Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 3rd December 2007, 08:17
tkaman2 tkaman2 is offline
Junior Member
 
Join Date: Nov 2007
Posts: 18
Thanks: 0
Thanked 0 Times in 0 Posts
Question relay access denied with virtual emails setup in mysql

Hi, I followed the following tutorial on how to configure postfix to use quotas and virtual email aliases read from a mysql database.
http://www.howtoforge.com/fedora_vir..._quota_courier

I can receive emails fine from any email alias I set up in the mysql database but when I try to send I receive an error that relay access is denied. I read through other threads on this site and enabled the outgoing server authentication with some luck. That fixes the problem if I create a user/pw on my machine for each virtual alias I want to send email from (ie I can send from davet@mydomain.com if I create a user account davet, but without a davet user acct on my machine it can't log in to authenticate outgoing email.)

If I host multiple domains email on my machine I will likely run into problems with having the same alias at multiple domains, such as support@domain1.com and support@domain2.com because each will set their own password but I will only be able to create one user called support on my box. How can I enable relay access or authentication via the mysql database rather than having it use system accounts? It is doing that for incoming email, just not outgoing. Thanks!

Dave
Reply With Quote
Sponsored Links
  #2  
Old 3rd December 2007, 09:03
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,811
Thanks: 821
Thanked 5,339 Times in 4,188 Posts
Default

The howto uses the mysql database to authenticate, so your username is support@domain1.com or support@domain2.com and not just support, so you dont get any problems with duplicate usernames.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 3rd December 2007, 18:24
tkaman2 tkaman2 is offline
Junior Member
 
Join Date: Nov 2007
Posts: 18
Thanks: 0
Thanked 0 Times in 0 Posts
Default

For some reason it is only using MySQL to authenticate for incoming email, not outgoing. I'll go through the how-to again and make sure I didn't miss anything. Any other suggestions are greatly appreciated. Thanks
Reply With Quote
  #4  
Old 3rd December 2007, 20:36
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,811
Thanks: 821
Thanked 5,339 Times in 4,188 Posts
Default

Please post the content of the postfix main.cf file, comments stripped.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 3rd December 2007, 20:47
tkaman2 tkaman2 is offline
Junior Member
 
Join Date: Nov 2007
Posts: 18
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I posted the non-commented lines below. I changed my domain name with [mydomain].

contents of /etc/postfix/main.cf
-------------------------------------
queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/libexec/postfix

mail_owner = postfix

inet_interfaces = all

mydestination = www.[mydomain].com, localhost, localhost.localdomain
unknown_local_recipient_reject_code = 550

mynetworks_style = class
relay_domains = $mydestination

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2

debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail.postfix

newaliases_path = /usr/bin/newaliases.postfix

mailq_path = /usr/bin/mailq.postfix

setgid_group = postdrop

html_directory = no

manpage_directory = /usr/share/man

sample_directory = /usr/share/doc/postfix-2.4.5/samples

readme_directory = /usr/share/doc/postfix-2.4.5/README_FILES
myhostname = www.[mydomain].com
mynetworks = 127.0.0.0/8
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
transport_maps = mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtpd_sasl_authenticated_header = yes
Reply With Quote
  #6  
Old 4th December 2007, 20:22
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
Default

Are there any errors in your mail log?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 5th December 2007, 01:01
tkaman2 tkaman2 is offline
Junior Member
 
Join Date: Nov 2007
Posts: 18
Thanks: 0
Thanked 0 Times in 0 Posts
Smile

I removed the user account (not database account) for billing and tried to send an email from billing@mydomain.com and below is what was added to my maillog.

Dec 4 15:55:19 hosting postfix/smtpd[13786]: connect from unknown[10.1.10.85]
Dec 4 15:55:21 hosting postfix/smtpd[13786]: warning: unknown[10.1.10.85]: SASL LOGIN authentication failed: authentication failure
Dec 4 15:55:21 hosting postfix/smtpd[13786]: lost connection after AUTH from unknown[10.1.10.85]
Dec 4 15:55:21 hosting postfix/smtpd[13786]: disconnect from unknown[10.1.10.85]


Outlook Express (I did check the box that my outgoing mail server requires authentication) prompts me for my username and password for my outgoing mail server because authentication keeps failing. I am entering billing@mydomain.com for the username and the password that is in the database. For authentication on my outgoing mail server I selected the option to use the same information my incoming mail server uses. If you have any ideas what is wrong I would greatly appreciate any suggestions. Thanks!
Reply With Quote
  #8  
Old 5th December 2007, 14:49
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
Default

What's in /usr/lib/sasl2/smtpd.conf?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #9  
Old 5th December 2007, 18:05
tkaman2 tkaman2 is offline
Junior Member
 
Join Date: Nov 2007
Posts: 18
Thanks: 0
Thanked 0 Times in 0 Posts
Default

contents of /usr/lib/sasl2/smtpd.conf
------------------------------------------

pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/spool/authdaemon/socket
Reply With Quote
  #10  
Old 6th December 2007, 15:42
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
 
Default

Looks ok. What's the output of
Code:
uname -a
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Relay access denied when using SMTP to external recipients Kamran Shah Installation/Configuration 111 14th May 2014 18:10
Postfix: 554 5.7.1 Relay access denied Crog Server Operation 4 26th March 2010 14:19
Postfix with MySQL backend - Relay access denied klonos HOWTO-Related Questions 2 4th May 2007 19:55
Questions in regards to ISP-Server Setup - Ubuntu 5.10 "Breezy Badger" rbrantley HOWTO-Related Questions 16 10th April 2006 18:26
Relay access denied KamiTsunami Server Operation 6 7th March 2006 10:25


All times are GMT +2. The time now is 14:48.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.