Postfix 554 relay access denied

Discussion in 'Installation/Configuration' started by mcevoli, Jan 11, 2012.

  1. mcevoli

    mcevoli New Member

    Hello, I'm new here!

    I know it's a quite common problem, but every thing I read around the net didn't work for me :(

    So I explain:
    I have a centos server with virtual domains. When I send an email, it works successfully only for local domains.
    When I try external domain I get the 554 relay access denied error.

    The authentication works, I think, because if I connect via telnet and do an auth plain <my base64 encoded>, I get authentication successful.

    My maillog file:
    postfix/smtpd[12834]: NOQUEUE: reject:RCPT from[xx.xx.xx.xx]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<Inbox>

    Here my postconf -n:
    alias_database = hash:/etc/aliases
    alias_maps = hash:/etc/aliases
    body_checks = regexp:/etc/postfix/body_checks
    broken_sasl_auth_clients = yes
    command_directory = /usr/sbin
    config_directory = /etc/postfix
    content_filter = amavis:[]:10024
    daemon_directory = /usr/libexec/postfix
    debug_peer_level = 2
    header_checks = regexp:/etc/postfix/header_checks
    html_directory = no
    inet_interfaces = all
    inet_protocols = ipv4
    local_recipient_maps =
    mail_owner = postfix
    mailbox_size_limit = 0
    mailq_path = /usr/bin/mailq.postfix
    manpage_directory = /usr/share/man
    message_size_limit = 0
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    mydestination =, localhost, localhost.localdomain
    myhostname =
    mynetworks = [::1]/128
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    newaliases_path = /usr/bin/newaliases.postfix
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
    queue_directory = /var/spool/postfix
    readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
    receive_override_options = no_address_mappings
    relay_domains = mysql:/etc/postfix/
    relay_recipient_maps = mysql:/etc/postfix/
    relayhost =
    sample_directory = /usr/share/doc/postfix-2.3.3/samples
    sendmail_path = /usr/sbin/sendmail.postfix
    setgid_group = postdrop
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_sasl_path = private/auth
    smtpd_sasl_type = dovecot
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    smtpd_tls_security_level = may
    smtpd_use_tls = yes
    transport_maps = proxy:mysql:/etc/postfix/
    unknown_local_recipient_reject_code = 550
    virtual_alias_domains =
    virtual_alias_maps = proxy:mysql:/etc/postfix/, mysql:/etc/postfix/
    virtual_gid_maps = static:5000
    virtual_mailbox_base = /var/vmail
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/
    virtual_transport = dovecot
    virtual_uid_maps = static:5000

    Thank you for your help in advance :)

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Which exact ISPConfig version do you use?
  3. mcevoli

    mcevoli New Member

    I use ISPConfig

    I forgot to mention that if I send an email via roundcube webmail it works.
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Please check the smtp settings in your email client and ensure that smtp authentication is enabled. According to the log line above, the email client did not authenticate itself before he tried to send the email. The smtp authentication details are the same then the pop3/imap login details.
  5. mcevoli

    mcevoli New Member

    Authentication is enabled and uses the same details.

    Look at telnet:
    220 ESMTP Postfix
    ehlo localhost
    250 DSN

    mail from: [email protected]
    250 2.1.0 Ok
    auth plain AHRlc3RAY2lhZxxxxxxxxmkuaXQAY2lhZmZvdGVzMTE=
    235 2.0.0 Authentication successful
    rcpt to: [email protected]
    554 5.7.1 <[email protected]>: Relay access denied
  6. falko

    falko Super Moderator ISPConfig Developer

  7. mcevoli

    mcevoli New Member

  8. mcevoli

    mcevoli New Member

    So any idea?
  9. mcevoli

    mcevoli New Member

    I think it's an issue due to connection outside the network from remote client, because the webmail works ok.

    Anyone had the same issue?
  10. mcevoli

    mcevoli New Member


    For everyone having the same issue:
    In my confguration file the following line was commented:

    smtpd_recipient_restrictions = permit_sasl_authenticated

    I uncommented it and now it seems working
  11. likudio

    likudio New Member

    Thakn you

    Dude, I just made my account on this forum especially to thank you. You just solved my problem. :) Best regards.
  12. herbie

    herbie New Member

    #1 cause is logon to authenticate not selected
    #2 connection is from outside the network. OutHouse-Tbird won't send Telus mail thru Shaw or Shaw thru Rogers. Example - Users who kept their mail accounts here and moved to Telus DSL must set thier outgoing mail server to and logon with their telus username & password. Or use Webmail
  13. source4u

    source4u New Member

    Hello there,

    I am trying to setup roundcube for my mail server also. but, I can't seem to send email out to gmail or yahoo or basically none of any externally. mail.log indicates connection timed out all the time. However, I can receive email sent from external e.g gmail or yahoo mail.

    I understand you manage to send email via rouncude to external email account. I am using postfix and dovecot for my mail server. Appreciate your help and advice on how your roundcube is being setup up. Thanks in advance.

Share This Page