Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 14th October 2008, 16:52
_X_ _X_ is offline
Senior Member
 
Join Date: Oct 2008
Posts: 247
Thanks: 8
Thanked 37 Times in 35 Posts
Default Mail: Relay access denied

***SOLVED***

everything is done according to:
The Perfect Server - Ubuntu Hardy Heron (Ubuntu 8.04 LTS Server)

Client can receive mail but cannot send mail with error:
The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was 'xxxxx@hotmail.com'. Subject 'test', Account: 'user1', Server: 'mail.user1.com', Protocol: SMTP, Server Response: '554 5.7.1 <xxxx@hotmail.com>: Relay access denied', Port: 25, Secure(SSL): No, Server Error: 554, Error Number: 0x800CCC79

Authentication is enabled.

In mail.log:
server1 postfix/smtpd[25684]: NOQUEUE: reject: RCPT from unknown[xxx.xxx.xxx.xxx]: 554 5.7.1 <xxxx@hotmail.com>: Relay access denied; from=<user1@user1.com> to=<xxxx@hotmail.com> proto=ESMTP helo=<HOME>

In local-host-names:
localhost
domain.info
localhost.domain.info
localhost.info
localhost.localdomain
www.user1.com
user1.com
webmail.user1.com
#### MAKE MANUAL ENTRIES BELOW THIS LINE! ####

In virtualusertable exists:
user1@www.user1.com user1
user1@user1.com user1
user1@webmail.user1.com user1

In Main.cf
smtpd_banner = $myhostname ESMTP $mail_name
biff = no
append_dot_mydomain = no
readme_directory = no
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
myhostname = server1.info
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipients_restrictions = permit_sasl_authenticated,permit_mynetworks,reject _unauth_destination
---------------^^ - smtpd_recipient_restrictions should be here
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
virtual_maps = hash:/etc/postfix/virtusertable
mydestination = /etc/postfix/local-host-names

dig mx domain.info:
;; QUESTION SECTION:
;domain.info. IN MX
;; ANSWER SECTION:
domain.info. 300 IN MX 10 mail.domain.info.

dig domain.info
;; QUESTION SECTION:
;domain.info. IN A
;; ANSWER SECTION:
domain.info. 300 IN A xxx.xxx.xxx.xx

Dig mx user1.com
;; QUESTION SECTION:
;user1.com. IN MX
;; ANSWER SECTION:
user1.com. 3600 IN MX 10 mail.user1.com.

dig user1.com
;; QUESTION SECTION:
;user1.com. IN A
;; ANSWER SECTION:
user1.com. 3600 IN A xxx.xxx.xxx.xx

If client uses webmail (squirrelmail) mail can be sent with no problems. Client recives mail with no problems using mail client application (OutLook, OutLook Express, ...)

Q: Do I need to add IP of my server1.info into line in main.cf:
mynetworks = 127.0.0.0/8

Q: I havent done anything in DNS Manager section in ISPconfig. Do I need to do something about that and what exaclty?

Last edited by _X_; 26th October 2008 at 16:28.
Reply With Quote
Sponsored Links
  #2  
Old 14th October 2008, 22:42
_X_ _X_ is offline
Senior Member
 
Join Date: Oct 2008
Posts: 247
Thanks: 8
Thanked 37 Times in 35 Posts
Default

UPDATE:

I can send mail from outlook to local users (from user1@user1.com to user2@user2.com) but any mail that goes to external destination has: Relay access denied error.
Reply With Quote
  #3  
Old 14th October 2008, 23:18
_X_ _X_ is offline
Senior Member
 
Join Date: Oct 2008
Posts: 247
Thanks: 8
Thanked 37 Times in 35 Posts
Default Update 2

Adding IPs of domain.info and user1.com in main.cf didnt solve the problem

Activating SSL in mail client didnt help.

Last edited by _X_; 15th October 2008 at 12:14.
Reply With Quote
  #4  
Old 14th October 2008, 23:24
trcinc1 trcinc1 is offline
HowtoForge Supporter
 
Join Date: Nov 2006
Location: New Mexico
Posts: 21
Thanks: 3
Thanked 2 Times in 2 Posts
Default Just today I started having the same problem

This is what I found out: (my problem - not necessarily yours)

CBL Lookup Utility (http://cbl.abuseat.org/ used the lookup link with my IP)

Note: Automated/scripted bulk lookups are forbidden.

Enter an IP address:

IP Address XX.XXX.XX.XXX is currently listed in the CBL.

It was detected at 2008-10-13 19:00 GMT (+/- 30 minutes), approximately 1 days, 2 hours, 30 minutes ago.

ATTENTION: At the time of detection, this IP was infected with, or NATting for a computer infected with a high volume spam sending trojan - it is participating or facilitating a botnet sending spam or spreading virus/spam trojans.

ATTENTION: if you simply repeatedly remove this IP address from the CBL without correcting the problem, the CBL WILL stop letting you delist it.

This is the Cutwail

You MUST patch your system and then fix/remove the trojan. Do this before delisting, or you're most likely to be listed again almost immediately.

If this IP is a NAT firewall/gateway, you MUST configure the NAT to prevent outbound port 25 connections to the Internet except from your real mail servers.

Request delisting of XX.XXX.XX.XXX.
Reply With Quote
  #5  
Old 15th October 2008, 00:18
_X_ _X_ is offline
Senior Member
 
Join Date: Oct 2008
Posts: 247
Thanks: 8
Thanked 37 Times in 35 Posts
Default

Tested both IPs and they are not listed.
Reply With Quote
  #6  
Old 15th October 2008, 02:28
_X_ _X_ is offline
Senior Member
 
Join Date: Oct 2008
Posts: 247
Thanks: 8
Thanked 37 Times in 35 Posts
Default

I have tried everything that could find on forums but nothing helped.

Getting desperate here

Any new ideas?
Reply With Quote
  #7  
Old 15th October 2008, 14:03
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
Default

This sounds as if you did not enable "Server requires authentication" in Outlook. Please double-check.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #8  
Old 15th October 2008, 14:46
_X_ _X_ is offline
Senior Member
 
Join Date: Oct 2008
Posts: 247
Thanks: 8
Thanked 37 Times in 35 Posts
Default

That was first thing that I checked, double-checked and triple-checked

Tried with Outlook Express, Outlook and Opera mail client but always recive same error.

here is complete session log:
domain pop3d: Connection, ip=[::ffff:xx.xxx.xxx.xx]
domain postfix/smtpd[9556]: connect from unknown[xx.xxx.xxx.xx]
domain pop3d: LOGIN, user=user1, ip=[::ffff:xx.xxx.xxx.xx], port=[2517]
domain postfix/smtpd[9556]: NOQUEUE: reject: RCPT from unknown[xx.xxx.xxx.xx]: 554 5.7.1 <xxxx@hotmail.com>: Relay access denied; from=<user1@user1.com> to=<xxxx@hotmail.com> proto=ESMTP helo=<home>
domain pop3d: LOGOUT, user=user1, ip=[::ffff:xx.xxx.xxx.xx], port=[2517], top=0, retr=0, rcvd=18, sent=38, time=0
domain postfix/smtpd[9556]: disconnect from unknown[xx.xxx.xxx.xx]

domain = domain.info - FQDM of server that runs ISPconfig
user1 = user1@user1.com - user that is client with its site hosted as virtual on domain.info server
Reply With Quote
  #9  
Old 15th October 2008, 14:49
_X_ _X_ is offline
Senior Member
 
Join Date: Oct 2008
Posts: 247
Thanks: 8
Thanked 37 Times in 35 Posts
Default

here is all ok if i'm correct?

telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 domain.info ESMTP Postfix
ehlo localhost
250-domain.info
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Reply With Quote
  #10  
Old 15th October 2008, 15:00
_X_ _X_ is offline
Senior Member
 
Join Date: Oct 2008
Posts: 247
Thanks: 8
Thanked 37 Times in 35 Posts
 
Default

also:

testsaslauthd -u user1 -p xxxx -f /var/spool/postfix/var/run/saslauthd/mux
0: OK "Success."
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
procmail can't write Hellbound General 27 8th June 2009 21:51
localhost postfix/master: fatal: bind 127.0.0.1 port 125: Permission denied g18c Installation/Configuration 4 24th March 2009 17:39
Problem with dcc-client installation (Postfix) swap-as Installation/Configuration 9 18th September 2008 20:47
Core 4: Error Messages on Fresh Install re CTX/SSL jjw Installation/Configuration 30 6th September 2006 12:16
Questions in regards to ISP-Server Setup - Ubuntu 5.10 "Breezy Badger" rbrantley HOWTO-Related Questions 16 10th April 2006 18:26


All times are GMT +2. The time now is 10:53.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.