mail relay

[commentator]

I have homeserver (homeserver.dyndns.org)
and a dedicated server nr2.myserver.com (ispconfig 3 server)

As my provider blocks sendingmail from port 25 I want homeserver sending mail over nr2 on port 587.
Mail is already going to nr2 but still Relay access denied (in reply to RCPT TO command)) error

Is it posible to add homeserver.dyndns.org to mynetworks or is there an other workaround to send this mail to nr2?

[nbhadauria]

can u share the configuration of homeserver.dyndns.org..

[commentator]

main.cf

Code:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = homeserver.dyndns.org
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
#mydestination = homeserver.dyndns.org, localhost.home, localhost
relayhost = 
mynetworks = 127.0.0.0/8,192.168.0.0/24,82.161.100.146
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
message_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_local_domain = 
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtp_sasl_password_maps = hash:/etc/postfix/saslpasswd
smtp_always_send_ehlo = yes
relayhost = [nr2.myserver.com]:587

virtual_maps = hash:/etc/postfix/virtusertable

mydestination = /etc/postfix/local-host-names

### Checks to remove badly formed email
smtpd_helo_required     = yes
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
unknown_address_reject_code  = 554
unknown_hostname_reject_code = 554
unknown_client_reject_code   = 554
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname, regexp:/etc/postfix/helo.regexp, permit
### When changing sender_checks, this file must be regenerated using postmap <file>, to generate a Berkeley DB
smtpd_recipient_restrictions =
    check_client_access hash:/etc/postfix/helo_client_exceptions
#       check_sender_access    hash:/etc/postfix/sender_checks,
	permit_mynetworks,
        reject_invalid_hostname,
        ### Can cause issues with Auth SMTP, so be weary!
        reject_non_fqdn_hostname,
        ##################################
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        #permit_mynetworks,
        reject_unauth_destination,
# Add RBL exceptions here, when changing rbl_client_exceptions, thisfile must be regenerated using postmap <file>, to generate aBerkeley DB
        check_client_access hash:/etc/postfix/rbl_client_exceptions,
        reject_rbl_client cbl.abuseat.org,
        reject_rbl_client sbl-xbl.spamhaus.org,
        reject_rbl_client bl.spamcop.net,
        reject_rbl_client dul.dnsbl.sorbs.net,
        reject_rbl_client new.spam.dnsbl.sorbs.net,
        reject_rbl_client dnsbl-1.uceprotect.net,
        reject_rbl_client smtp.dnsbl.sorbs.net,
        reject_rhsbl_sender    dsn.rfc-ignorant.org,
        #check_policy_service inet:127.0.0.1:60000
        permit

qmqpd_authorized_clients = $mynetworks
qmqpd_error_delay = 5s
qmqpd_timeout = 300s

[nbhadauria]

Why do you have relayhost two time ...

relayhost =
mynetworks = 127.0.0.0/8,192.168.0.0/24,82.161.100.146
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
message_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject _unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtp_sasl_password_maps = hash:/etc/postfix/saslpasswd
smtp_always_send_ehlo = yes
relayhost = [nr2.myserver.com]:587


use only one configuration like this ..

relayhost = nr2.myserver.com:587

[commentator]

thanks, changed it but no change:
Relay access denied (in reply to RCPT TO command))

[nbhadauria]

are you sure you are allowed to send mail without authentication..

same things was working on port 25 ?

[commentator]

before it was possible to mail directly from homeserver
so now changing it the way I described on top

[nbhadauria]

if you are able to send mail from command line..

telnet nr2.myserver.com 587

then surly you are not allowed to relay mails for your server.

[commentator]

nope, also not possible by commandline.

But I can configure nr2 too, thats why I asked if it is possible to add an host to mynetworks

[nbhadauria]

ohhh my bad

Yes please add your server in mynetworks ..