Problem with Mailforwarding in ISPConfig

Discussion in 'ISPConfig 3 Priority Support' started by schmidtedv, Dec 2, 2019 at 5:52 PM.

  1. schmidtedv

    schmidtedv Member HowtoForge Supporter

    Well, maybe I did something wrong, but right now I have this problem:

    On Server-A I have the mail [email protected], [email protected]...
    On Server-B I configured in ISPConfig, that any mail für [email protected] is forwarded to some internal and some external accounts. 2 of them are [email protected] and [email protected] on Server-A.

    Now, if I send or forward a mail (with Outlook) from the account [email protected] (any mail-account and -domain on Server-A) to [email protected] the Mail Delivery System on Server-B responds, that this mail could not be delivered to [email protected] and [email protected] with the following message:

    <[email protected]> (expanded from <[email protected]>):
    host mail.domain-a.com said: 554 5.7.1
    <[email protected]>: Sender address rejected: Access denied (in
    reply to RCPT TO command)

    Maybe I tricked myself by trying to optimize/harden some SPAM-settings in main.cf, but right now, I don't now what might be wrong. Maybe because I activated the mysql-virtual_domains_inverted.cf-check?

    Maybe relevant parts in main.cf are as follows (would be happy, if someone knows what I did wrong):

    Code:
    compatibility_level = 2
    myhostname = mail.domain-a.com
    myorigin = /etc/mailname
    mydestination = mail.domain-a.com, localhost, localhost.localdomain
    mynetworks = 127.0.0.0/8 [::1]/128
    
    smtpd_client_restrictions =
      check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
    
    smtpd_helo_required = yes
    smtpd_helo_restrictions =
      permit_sasl_authenticated,
      permit_mynetworks,
      check_helo_access regexp:/etc/postfix/helo_access,
      reject_invalid_hostname,
      reject_non_fqdn_hostname,
      reject_invalid_helo_hostname,
      reject_unknown_helo_hostname,
      check_helo_access regexp:/etc/postfix/blacklist_helo
    
    smtpd_sender_restrictions =
      check_sender_access regexp:/etc/postfix/tag_as_originating.re,
      permit_mynetworks,
      permit_sasl_authenticated,
      check_sender_access mysql:/etc/postfix/mysql-virtual_domains_inverted.cf,
      check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf,
      check_sender_access regexp:/etc/postfix/tag_as_foreign.re
    
    smtpd_recipient_restrictions =
      permit_mynetworks,
      permit_sasl_authenticated,
      reject_unauth_destination,
      reject_rbl_client zen.spamhaus.org,
      check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf,
      check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf
    
    smtpd_relay_restrictions =
      permit_sasl_authenticated,
      permit_mynetworks,
      defer_unauth_destination
    
    smtpd_data_restrictions =
      reject_unauth_pipelining
     
    Last edited: Dec 2, 2019 at 8:26 PM
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Did the forwarding work before
    ?
    If yes, revert those changes and verify it now works. Then if you want to have those settings, add them one by one testing if it still works after each change.
    If you want somone to read your copypaste of configuration files, at least paste them in CODE tags.
     
  3. schmidtedv

    schmidtedv Member HowtoForge Supporter

    Well, thanks Taleman for the CODE-Hint, I changed that now. On the other hand, if I knew, what might have influenced this behavior, I would already have reversed that. However, would have been nice, if somebody knew right away, what might have gone wrong, because I can't find anything on howtoforge dealing with such a problem before and never configured/used mail-forwarding in this way before....so it even might be a normal behavior right away without having misconfigured anything.
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    With forwarding you mean an email transport? Did you add the address as mail relay recipient in ISPConfig as well? And regarding the custom config, modify it step by step to see which of your changes makes it fail.
     
  5. schmidtedv

    schmidtedv Member HowtoForge Supporter

Share This Page