Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 11th September 2008, 17:50
blocker blocker is offline
Senior Member
 
Join Date: Mar 2008
Posts: 178
Thanks: 9
Thanked 4 Times in 4 Posts
Default postfix relay access denied

Hello,

i have a new mailserver based on postfix.
A little problem occurs. Existing users get "relay access denied" when sending mails from outside, when using localhost (webmail) there is no problem. If i add users IP in mynetworks it works also from outside, but this is not a comfortable solution for me. I would like my users to be able to send mails using my smtp from all over the world.
Here is my main.conf

Code:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
inet_interfaces = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
message_size_limit = 20480000
mydestination = server.domain.com, localhost.domain.com, localhost
mydomain = server.domain.com
myhostname = server.domain.com
mynetworks = 127.0.0.0/8
myorigin = server.domain.com
recipient_delimiter = +
relay_domains = proxy:mysql:/etc/postfix/mysql_relay_domains_maps.cf
relayhost = 
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_hard_error_limit = 10
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_hostname
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unlisted_recipient, check_recipient_access hash:/etc/postfix/reject_over_quota, check_sender_access hash:/etc/postfix/rbl_sender_exceptions, check_client_access hash:/etc/postfix/rbl_client_exceptions, check_recipient_access hash:/etc/postfix/rbl_recipient_exceptions, reject_rbl_client sbl-xbl.spamhaus.org, check_recipient_access hash:/etc/postfix/greylist_sender_exceptions, check_client_access cidr:/etc/postfix/cidr_greylist_network_exceptions, check_policy_service inet:127.0.0.1:12525, check_client_access pcre:/etc/postfix/check_client_fqdn
smtpd_restriction_classes = check_greylist
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access, reject_non_fqdn_sender, reject_unknown_sender_domain
smtpd_soft_error_limit = 8
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.server.pem
smtpd_tls_cert_file = /etc/postfix/ssl/cert.server.pem
smtpd_tls_key_file = /etc/postfix/ssl/privkey.server.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = hash:/etc/postfix/transport
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf, hash:/etc/postfix/virtual
virtual_gid_maps = static:6060
virtual_mailbox_base = /var/vmail/
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 6060
virtual_transport = maildrop
virtual_uid_maps = static:6060
any ideas what i am missing?

Thanks!

Last edited by blocker; 12th September 2008 at 20:54.
Reply With Quote
Sponsored Links
  #2  
Old 12th September 2008, 19:01
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts
Default

You must enable "Server requires authentication" in your email client.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 12th September 2008, 21:02
blocker blocker is offline
Senior Member
 
Join Date: Mar 2008
Posts: 178
Thanks: 9
Thanked 4 Times in 4 Posts
Default

Hi Falko,

thanks for your reply, enabling authentification in my mail client was the first thing i have done. I myself am using mozilla thunderbird under linux - under "Edit" / "Account Settings" / "Outgoing Server" i have added the mailserver and checked the "Use name and password" - of course i have added an existing username... but when trying to send mail using this smtp server i get "Relay access denied".... users using outlook are reporting the same problem...
I suppose i am missing some option in the postfix config. Adding the client's IP to mynetworks is doing the job...

Thanks
Reply With Quote
  #4  
Old 12th September 2008, 22:17
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,012
Thanks: 840
Thanked 5,651 Times in 4,461 Posts
Default

You will have to configure sasl so that it authenticaes against your mysql database. For the details, have a look at falkos postfix virtual user setup howto. He has written the howto for several linux distributions.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 15th October 2008, 13:01
_X_ _X_ is offline
Senior Member
 
Join Date: Oct 2008
Posts: 247
Thanks: 8
Thanked 37 Times in 35 Posts
Default

if installed server was done with:
The Perfect Server - Ubuntu Hardy Heron (Ubuntu 8.04 LTS Server)
and ISPConfig after that
do i need to do:
Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Ubuntu 8.04 LTS)
Reply With Quote
  #6  
Old 15th October 2008, 13:04
blocker blocker is offline
Senior Member
 
Join Date: Mar 2008
Posts: 178
Thanks: 9
Thanked 4 Times in 4 Posts
Default

no, ispconfig has its own mailsystem...

Quote:
Originally Posted by _X_ View Post
if installed server was done with:
The Perfect Server - Ubuntu Hardy Heron (Ubuntu 8.04 LTS Server)
and ISPConfig after that
do i need to do:
Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Ubuntu 8.04 LTS)
Reply With Quote
The Following User Says Thank You to blocker For This Useful Post:
_X_ (15th October 2008)
  #7  
Old 16th October 2008, 15:23
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts
 
Default

Quote:
Originally Posted by _X_ View Post
do i need to do:
Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Ubuntu 8.04 LTS)
That setup is incompatible with ISPConfig.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Undelivered Mail Returned to Sender Error202 General 5 7th May 2009 12:14
localhost postfix/master: fatal: bind 127.0.0.1 port 125: Permission denied g18c Installation/Configuration 4 24th March 2009 18:39
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 16:47
Verify email setup meekish Installation/Configuration 28 27th October 2006 16:36
Questions in regards to ISP-Server Setup - Ubuntu 5.10 "Breezy Badger" rbrantley HOWTO-Related Questions 16 10th April 2006 19:26


All times are GMT +2. The time now is 18:01.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.