Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 14th July 2008, 16:05
williamp0044 williamp0044 is offline
Junior Member
 
Join Date: Jun 2006
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default Postfix issue: Relay access denied

I've browsed this forum endlessly and read countless posts and I cannot figure how to fix the problem. My postfix is setup step by step based on the ISPConfig setup for Hardy Ubuntu.
The issue is that when I try to send emails to the users in postfix i get a Delivery Status Notification (Failure). It states:
Quote:
PERM_FAILURE: Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 554 554 5.7.1 <pwilliams@mydomain.com>: Recipient address rejected: Relay access denied (state 14).
When I send a email from the postfix module on the server, I am able to successfully send out emails. Except the email that gets sent out is from the user web2_pwilliams@server.mydomain.com. And when I try to reply to that email I do not immediately get a Delivery Status Notification.....
Hours later I received this:
Quote:
<web2_pwilliams@server.mydomain.com>... Deferred: Name server: server.mydomain.com.: host name lookup failure
Warning: message still undelivered after 8 hours
Will keep trying until message is 5 days old
Reporting-MTA: dns; mx3.nyu.edu
Arrival-Date: Sun, 13 Jul 2008 19:32:29 -0400 (EDT)

Final-Recipient: RFC822; web2_pwilliams@server.mydomain.com
Action: delayed
Status: 4.2.0
Remote-MTA: DNS; horus.pandinc.com
Last-Attempt-Date: Mon, 14 Jul 2008 03:45:49 -0400 (EDT)
Will-Retry-Until: Fri, 18 Jul 2008 19:32:29 -0400 (EDT)
This is my main.cf:
Quote:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = server.mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = server.mydomain.com, mail.mydomain.com, localhost.mydomain.com, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command =
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject _unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
Also I cannot log in as any of the users via squirrelmail or roundcube.

Anyone have any suggestions? Thanks in advance.

Last edited by williamp0044; 14th July 2008 at 16:19.
Reply With Quote
Sponsored Links
  #2  
Old 15th July 2008, 16:12
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,739 Times in 2,574 Posts
Default

Please create an A record for server.mydomain.com.
Also make sure that you use "Server requires authentication" in your email client and that your server is not blacklisted: http://mxtoolbox.com/blacklists.aspx
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 15th July 2008, 20:30
williamp0044 williamp0044 is offline
Junior Member
 
Join Date: Jun 2006
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default

So apparently the IP is blacklisted:
Quote:
We notice you are on a blacklist. Click here for some suggestions.

Checking 68.198.172.150 against 123 known blacklists...
Listed: 16 time(s)
Timeouts:33
I filled out the info from that site to get some suggestions but they only seem to be pushing their services.

Any suggestions? I do not SPAM so i cant even begin to imagine how i've been blacklisted.
Reply With Quote
  #4  
Old 16th July 2008, 17:33
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,739 Times in 2,574 Posts
Default

Are you on a dynamic IP address? Most dynamic IP addresses are blacklisted, and there's nothing you can do about it (except this: http://www.howtoforge.com/postfix_re...her_mailserver ).
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 5th October 2008, 21:34
justsam justsam is offline
Junior Member
 
Join Date: Oct 2008
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I am getting the exact same error, I am able to send emails but not receive any. I checked and my ip address is not blacklisted.

I am creating the domain hoodiasuperstore.com, with email info@hoodiasuperstore.com this is what is returned when I send an email.

Code:
This is an automatically generated Delivery Status Notification

Delivery to the following recipient failed permanently:

    info@hoodiasuperstore.com

Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 554 554 5.7.1 <info@hoodiasuperstore.com>: Relay access denied (state 14).

  ----- Original message -----

Received: by 10.114.208.20 with SMTP id f20mr4409189wag.144.1223234469410;
       Sun, 05 Oct 2008 12:21:09 -0700 (PDT)
Received: by 10.114.144.4 with HTTP; Sun, 5 Oct 2008 12:21:09 -0700 (PDT)
Message-ID: <30f3cde0810051221p65fb4da5pc179fc4fdf57458f@mail.gmail.com>
Date: Sun, 5 Oct 2008 15:21:09 -0400
From: "JRivera" <jr@domain.tld> <- REMOVED EMAIL
To: "Hoodia Info" <info@hoodiasuperstore.com>
Subject: This is a test
MIME-Version: 1.0
Content-Type: multipart/alternative;
       boundary="----=_Part_34129_12369833.1223234469383"

------=_Part_34129_12369833.1223234469383
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

This is a test message

------=_Part_34129_12369833.1223234469383
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit

  ----- Message truncated -----
:/etc/postfix/main.cf
Code:
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
mynetworks = 127.0.0.0/8
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
myhostname = www.itruk.com
:/etc/postfix/local-host-names
Code:
localhost
www.itruk.com
localhost.www.itruk.com
localhost.itruk.com
localhost.localdomain
www.hoodiasuperstore.com
hoodiasuperstore.com
ftp.hoodiasuperstore.com
[root@www jrivera]# dig mail.hoodiasuperstore.com
Code:
; <<>> DiG 9.3.4-P1 <<>> mail.hoodiasuperstore.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47657
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;mail.hoodiasuperstore.com.     IN      A

;; ANSWER SECTION:
mail.hoodiasuperstore.com. 86400 IN     A       64.139.216.4

;; AUTHORITY SECTION:
hoodiasuperstore.com.   86400   IN      NS      ns1.itruk.com.
hoodiasuperstore.com.   86400   IN      NS      ns2.itruk.com.

;; ADDITIONAL SECTION:
ns1.itruk.com.          86400   IN      A       64.139.216.4
ns2.itruk.com.          86400   IN      A       64.139.192.90

;; Query time: 0 msec
;; SERVER: 64.139.216.4#53(64.139.216.4)
;; WHEN: Sun Oct  5 15:48:18 2008
;; MSG SIZE  rcvd: 133

[root@www jrivera]#
:/var/log/maillog
Code:
Oct  5 16:02:55 www1 dovecot: imap-login: Login: user=<adm_sviera>, method=PLAIN, rip=::ffff:127.0.0.1, lip=::ffff:127.0.0.1, secured
Oct  5 16:02:55 www1 dovecot: IMAP(adm_sviera): Disconnected: Logged out
Oct  5 16:03:04 www1 postfix/smtpd[21292]: connect from rv-out-0506.google.com[209.85.198.236]
Oct  5 16:03:04 www1 postfix/smtpd[21292]: NOQUEUE: reject: RCPT from rv-out-0506.google.com[209.85.198.236]: 554 5.7.1 <info@hoodiasuperstore.com>: Relay ac$
Oct  5 16:03:04 www1 postfix/smtpd[21292]: disconnect from rv-out-0506.google.com[209.85.198.236]

Last edited by justsam; 5th October 2008 at 22:05.
Reply With Quote
  #6  
Old 6th October 2008, 15:31
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,739 Times in 2,574 Posts
Default

Are you using ISPConfig? If so, run
Code:
postconf -e 'virtual_maps = hash:/etc/postfix/virtusertable'
postconf -e 'mydestination = /etc/postfix/local-host-names'
and restart Postfix.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
Ghostfly (26th November 2012)
  #7  
Old 26th November 2012, 13:19
Ghostfly Ghostfly is offline
Junior Member
 
Join Date: Nov 2012
Posts: 1
Thanks: 1
Thanked 0 Times in 0 Posts
 
Default

I have the same problem, and I have ISPConfig 3.0.3.3 !

I try to do what Falko says, and now my ISPConfig can't start the SMTP Service and my problem (Access Denied) is also here ...

Postfix seems to work, and restart correctly but Emails are not sended or received ...

So, what can I do ?

I do a dpkg-reconfigure postfix, now I have like before, mails are sended but I can't receive anything ... (Client host rejected: Access denied (state 13).)

I have edited my master.cf and now it works like a charm ! ^^

Thanks

Last edited by Ghostfly; 26th November 2012 at 13:35.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix: 554 5.7.1 Relay access denied Crog Server Operation 4 26th March 2010 14:19
postfix 554 Relay access denied ratcateme Server Operation 1 29th May 2008 18:52
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47
Verify email setup meekish Installation/Configuration 28 27th October 2006 15:36
Questions in regards to ISP-Server Setup - Ubuntu 5.10 "Breezy Badger" rbrantley HOWTO-Related Questions 16 10th April 2006 18:26


All times are GMT +2. The time now is 02:55.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.