Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 18th June 2007, 16:58
Rasputin Rasputin is offline
Junior Member
 
Join Date: Aug 2006
Location: Germany
Posts: 12
Thanks: 2
Thanked 0 Times in 0 Posts
Default Postfix: Relay Access Denied after change of postfix_config in config.inc.php

I have a proper installation of Ispconfig v2.2.9 (I know that there is a higher release available, but I didn't find something in the release notes that is associated with this issue).

In order to solve the problem described in this topic http://www.howtoforge.com/forums/arc...hp/t-3841.html I changed the postfix_config parameter in the config.inc.php to the POSTFIX-STYLE
Code:
$go_info["server"]["postfix_config"] = 2; // 1 = SENDMAIL-STYLE, 2 = POSTFIX-STYLE
After Ispconfig recreated the files local-host-names and virtusertable and also made some changes to the main.cf of postfix it was not possible to receive email anymore.
The log shows the following error message:
Code:
 postfix/smtpd[27960]: NOQUEUE: reject: RCPT from mail.gmx.net[213.165.64.20]: 554 <julian@***.de>: Relay access denied; from=<Julian.H***@***.de> to=<julian@***.de> proto=SMTP helo=<mail.gmx.net>
If I reset the postfix_config to the SENDMAIL-STYLE then everything will work fine.

So does anyone have an idea of what is going wrong here?

local-host-names:
Code:
###################################
#
# ISPConfig local-host-names Configuration File
#         Version 1.0
#
###################################
localhost
cdlg.site
localhost.cdlg.site
localhost.site
#### MAKE MANUAL ENTRIES BELOW THIS LINE! ####
static.***.clients.your-server.de
localhost.***.clients.your-server.de
virtusertable (small section only):
Code:
###################################
#
# ISPConfig virtusertable Configuration File
#         Version 1.0
#
###################################
***.de    VIRTUALDOMAIN
webmaster@***.de    web3_heder
julian@***.de    web3_heder
postconf -n:
Code:
alias_maps = hash:/etc/aliases
biff = no
broken_sasl_auth_clients = yes
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
defer_transports =
disable_dns_lookups = no
disable_mime_output_conversion = no
html_directory = /usr/share/doc/packages/postfix/html
inet_interfaces = all
inet_protocols = all
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_command =
mailbox_size_limit = 0
mailbox_transport =
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains =
masquerade_exceptions = root
message_size_limit = 20480000
mydestination = /etc/postfix/local-host-names
mydomain = ***.clients.your-server.de
myhostname = static.***.clients.your-server.de
mynetworks_style = subnet
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/packages/postfix/README_FILES
relayhost =
relocated_maps = hash:/etc/postfix/relocated
sample_directory = /usr/share/doc/packages/postfix/samples
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtp_sasl_auth_enable = no
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_client_restrictions =
smtpd_helo_required = no
smtpd_helo_restrictions =
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
strict_8bitmime = no
strict_rfc821_envelopes = no
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_domains = hash:/etc/postfix/virtual
Thanks for help.

EDIT: Parts of domain names removed (***) to avoid further spam attacks

Last edited by Rasputin; 14th November 2007 at 19:02.
Reply With Quote
Sponsored Links
  #2  
Old 19th June 2007, 09:56
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,483
Thanks: 813
Thanked 5,255 Times in 4,121 Posts
Default

The virtusertable file is not included in your setup. Please remove the line:

virtual_alias_domains = hash:/etc/postfix/virtual

and add the line:

virtual_maps = hash:/etc/postfix/virtusertable

in the file /etc/postfix/main.cf
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 19th June 2007, 11:09
Rasputin Rasputin is offline
Junior Member
 
Join Date: Aug 2006
Location: Germany
Posts: 12
Thanks: 2
Thanked 0 Times in 0 Posts
Default

The line

virtual_maps = hash:/etc/postfix/virtusertable

is included in the main.cf but not shown by the "postconf -n" command. That is probably because virtual_maps has been replaced by virtual_alias_domains and virtual_alias_maps in Postfix 2.0. (http://www.postfix.org/postconf.5.html#virtual_maps)


But I try to remove the line

virtual_alias_domains = hash:/etc/postfix/virtual

as it could make difficulties according to the issue described above.



I will report if it works, thanks for now.

EDIT: removed typing error.

Last edited by Rasputin; 19th June 2007 at 11:26.
Reply With Quote
  #4  
Old 19th June 2007, 11:15
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,483
Thanks: 813
Thanked 5,255 Times in 4,121 Posts
Default

Postconf -d says nothing about your current configuration, you must check with postconf -n.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 19th June 2007, 11:24
Rasputin Rasputin is offline
Junior Member
 
Join Date: Aug 2006
Location: Germany
Posts: 12
Thanks: 2
Thanked 0 Times in 0 Posts
Default

I typed it wrong, I meant "postconf -n", sorry.
Reply With Quote
  #6  
Old 19th June 2007, 14:06
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Please comment out the virtual_alias_domains line, restart Postfix, and post the output of
Code:
postconf -n
again.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 19th June 2007, 16:18
Rasputin Rasputin is offline
Junior Member
 
Join Date: Aug 2006
Location: Germany
Posts: 12
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Okay, the problem with the error message "Relay Access Denied" seems to be solved now by commenting out the line

virtual_alias_domains = hash:/etc/postfix/virtual

postconf -n
Code:
alias_maps = hash:/etc/aliases
biff = no
broken_sasl_auth_clients = yes
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
defer_transports =
disable_dns_lookups = no
disable_mime_output_conversion = no
html_directory = /usr/share/doc/packages/postfix/html
inet_interfaces = all
inet_protocols = all
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_command =
mailbox_size_limit = 0
mailbox_transport =
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains =
masquerade_exceptions = root
message_size_limit = 20480000
mydestination = /etc/postfix/local-host-names
mydomain = 88-198-40-9.clients.your-server.de
myhostname = static.88-198-40-9.clients.your-server.de
mynetworks_style = subnet
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/packages/postfix/README_FILES
relayhost =
relocated_maps = hash:/etc/postfix/relocated
sample_directory = /usr/share/doc/packages/postfix/samples
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtp_sasl_auth_enable = no
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_client_restrictions =
smtpd_helo_required = no
smtpd_helo_restrictions =
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
strict_8bitmime = no
strict_rfc821_envelopes = no
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
When using the sendmail-style the parameters virtual_alias_domains and virtual_alias_maps are irrelevant because there is only local mapping used with the domains (mydestination = /etc/postfix/local-host-names) and the email-adresses (virtual_maps = /etc/postfix/virtusertable).
So it does'nt lead to a problem if the virtual_alias_maps or virtual_alias_domains is specified.

As the postfix-style removes the domains from the local-host-names and adds them to the virtusertable it becomes a problem if there is defined a virtual_alias_maps or a virtual_alias_domain.
The default value of virtual_alias_domain is virtual_alias_maps that again has the default value $virtual_maps. Therefore the virtusertable is only used if this parameters don't have a different setting.

The best solution from my point of view would be if Ispconfig comments out this parameters in the main.cf as they aren't used in any case.

-------------------------------------------------------------------

After the change above I was faced with the next error message:

Code:
postfix/smtp[30194]: 53E82318005: to=<admispconfig@localhost.localdomain>, relay=none, delay=0, status=bounced (Host or domain name not found. Name service error for name=localhost.localdomain type=AAAA: Host not found)
As you can see in the first post of the thread the localhost.localdomain is missing in the local-host-names.
When using the sendmail-style this entry is automatically set by Ispconfig but with the postfix-style obviously not.
That seems to be a bug even though it is no effort to add this entry manually.


Anyway, all is working fine now, thanks for your help!

Rasputin
Reply With Quote
  #8  
Old 20th June 2007, 14:57
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Quote:
Originally Posted by Rasputin
After the change above I was faced with the next error message:

Code:
postfix/smtp[30194]: 53E82318005: to=<admispconfig@localhost.localdomain>, relay=none, delay=0, status=bounced (Host or domain name not found. Name service error for name=localhost.localdomain type=AAAA: Host not found)
Please make sure that localhost.localdomain is listed in /etc/hosts.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #9  
Old 20th June 2007, 18:24
Rasputin Rasputin is offline
Junior Member
 
Join Date: Aug 2006
Location: Germany
Posts: 12
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Currently the entry localhost.localdomain is not listed in the /etc/hosts.

Is this change necessary even though it works by adding it manually to the local-host-names?

Why does Ispconfig automatically add this entry when using the sendmail style but not if using the postfix style?
Reply With Quote
  #10  
Old 21st June 2007, 16:50
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
 
Default

Quote:
Originally Posted by Rasputin
Currently the entry localhost.localdomain is not listed in the /etc/hosts.

Is this change necessary even though it works by adding it manually to the local-host-names?
I'd always add localhost.localdomain to the 127.0.0.1 line in /etc/hosts.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
postfix Relay access denied Jshel Installation/Configuration 4 30th March 2007 05:15
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47
Verify email setup meekish Installation/Configuration 28 27th October 2006 15:36
Questions in regards to ISP-Server Setup - Ubuntu 5.10 "Breezy Badger" rbrantley HOWTO-Related Questions 16 10th April 2006 18:26
Bug? (postfix refuses mail, relay access denied) st2xo General 2 31st January 2006 16:00


All times are GMT +2. The time now is 09:50.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.