Postfix issue: Relay access denied

[williamp0044]

I've browsed this forum endlessly and read countless posts and I cannot figure how to fix the problem. My postfix is setup step by step based on the ISPConfig setup for Hardy Ubuntu.
The issue is that when I try to send emails to the users in postfix i get a Delivery Status Notification (Failure). It states:

Quote:

PERM_FAILURE: Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 554 554 5.7.1 <pwilliams@mydomain.com>: Recipient address rejected: Relay access denied (state 14).

When I send a email from the postfix module on the server, I am able to successfully send out emails. Except the email that gets sent out is from the user web2_pwilliams@server.mydomain.com. And when I try to reply to that email I do not immediately get a Delivery Status Notification.....
Hours later I received this:

Quote:

<web2_pwilliams@server.mydomain.com>... Deferred: Name server: server.mydomain.com.: host name lookup failure
Warning: message still undelivered after 8 hours
Will keep trying until message is 5 days old
Reporting-MTA: dns; mx3.nyu.edu
Arrival-Date: Sun, 13 Jul 2008 19:32:29 -0400 (EDT)

Final-Recipient: RFC822; web2_pwilliams@server.mydomain.com
Action: delayed
Status: 4.2.0
Remote-MTA: DNS; horus.pandinc.com
Last-Attempt-Date: Mon, 14 Jul 2008 03:45:49 -0400 (EDT)
Will-Retry-Until: Fri, 18 Jul 2008 19:32:29 -0400 (EDT)

This is my main.cf:

Quote:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = server.mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = server.mydomain.com, mail.mydomain.com, localhost.mydomain.com, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command =
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject _unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

Also I cannot log in as any of the users via squirrelmail or roundcube.

Anyone have any suggestions? Thanks in advance.

[falko]

Please create an A record for server.mydomain.com.
Also make sure that you use "Server requires authentication" in your email client and that your server is not blacklisted: http://mxtoolbox.com/blacklists.aspx

[williamp0044]

So apparently the IP is blacklisted:

Quote:

We notice you are on a blacklist. Click here for some suggestions.

Checking 68.198.172.150 against 123 known blacklists...
Listed: 16 time(s)
Timeouts:33

I filled out the info from that site to get some suggestions but they only seem to be pushing their services.

Any suggestions? I do not SPAM so i cant even begin to imagine how i've been blacklisted.

[falko]

Are you on a dynamic IP address? Most dynamic IP addresses are blacklisted, and there's nothing you can do about it (except this: http://www.howtoforge.com/postfix_re...her_mailserver ).

[justsam]

I am getting the exact same error, I am able to send emails but not receive any. I checked and my ip address is not blacklisted.

I am creating the domain hoodiasuperstore.com, with email info@hoodiasuperstore.com this is what is returned when I send an email.

Code:

This is an automatically generated Delivery Status Notification

Delivery to the following recipient failed permanently:

    info@hoodiasuperstore.com

Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 554 554 5.7.1 <info@hoodiasuperstore.com>: Relay access denied (state 14).

  ----- Original message -----

Received: by 10.114.208.20 with SMTP id f20mr4409189wag.144.1223234469410;
       Sun, 05 Oct 2008 12:21:09 -0700 (PDT)
Received: by 10.114.144.4 with HTTP; Sun, 5 Oct 2008 12:21:09 -0700 (PDT)
Message-ID: <30f3cde0810051221p65fb4da5pc179fc4fdf57458f@mail.gmail.com>
Date: Sun, 5 Oct 2008 15:21:09 -0400
From: "JRivera" <jr@domain.tld> <- REMOVED EMAIL
To: "Hoodia Info" <info@hoodiasuperstore.com>
Subject: This is a test
MIME-Version: 1.0
Content-Type: multipart/alternative;
       boundary="----=_Part_34129_12369833.1223234469383"

------=_Part_34129_12369833.1223234469383
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

This is a test message

------=_Part_34129_12369833.1223234469383
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit

  ----- Message truncated -----

:/etc/postfix/main.cf

Code:

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
mynetworks = 127.0.0.0/8
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
myhostname = www.itruk.com

:/etc/postfix/local-host-names

Code:

localhost
www.itruk.com
localhost.www.itruk.com
localhost.itruk.com
localhost.localdomain
www.hoodiasuperstore.com
hoodiasuperstore.com
ftp.hoodiasuperstore.com

[root@www jrivera]# dig mail.hoodiasuperstore.com

Code:

; <<>> DiG 9.3.4-P1 <<>> mail.hoodiasuperstore.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47657
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;mail.hoodiasuperstore.com.     IN      A

;; ANSWER SECTION:
mail.hoodiasuperstore.com. 86400 IN     A       64.139.216.4

;; AUTHORITY SECTION:
hoodiasuperstore.com.   86400   IN      NS      ns1.itruk.com.
hoodiasuperstore.com.   86400   IN      NS      ns2.itruk.com.

;; ADDITIONAL SECTION:
ns1.itruk.com.          86400   IN      A       64.139.216.4
ns2.itruk.com.          86400   IN      A       64.139.192.90

;; Query time: 0 msec
;; SERVER: 64.139.216.4#53(64.139.216.4)
;; WHEN: Sun Oct  5 15:48:18 2008
;; MSG SIZE  rcvd: 133

[root@www jrivera]#

:/var/log/maillog

Code:

Oct  5 16:02:55 www1 dovecot: imap-login: Login: user=<adm_sviera>, method=PLAIN, rip=::ffff:127.0.0.1, lip=::ffff:127.0.0.1, secured
Oct  5 16:02:55 www1 dovecot: IMAP(adm_sviera): Disconnected: Logged out
Oct  5 16:03:04 www1 postfix/smtpd[21292]: connect from rv-out-0506.google.com[209.85.198.236]
Oct  5 16:03:04 www1 postfix/smtpd[21292]: NOQUEUE: reject: RCPT from rv-out-0506.google.com[209.85.198.236]: 554 5.7.1 <info@hoodiasuperstore.com>: Relay ac$
Oct  5 16:03:04 www1 postfix/smtpd[21292]: disconnect from rv-out-0506.google.com[209.85.198.236]

[falko]

Are you using ISPConfig? If so, run

Code:

postconf -e 'virtual_maps = hash:/etc/postfix/virtusertable'
postconf -e 'mydestination = /etc/postfix/local-host-names'

and restart Postfix.

[Ghostfly]

I have the same problem, and I have ISPConfig 3.0.3.3 !

I try to do what Falko says, and now my ISPConfig can't start the SMTP Service and my problem (Access Denied) is also here ...

Postfix seems to work, and restart correctly but Emails are not sended or received ...

So, what can I do ?

I do a dpkg-reconfigure postfix, now I have like before, mails are sended but I can't receive anything ... (Client host rejected: Access denied (state 13).)

I have edited my master.cf and now it works like a charm ! ^^

Thanks