HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   Postfix 554 relay access denied (http://www.howtoforge.com/forums/showthread.php?t=55720)

mcevoli 11th January 2012 15:58

Postfix 554 relay access denied
 
Hello, I'm new here!

I know it's a quite common problem, but every thing I read around the net didn't work for me :(

So I explain:
I have a centos server with virtual domains. When I send an email, it works successfully only for local domains.
When I try external domain I get the 554 relay access denied error.

The authentication works, I think, because if I connect via telnet and do an auth plain <my base64 encoded>, I get authentication successful.

My maillog file:
------
postfix/smtpd[12834]: NOQUEUE: reject:RCPT from hostxx-xxx-dynamic.xx-xx-r.retail.telecomitalia.it[xx.xx.xx.xx]: 554 5.7.1 <me@gmail.com>: Relay access denied; from=<me@mydomain.com> to=<me@gmail.com> proto=ESMTP helo=<Inbox>
-------


Here my postconf -n:
--------
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
body_checks = regexp:/etc/postfix/body_checks
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
header_checks = regexp:/etc/postfix/header_checks
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
local_recipient_maps =
mail_owner = postfix
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 0
mime_header_checks = regexp:/etc/postfix/mime_header_checks
mydestination = server1.domain.it, localhost, localhost.localdomain
myhostname = server1.domain.it
mynetworks = 127.0.0.0/8 [::1]/128
nested_header_checks = regexp:/etc/postfix/nested_header_checks
newaliases_path = /usr/bin/newaliases.postfix
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
receive_override_options = no_address_mappings
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
relayhost =
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_security_level = may
smtpd_use_tls = yes
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_transport = dovecot
virtual_uid_maps = static:5000
-------------------------------

Thank you for your help in advance :)

Marco.

till 11th January 2012 16:05

Which exact ISPConfig version do you use?

mcevoli 11th January 2012 16:42

Quote:

Originally Posted by till (Post 271252)
Which exact ISPConfig version do you use?

I use ISPConfig 3.0.3.2

I forgot to mention that if I send an email via roundcube webmail it works.

till 11th January 2012 17:05

Please check the smtp settings in your email client and ensure that smtp authentication is enabled. According to the log line above, the email client did not authenticate itself before he tried to send the email. The smtp authentication details are the same then the pop3/imap login details.

mcevoli 11th January 2012 17:18

Quote:

Originally Posted by till (Post 271259)
Please check the smtp settings in your email client and ensure that smtp authentication is enabled. According to the log line above, the email client did not authenticate itself before he tried to send the email. The smtp authentication details are the same then the pop3/imap login details.

Authentication is enabled and uses the same details.

Look at telnet:
-------------
220 server1.domain.it ESMTP Postfix
ehlo localhost
250-server1.domain.it
250-PIPELINING
250-SIZE
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

mail from: test@domain.it
250 2.1.0 Ok
auth plain AHRlc3RAY2lhZxxxxxxxxmkuaXQAY2lhZmZvdGVzMTE=
235 2.0.0 Authentication successful
rcpt to: mymail@gmail.com
554 5.7.1 <mymail@gmail.com>: Relay access denied
---------------

falko 12th January 2012 22:20

Please check if your server is blacklisted: http://mxtoolbox.com/blacklists.aspx

mcevoli 13th January 2012 09:30

Quote:

Originally Posted by falko (Post 271322)
Please check if your server is blacklisted: http://mxtoolbox.com/blacklists.aspx

I checked it. I'm not blacklisted: I have all green OK dots.

mcevoli 16th January 2012 14:11

So any idea?

mcevoli 1st February 2012 12:41

I think it's an issue due to connection outside the network from remote client, because the webmail works ok.

Anyone had the same issue?

mcevoli 1st February 2012 13:06

I RESOLVED THE ISSUE! :)

For everyone having the same issue:
In my confguration file main.cf the following line was commented:

smtpd_recipient_restrictions = permit_sasl_authenticated

I uncommented it and now it seems working
Thanks.


All times are GMT +2. The time now is 18:19.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.