: statistics: max connection count 1 for (smtp:111.222.333.44) at Mar 22 11:29:25
Mar 22 11:33:09 mail postfix/anvil[18789]: statistics: max cache size 1 at Mar 22 11:29:25
And as a check, this is what the revised main.cf looks like:
Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=no
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = mail.mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydomain = mydomain.com
myorigin = $mydomain
mydestination = mail.mydomain.com, localhost.mydomain.com, mydomain.com, , localhost
# relayhost =
mynetworks = 192.168.1.0/24 127.0.0.0/8 123.456.78.99
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
mail_spool_directory = /var/spool/mail
queue_directory = /var/spool/postfix
Any ideas of other things that might be wrong? I want to say again how much your help is appreciated.
Need to confirm your DNS information related to this host. I need more details on your setup as to how it has been configured. Basically how the setup will route the emails internally/externally.
For DNS information type the following command:
1.
Code:
nslookup
Once you are in nslookup type "server" without quotes to make sure your system is pointing to correct DNS server. Once that part is done enter the following in nslookup:
Code:
mydomain.com
mydomain.com will be the name of your domain. Make a note of the IP it is showing for this domain name. Then enter:
Code:
mail.mydomain.com
mail.mydomain.com will be the name of your mail server's FQDN. Make a note of this IP as well. Now type the IP address:
Code:
ip_address_of_mydomain.com
Check if it resolves to the correct hostname. Then:
Code:
ip_address_of_mail.mydomain.com
Check if it resolves to the correct hostname.
Another question. Is this a new setup or you did some tweaking that broke the system?
The setup is neither. I set it up according to the instructions I had and it didn't work (specifically, I got the relay access denied error). I then spotted some incomplete areas and fixed those, but am still getting the relay access denied error.
I know this is a very old thread, and I am sorry for reviving it, but did this ever get solved? I am having the same problem. I have 2 domains for this mail server - one that actually receives it on the server and the other is a forward all mail to domain to a user on another domain. I have the one that receives the mail on the server working but I get relay access denied on the forward domain. I saw a thread that said it was because mydestination had the domain for forwarding in it, but removing it didn't help.
Distribution: openSUSE, Raspbian, Slackware. Previous: MacOS, Red Hat, Coherent, Consensys SVR4.2, Tru64, Solaris
Posts: 2,803
Rep:
Quote:
Originally Posted by ipprograms
I know this is a very old thread, and I am sorry for reviving it, but did this ever get solved? I am having the same problem.
And I will also apologize for exhuming this thread but it isn't marked as "solved".
I'm having the same problem BUT... only when I attempt to send mail from a computer on the LAN that is NOT the mail server. For what it's worth, my troubles began after a hardware failure took out the local DNS server. Migrating the named tables from the backups onto a replacement system was problematic as there was a significant difference on OS and Bind versions between the failed system and the replacement. That has me thinking it might be related to some syntax difference between the named config files that causing something mail-related to act in an unexpected way. But I am able to send out email from the mail server so... And the current DNS/Postfix setup hasn't broken my ability to receive mail at all.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.