Hello Everyone, Well, In the process of trying to play with my setup, I've encountered the following scenario: relay access denied: telnet mydomain.com 25 Trying 192.168.0.100... Connected to mydomain.com. Escape character is '^]'. 220 mail.mydomain.com ESMTP Postfix (Ubuntu) MAIL FROM: [email protected] 250 2.1.0 Ok RCPT TO: [email protected] 554 5.7.1 <[email protected]>: Relay access denied It seems to happened right after entering any email. I've also tried to use mail client and was not able to. Same error. I also tried to send a test message to one of the email addresses but not receiving any mail. Postfix seems to be responding based on the Howto: ehlo 501 Syntax: EHLO hostname ehlo mydomain.com 250-mail.mydomain.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN My main.cf is configured as follows: smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no append_dot_mydomain = no smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache myhostname = mail.mydomain.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = /etc/postfix/local-host-names relayhost = mynetworks = 127.0.0.0/8 mailbox_command = mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all smtpd_sasl_local_domain = smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_tls_auth_only = no smtp_use_tls = yes smtp_tls_note_starttls_offer = yes smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom home_mailbox = Maildir/ virtual_maps = hash:/etc/postfix/virtusertable I've also previously checked with my ISP about no ports being blocked as well. however, I checked the mail.log file and here's what I see: Feb 3 20:03:29 www postfix/smtpd[30428]: connect from mydomain.com[192.168.0.100] Feb 3 20:04:07 www postfix/smtpd[30428]: NOQUEUE: reject: RCPT from mydomain.com[192.168.0.100]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to= <[email protected]> proto=SMTP Feb 3 20:09:28 www postfix/smtpd[30428]: timeout after RCPT from mydomain.com[192.168.0.100] Feb 3 20:09:28 www postfix/smtpd[30428]: disconnect from mydomain.com[192.168.0.100] Feb 3 20:12:48 www postfix/anvil[30430]: statistics: max connection rate 1/60s for (smtp:192.168.0.100) at Feb 3 20:03:29 Feb 3 20:12:48 www postfix/anvil[30430]: statistics: max connection count 1 for (smtp:192.168.0.100) at Feb 3 20:03:29 Feb 3 20:12:48 www postfix/anvil[30430]: statistics: max cache size 1 at Feb 3 20:03:29 Feb 3 20:26:42 www postfix/smtpd[30724]: warning: <isp's address - removed for privacy> [xx.xx.xx.129]: SASL LOGIN authentication failed: authentication failure Feb 3 20:26:42 www postfix/smtpd[30724]: lost connection after AUTH from <isp's address - removed for privacy> [xx.xx.xx.129] Feb 3 20:26:42 www postfix/smtpd[30724]: disconnect from <isp's address - removed for privacy> [xx.xx.xx.129] Feb 3 20:26:42 www courierpop3login: Connection, ip=[::ffff:xx.xx.xx.129] Feb 3 20:26:42 www courierpop3login: LOGIN, user=web1_jgd, ip=[::ffff:xx.xx.xx.129] Mail warning log file also referring to: warning: <isp's address - removed for privacy> [xx.xx.xx.129]: SASL LOGIN authentication failed: authentication failure Any Suggestions or is there anything else that you need me to provide for logs? Thanks, Nibbles
The 192.168.0.x/x range you are connecting from is not allowed because it is not included in mynetworks
re: relay access denied So does it mean that 192.168.0.100 is being rejected by postfix? Can you please explain or expand on the correction that needs to happen? Would I need to make changes to: mynetworks = 127.0.0.0/8 something maybe like: mynetworks = 192.168.0.1/32,192.168.0.0/24,127.0.0.0/8 Also noticing the following: I've created an email account (eg. [email protected]) and tried to send a test message to this account however, I have not received any message and neither have I received any error when sending it. Anyone have a clue what might be happening or could it also be related to the comment mentioned by topdog? Please feel free to ask away for any info you might feel helpful since I'm new at linux and still learning as I go... much appreciated for any help you can provide. Warm Regards, Nibbles
This should do for the relaying Code: 192.168.0.0/24,127.0.0.0/8 What do u see in the logs when you send the message ?
Thanks for info I'm gonna give this a try tonight as it makes sense since I did not add that extra paremeter to postfix. I already provided the mail.log showing the messages I'm getting... I will post results after trying this change.
Thanks TopDog Hey Topdog, Looks like that was the issue for the relay access denied. I have other issues to sort out but will cover them in a different thread. Thanks dog.
I had the same problem with accessing email from my home network. The fix definitely works (minor tweak for mynetworks)...but...when i get my email from a different location and Outlook, i cant. I assume that this is a problem because the two locations use two different router brands that have different default ip addressing schemes. 192.168.1.x and 192.168.10.x. How can I adjust 'mynetworks' to allow any ip to access mail from Outlook as long as they authenticate? Does the web based email continue to work because it is originating from the server itself?
That is what smtp authentication is for, it allows you to relay mail from a untrusted network. The server will webmail will continue to work if pointed to 127.0.0.1
