Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 15th December 2011, 19:39
Maxman1850 Maxman1850 is offline
Junior Member
 
Join Date: Nov 2011
Posts: 13
Thanks: 0
Thanked 0 Times in 0 Posts
Default Postfix: relay access denied

Hi guys,

I'm desperately trying to make my SMTP server work correctly but he seems to be not listening to me.

When I send an e-mail from the webmail he sends it correctly. But when I try to connect with Mail (for Mac) I get an error that the SMTP server is offline.

Also when I check my SMTP server with this tool: http://www.mxtoolbox.com/
I get the following error:

Code:
HELO please-read-policy.mxtoolbox.com
250 Webserver002 [125 ms]
MAIL FROM: <supertool@mxtoolbox.com>
250 2.1.0 Ok [218 ms]
RCPT TO: <test@example.com>
554 5.7.1 <test@example.com>: Relay access denied [140 ms]
QUIT
221 2.0.0 Bye [140 ms]
The maillog looks like this:
Code:
Dec 15 19:17:53 Webserver002 postfix/smtpd[26175]: warning: 64.20.227.133: address not listed for hostname recover.mxtoolbox.com
Dec 15 19:17:53 Webserver002 postfix/smtpd[26175]: connect from unknown[64.20.227.133]
Dec 15 19:17:53 Webserver002 postfix/smtpd[26175]: NOQUEUE: reject: RCPT from unknown[64.20.227.133]: 554 5.7.1 <test@example.com>: Relay access denied; from=<supertool@mxtoolbox.com> to=<test@example.com> proto=SMTP helo=<please-read-policy.mxtoolbox.com>
Dec 15 19:17:53 Webserver002 postfix/smtpd[26175]: disconnect from unknown[64.20.227.133]
My main.cf looks like this:

Code:
myhostname = Webserver002
mynetworks = 127.0.0.0/8 [::1]/128
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = dovecot
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
receive_override_options = no_address_mappings
content_filter = amavis:[127.0.0.1]:10024
relayhost =
mailbox_size_limit = 0
message_size_limit = 0
Can please someone help me to find the solution for this?

Thanks for your help!

Max
Reply With Quote
Sponsored Links
  #2  
Old 16th December 2011, 11:58
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,736 Times in 2,571 Posts
Default

Quote:
Originally Posted by Maxman1850 View Post
But when I try to connect with Mail (for Mac) I get an error that the SMTP server is offline.
What are the outputs of
Code:
netstat -tap
and
Code:
iptables -L
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 16th December 2011, 17:26
Maxman1850 Maxman1850 is offline
Junior Member
 
Join Date: Nov 2011
Posts: 13
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Netstat -tap:
Code:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
tcp        0      0 *:imaps                     *:*                         LISTEN      16423/dovecot       
tcp        0      0 *:pop3s                     *:*                         LISTEN      16423/dovecot       
tcp        0      0 Webserver002:10024          *:*                         LISTEN      18387/amavisd (mast 
tcp        0      0 Webserver002:10025          *:*                         LISTEN      26171/master        
tcp        0      0 *:mysql                     *:*                         LISTEN      16285/mysqld        
tcp        0      0 *:pop3                      *:*                         LISTEN      16423/dovecot       
tcp        0      0 Webserver002:dyna-access    *:*                         LISTEN      16410/clamd         
tcp        0      0 *:imap                      *:*                         LISTEN      16423/dovecot       
tcp        0      0 *:sunrpc                    *:*                         LISTEN      2768/portmap        
tcp        0      0 *:723                       *:*                         LISTEN      9445/rpc.statd      
tcp        0      0 Webserver002:domain         *:*                         LISTEN      16513/named         
tcp        0      0 Webserver002:domain         *:*                         LISTEN      16513/named         
tcp        0      0 *:ftp                       *:*                         LISTEN      16458/pure-ftpd (SE 
tcp        0      0 *:smtp                      *:*                         LISTEN      26171/master        
tcp        0      0 Webserver002:rndc           *:*                         LISTEN      16513/named         
tcp        0      0 Webserver002:imap           ip8a.direct-ads:49231 ESTABLISHED 28086/imap          
tcp        0      0 Webserver002:imap           ip8a.direct-ads:49228 ESTABLISHED 28053/imap          
tcp        0      0 Webserver002:imap           ip8a.direct-ads:49217 ESTABLISHED 28051/imap          
tcp        0      0 Webserver002:imap           ip8a.direct-ads:49239 ESTABLISHED 28088/imap          
tcp        0      0 *:imaps                     *:*                         LISTEN      16423/dovecot       
tcp        0      0 *:pop3s                     *:*                         LISTEN      16423/dovecot       
tcp        0      0 *:pop3                      *:*                         LISTEN      16423/dovecot       
tcp        0      0 *:imap                      *:*                         LISTEN      16423/dovecot       
tcp        0      0 *:webcache                  *:*                         LISTEN      21606/httpd         
tcp        0      0 *:http                      *:*                         LISTEN      21606/httpd         
tcp        0      0 *:work-sol                  *:*                         LISTEN      1971/sshd           
tcp        0      0 *:tproxy                    *:*                         LISTEN      21606/httpd         
tcp        0      0 *:domain                    *:*                         LISTEN      16513/named         
tcp        0      0 *:ftp                       *:*                         LISTEN      16458/pure-ftpd (SE 
tcp        0      0 localhost6.localdomain:rndc *:*                         LISTEN      16513/named         
tcp        0   2880 Webserver002:work-sol       ip8a.direct-ads:49670 ESTABLISHED 28374/sshd: max [pr
iptables -L:
Code:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
RH-Firewall-1-INPUT  all  --  anywhere             anywhere            

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
RH-Firewall-1-INPUT  all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     icmp --  anywhere             anywhere            icmp any 
ACCEPT     esp  --  anywhere             anywhere            
ACCEPT     ah   --  anywhere             anywhere            
ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:mdns 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp 
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:mysql 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:telnet 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:smtp 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:http 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ftp 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:https 
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited
Reply With Quote
  #4  
Old 17th December 2011, 17:02
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,736 Times in 2,571 Posts
Default

Can you disable the firewall for testing purposes?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 19th December 2011, 17:24
Maxman1850 Maxman1850 is offline
Junior Member
 
Join Date: Nov 2011
Posts: 13
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Yes, I can, I will check if it'll work when it's disabled
Reply With Quote
  #6  
Old 20th December 2011, 16:34
Maxman1850 Maxman1850 is offline
Junior Member
 
Join Date: Nov 2011
Posts: 13
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Nope, even when the firewall is fully disabled I get the same errors.. Looks like it's not a firewall problem..?
Reply With Quote
  #7  
Old 20th December 2011, 18:36
mike_p mike_p is offline
Senior Member
 
Join Date: Mar 2010
Location: Surrey, England
Posts: 140
Thanks: 9
Thanked 28 Times in 17 Posts
Default

In your mail client (Mail for Mac?) what address have you given for the SMTP server?
Have you correctly setup dns for that address?
Reply With Quote
  #8  
Old 20th December 2011, 20:47
Maxman1850 Maxman1850 is offline
Junior Member
 
Join Date: Nov 2011
Posts: 13
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I've given my normal domain name and smtp.domain.tld, I think my DNS is alright but now I'm beginning to doubt it.. Should I post my DNS records?
Reply With Quote
  #9  
Old 20th December 2011, 21:26
gertk gertk is offline
Junior Member
 
Join Date: Aug 2011
Posts: 9
Thanks: 1
Thanked 1 Time in 1 Post
Default

You can try to add to main.cf file your server external ip or network address,
for example address 10.0.0.0/29

main.cf file:
mynetworks = 127.0.0.0/8 [::1]/128 10.0.0.0/29
Reply With Quote
  #10  
Old 21st December 2011, 08:25
mike_p mike_p is offline
Senior Member
 
Join Date: Mar 2010
Location: Surrey, England
Posts: 140
Thanks: 9
Thanked 28 Times in 17 Posts
 
Default

Quote:
Originally Posted by Maxman1850 View Post
I've given my normal domain name and smtp.domain.tld
So you've set up a dns A record for either smtp.domain.tld or a wildcard (*.domain.tld)?
If not simply use domain.tld as the smtp server address in your mail client.
(or even just use the server's IP address)
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
MySQL Error Nolan Installation/Configuration 12 16th February 2011 02:15
Help configure Postfix to use alt port 465 or 587 BoloMarkIII Installation/Configuration 10 16th March 2009 17:57
ISP Config hesitation when opening web pages frankb Installation/Configuration 7 15th December 2008 13:06
postfix 554 Relay access denied ratcateme Server Operation 1 29th May 2008 18:52
Questions in regards to ISP-Server Setup - Ubuntu 5.10 "Breezy Badger" rbrantley HOWTO-Related Questions 16 10th April 2006 18:26


All times are GMT +2. The time now is 09:13.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.