HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   Relay Access Denied (http://www.howtoforge.com/forums/showthread.php?t=41866)

bexhill 15th December 2009 22:55

Relay Access Denied
 
Hi,
Just setup The Perfect Server - CentOS 5.4 x86_64 [ISPConfig 3] with mostly no issues and must congratulate Falco for doing that.
However, I'm having what seems to be a common issue with Postfix and after trawling thru cannot find a solution that will work for me.
I can send an email using Outlook Express to an internal email address but cannot send one to gmail as I get the following:


The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was 'user1@gmail.com'. Subject 'test', Account: 'mail.internal.account', Server: 'server.internal.account', Protocol: SMTP, Server Response: '554 5.7.1 <user1@gmail.com>: Relay access denied', Port: 25, Secure(SSL): No, Server Error: 554, Error Number: 0x800CCC79

My main.cf is as follows:

Code:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = internal.account
myhostname = server.internal.account
mynetworks = 127.0.0.0/8, internal.accountIP/32
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
relay_domains = $mydomain
relayhost =
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, reject_non_fqdn_recipient
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions =
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550

My /etc/postfix/transport file is as follows:

Code:

*                smtp:mail.internal.account
My master.cf is as follows:

Code:

# service type  private unpriv  chroot  wakeup  maxproc command + args
#              (yes)  (yes)  (yes)  (never) (100)
# ==========================================================================
smtp      inet  n      -      n      -      -      smtpd
#submission inet n      -      n      -      -      smtpd
#  -o smtpd_enforce_tls=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
smtps    inet  n      -      n      -      -      smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628      inet  n      -      n      -      -      qmqpd
pickup    fifo  n      -      n      60      1      pickup
cleanup  unix  n      -      n      -      0      cleanup
qmgr      fifo  n      -      n      300    1      qmgr
#qmgr    fifo  n      -      n      300    1      oqmgr
tlsmgr    unix  -      -      n      1000?  1      tlsmgr
rewrite  unix  -      -      n      -      -      trivial-rewrite
bounce    unix  -      -      n      -      0      bounce
defer    unix  -      -      n      -      0      bounce
trace    unix  -      -      n      -      0      bounce
verify    unix  -      -      n      -      1      verify
flush    unix  n      -      n      1000?  0      flush
proxymap  unix  -      -      n      -      -      proxymap
smtp      unix  -      -      n      -      -      smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay    unix  -      -      n      -      -      smtp
        -o fallback_relay=
#      -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq    unix  n      -      n      -      -      showq
error    unix  -      -      n      -      -      error
discard  unix  -      -      n      -      -      discard
local    unix  -      n      n      -      -      local
virtual  unix  -      n      n      -      -      virtual
lmtp      unix  -      -      n      -      -      lmtp
anvil    unix  -      -      n      -      1      anvil
scache    unix  -      -      n      -      1      scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -      n      n      -      -      pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix  -      n      n      -      -      pipe
  flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user
}
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
cyrus    unix  -      n      n      -      -      pipe
  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} $
{user}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -      n      n      -      -      pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -      n      n      -      -      pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp    unix  -      n      n      -      -      pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient


Many thanks in advance.
bEXHiLL.

bexhill 15th December 2009 23:07

Relay Access Denied.
 
I just tried removing:

reject_unauth_destination, reject_non_fqdn_recipient

to leave me with:

smtpd_recipient_restrictions = permit_mynetworks

and now the message sending just hangs, sits there and eventually times out whilst trying to connect to the mail server.

I must point out that I'm trying to set this up so that we can have all mail leave thru this Centos box via the smtp server before going through the firewall.

Regards.

topdog 16th December 2009 07:50

you have misconfigured your server, you are allowing only the mail server itself to relay mail.

To be able to relay mail from your other machines, you need to add your subnet to mynetworks

bexhill 17th December 2009 00:01

Thanks!
 
Top dog...I knew it would be something simple.

Thank you for showing me the way!!!!

bEXHiLL


All times are GMT +2. The time now is 14:24.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.