Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 20th January 2010, 05:47
hsa2 hsa2 is offline
Junior Member
 
Join Date: Jan 2010
Posts: 13
Thanks: 0
Thanked 0 Times in 0 Posts
Question Postfix & Dovecot - "Relay access denied"

Hello,
I am trying to build a webserver using postfix and dovecot-postfix on Ubuntu 9.10. I've been working on it about 5 hours ( i did the same for last 6-7 nights ). And finally, I can send mails from my server, using Squirrelmail web client. But when I try to send mail from another address to my server ( tried from google apps based domain ), it gives an error: 554 554 5.7.1: Relay access denied

Please help me ( BTW, I really researched a lot about it )

While building mail server, I followed this tutorial.

Edit: I realised that I can send only from Squirrelmail, when I try to a client ( evolution ) with authentication enabled, it still says "Relay access denied".

Last edited by hsa2; 20th January 2010 at 06:30.
Reply With Quote
Sponsored Links
  #2  
Old 20th January 2010, 10:46
rekurs rekurs is offline
Junior Member
 
Join Date: Jan 2010
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default

You have trouble with authentication, post here your postfix config.

Last edited by rekurs; 20th January 2010 at 10:49.
Reply With Quote
  #3  
Old 20th January 2010, 13:27
hsa2 hsa2 is offline
Junior Member
 
Join Date: Jan 2010
Posts: 13
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Sure, here is my main.cf:

Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/ssl-mail.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

#myhostname = karincayiyen.difuzyonhosting.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
#mydestination = difuzyonhosting.com, karincayiyen.difuzyonhosting.com, localhost.difuzyonhosting.com, localhost
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

virtual_minimum_uid = 150
virtual_uid_maps = static:150
virtual_gid_maps = static:8
virtual_mailbox_base = /var/vmail
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1

virtual_alias_maps = proxy:mysql:/etc/postfix/my_alias_maps.cf
virtual_mailbox_limit = proxy:mysql:/etc/postfix/my_mailbox_limits.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/my_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/my_mailbox_maps.cf
and my master.cf

Code:
#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
submission inet n       -       -       -       -       smtpd
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628      inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
	-o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}

dovecot unix - n n - - pipe flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -c /etc/dovecot/dovecot-postfix.conf -f ${sender} -d $(recipient)
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix	-	n	n	-	2	pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
Reply With Quote
  #4  
Old 20th January 2010, 13:53
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

What's the output of
Code:
telnet localhost 25
and then
Code:
ehlo localhost
?

Did you enable "Server requires authentication" in your email client?

Any errors in your mail log?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 20th January 2010, 17:00
hsa2 hsa2 is offline
Junior Member
 
Join Date: Jan 2010
Posts: 13
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by falko View Post
What's the output of
Code:
telnet localhost 25
and then
Code:
ehlo localhost
?

Did you enable "Server requires authentication" in your email client?

Any errors in your mail log?
Hello falko,
I am using 587 ( submission ) port for smtp.

Code:
root@karincayiyen:/etc/ssl/private# telnet localhost 587
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 karincayiyen.difuzyonhosting.com ESMTP Postfix (Ubuntu)
ehlo localhost
250-karincayiyen.difuzyonhosting.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
Reply With Quote
  #6  
Old 20th January 2010, 20:01
carlosinfl carlosinfl is offline
Member
 
Join Date: Dec 2009
Location: Orlando, FL
Posts: 70
Thanks: 3
Thanked 4 Times in 4 Posts
Send a message via AIM to carlosinfl
Default

This is very easy. You can send from Webmail because your Squirrelmail application is 127.0.0.1. According to your mynetworks parameter in main.cf, it allows connections from 127.0.0.0/8. You need to add your client network that clients will be sending email from to your 'mynetworks' parameter in main.cf.

For example...

My mail server = 127.0.0.1
My PC = 192.168.0.100/255.255.255.0

Then you need to add the following to 'mynetworks'

mynetworks = 127.0.0.0/8, 192.168.0.0/24

Reload Postfix and it should work! The reason you're getting 'relay access denied' is by default Postfix by default does not allow anyone to relay mail. This prevents you from being an 'open relay' which is very very bad!

Last edited by carlosinfl; 20th January 2010 at 20:05.
Reply With Quote
  #7  
Old 20th January 2010, 20:09
hsa2 hsa2 is offline
Junior Member
 
Join Date: Jan 2010
Posts: 13
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanks for your reply. I changed the line as follows:
Code:
mynetworks = 127.0.0.0/8, 192.168.0.0/24
However, nothing has changed and still 'relay access denied'
Reply With Quote
  #8  
Old 20th January 2010, 20:16
carlosinfl carlosinfl is offline
Member
 
Join Date: Dec 2009
Location: Orlando, FL
Posts: 70
Thanks: 3
Thanked 4 Times in 4 Posts
Send a message via AIM to carlosinfl
Default

I am hoping you did not forget to reload Postfix:

Code:
/etc/init.d/postfix restart
I am guessing your same server running Postfix & Squirrelmail is also running Dovecot, correct?

What is the IP address and subnet mask of the PC you're using to connect to Postfix / Dovecot to send / receive email. What client are you using? Thunderbird?
Reply With Quote
  #9  
Old 20th January 2010, 20:22
hsa2 hsa2 is offline
Junior Member
 
Join Date: Jan 2010
Posts: 13
Thanks: 0
Thanked 0 Times in 0 Posts
Default

No no, I reloaded postfix. And yes, I'm running Dovecot on the same server.

Code:
root@karincayiyen:~# telnet localhost pop3
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
+OK Dovecot ready.
My IP adress ( the pc that I'm using, not server ) is 144.122.116.246, and my subnet mask is 255.255.255.0.
Reply With Quote
  #10  
Old 20th January 2010, 20:27
carlosinfl carlosinfl is offline
Member
 
Join Date: Dec 2009
Location: Orlando, FL
Posts: 70
Thanks: 3
Thanked 4 Times in 4 Posts
Send a message via AIM to carlosinfl
 
Default

Quote:
Originally Posted by hsa2 View Post
No no, I reloaded postfix. And yes, I'm running Dovecot on the same server.

Code:
root@karincayiyen:~# telnet localhost pop3
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
+OK Dovecot ready.
My IP adress ( the pc that I'm using, not server ) is 144.122.116.246, and my subnet mask is 255.255.255.0.
Then in your main.cf where your line has 'mynetworks = 127.0.0.0/8...'

You need to add the following:

Code:
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128, 144.122.116.0/24,
Then run this command:

Code:
sudo apt-get -y install dig && sudo postfix reload
Let me know what happens? It failed because you were taking my example of 192.168.0.0/24 literally and not applying it to your network parameters for your personal PC. Hope that works for you!
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Webmail problems with only one domain? compner Installation/Configuration 14 16th February 2010 16:59
Postfix can't received email from exterior astra2000 Server Operation 5 17th October 2009 23:26
Postfix not responding to telnet CarbonCopy Server Operation 6 8th May 2009 05:39
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47
Verify email setup meekish Installation/Configuration 28 27th October 2006 15:36


All times are GMT +2. The time now is 12:25.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.