I think i've gone round and round in circles the last couple of days with this, so i offer it up to other peoples advice. Ubuntu 6.06 LTS, following Perfect install (mostly) - installed as LAMP server. I've managed to get everything working except for emails outbound to external addresses. Trying to send from [email protected] -> [email protected] Postfix main.cfg smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no append_dot_mydomain = no # TLS parameters smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache myhostname = woody.friar.info alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname #mydestination = woody.friar.info, localhost.friar.info, , localhost relayhost = mynetworks = 127.0.0.0/8 mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all smtpd_sasl_local_domain = smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_tls_auth_only = no smtp_use_tls = yes smtp_tls_note_starttls_offer = yes smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom virtual_maps = hash:/etc/postfix/virtusertable mydestination = /etc/postfix/local-host-names Mail Logs Aug 7 20:42:04 woody postfix/smtpd[6438]: connect from unknown[192.168.1.10] Aug 7 20:42:04 woody postfix/smtpd[6438]: NOQUEUE: reject: RCPT from unknown[192.168.1.10]: 554 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<p4> Aug 7 20:42:04 woody postfix/smtpd[6441]: connect from unknown[192.168.1.10] Outlook logs 2006.08.07 20:42:01 SMTP (192.168.1.15): Connected to host 2006.08.07 20:42:01 SMTP (192.168.1.15): <rx> 220 woody.friar.info ESMTP Postfix (Ubuntu) 2006.08.07 20:42:01 SMTP (192.168.1.15): [tx] EHLO p4 2006.08.07 20:42:01 SMTP (192.168.1.15): <rx> 250-woody.friar.info 2006.08.07 20:42:01 SMTP (192.168.1.15): <rx> 250-PIPELINING 2006.08.07 20:42:01 SMTP (192.168.1.15): <rx> 250-SIZE 10240000 2006.08.07 20:42:01 SMTP (192.168.1.15): <rx> 250-VRFY 2006.08.07 20:42:01 SMTP (192.168.1.15): <rx> 250-ETRN 2006.08.07 20:42:01 SMTP (192.168.1.15): <rx> 250-STARTTLS 2006.08.07 20:42:01 SMTP (192.168.1.15): <rx> 250-AUTH LOGIN PLAIN 2006.08.07 20:42:01 SMTP (192.168.1.15): <rx> 250-AUTH=LOGIN PLAIN 2006.08.07 20:42:01 SMTP (192.168.1.15): <rx> 250 8BITMIME 2006.08.07 20:42:01 SMTP (192.168.1.15): Authorizing to server 2006.08.07 20:42:01 SMTP (192.168.1.15): [tx] AUTH LOGIN 2006.08.07 20:42:01 SMTP (192.168.1.15): <rx> 334 VXNlcm5hbWU6 2006.08.07 20:42:01 SMTP (192.168.1.15): [tx] YW5keQ== 2006.08.07 20:42:01 SMTP (192.168.1.15): <rx> 334 UGFzc3dvcmQ6 2006.08.07 20:42:01 SMTP (192.168.1.15): [tx] ***** 2006.08.07 20:42:01 SMTP (192.168.1.15): <rx> 235 Authentication successful 2006.08.07 20:42:01 SMTP (192.168.1.15): Authorized to host 2006.08.07 20:42:01 SMTP (192.168.1.15): Connected to host 2006.08.07 20:42:01 SMTP (192.168.1.15): [tx] MAIL FROM: <*****> 2006.08.07 20:42:01 SMTP (192.168.1.15): <rx> 250 Ok 2006.08.07 20:42:01 SMTP (192.168.1.15): [tx] RCPT TO: <*****> 2006.08.07 20:42:01 SMTP (192.168.1.15): <rx> 554 <*****>: Relay access denied 2006.08.07 20:42:01 SMTP (192.168.1.15): End execution To me this is saying that outlook is authenticated correctly but the destination isn't allowed? Anyone any advice? Thanks Andy
Are you able to retrieve emails with pop3 in outlook with the same useranme + password that you enterec for smtp authentication in outlook? Please check twice that you enabled "Server needs authentication" in the smtp settings in outlook.
Yep, retrieval is fine, sending emails to other users in the same domain is fine. Just sending emails to a mail recipient external of what postfix knows about doesn't wanna work. Andy
Yep as it's work email, it's the same which ever external email address i use. It's as if the line smtpd_recipient_restictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination Is listening to the mynetworks as in Webmail, yet not for the sasl authenticated users. Given that when using Roundcube i get Aug 8 18:20:31 woody postfix/smtp[24794]: 7623681847D: to=<[email protected]>, relay=mail.novus.co.uk[212.248.238.50], delay=1, status=sent (250 imss-01.NNL.CO.UK: Message accepted for delivery) Aug 8 18:20:31 woody postfix/qmgr[23534]: 7623681847D: removed Does that make sense? Andy
I even tried outlook with SPA switch on for sending, to which i recieve. Aug 8 18:23:43 woody postfix/smtpd[24858]: connect from unknown[192.168.1.10] Aug 8 18:23:43 woody postfix/smtpd[24858]: setting up TLS connection from unknown[192.168.1.10] Aug 8 18:23:43 woody postfix/smtpd[24858]: TLS connection established from unknown[192.168.1.10]: TLSv1 with cipher RC4-MD5 (128/128 bits) Aug 8 18:23:43 woody postfix/smtpd[24858]: NOQUEUE: reject: RCPT from unknown[192.168.1.10]: 554 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<p4> Aug 8 18:23:45 woody postfix/smtpd[24858]: disconnect from unknown[192.168.1.10]
Well i'm not quite sure what i've done, but it is now working correctly. i did renter a couple of postconf lines and instead of before where is wasn't even checking for the sasl_authenticated. Code: >>> START Recipient address RESTRICTIONS <<< Aug 8 20:01:09 woody postfix/smtpd[27060]: generic_checks: name=permit_mynetworks Aug 8 20:01:09 woody postfix/smtpd[27060]: permit_mynetworks: unknown 192.168.1.10 Aug 8 20:01:09 woody postfix/smtpd[27060]: match_hostname: unknown ~? 127.0.0.0/8 Aug 8 20:01:09 woody postfix/smtpd[27060]: match_hostaddr: 192.168.1.10 ~? 127.0.0.0/8 Aug 8 20:01:09 woody postfix/smtpd[27060]: match_list_match: unknown: no match Aug 8 20:01:09 woody postfix/smtpd[27060]: match_list_match: 192.168.1.10: no match Aug 8 20:01:09 woody postfix/smtpd[27060]: generic_checks: name=permit_mynetworks status=0 Aug 8 20:01:09 woody postfix/smtpd[27060]: generic_checks: name=reject_unauth_destination i then redid the line Code: postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination' Restarted the service and finally received.. Code: >>> START Recipient address RESTRICTIONS <<< Aug 8 20:20:30 woody postfix/smtpd[28068]: generic_checks: name=permit_sasl_authenticated Aug 8 20:20:30 woody postfix/smtpd[28068]: generic_checks: name=permit_sasl_authenticated status=0 Aug 8 20:20:30 woody postfix/smtpd[28068]: generic_checks: name=permit_mynetworks Aug 8 20:20:30 woody postfix/smtpd[28068]: permit_mynetworks: unknown 192.168.1.10 Aug 8 20:20:30 woody postfix/smtpd[28068]: match_hostname: unknown ~? 127.0.0.0/8 Aug 8 20:20:30 woody postfix/smtpd[28068]: match_hostaddr: 192.168.1.10 ~? 127.0.0.0/8 Aug 8 20:20:30 woody postfix/smtpd[28068]: match_list_match: unknown: no match Aug 8 20:20:30 woody postfix/smtpd[28068]: match_list_match: 192.168.1.10: no match Aug 8 20:20:30 woody postfix/smtpd[28068]: generic_checks: name=permit_mynetworks status=0 Aug 8 20:20:30 woody postfix/smtpd[28068]: generic_checks: name=reject_unauth_destination Which looks miles better, so i now get. Code: Aug 8 20:36:38 woody postfix/smtpd[28346]: connect from 82-68-241-110.dsl.in-addr.zen.co.uk[82.68.241.110] Aug 8 20:36:38 woody postfix/smtpd[28346]: D624C81838D: client=82-68-241-110.dsl.in-addr.zen.co.uk[82.68.241.110], sasl_method=LOGIN, sasl_username=andy Aug 8 20:36:38 woody postfix/cleanup[28348]: D624C81838D: message-id=<[email protected]> Aug 8 20:36:38 woody postfix/qmgr[27948]: D624C81838D: from=<[email protected]>, size=2210, nrcpt=1 (queue active) Aug 8 20:36:39 woody postfix/smtp[28349]: D624C81838D: to=<[email protected]>, relay=mail.novus.co.uk[212.248.238.50], delay=1, status=sent (250 imss-01.NNL.CO.UK: Message accepted for delivery) Aug 8 20:36:39 woody postfix/qmgr[27948]: D624C81838D: removed By the way for more debuging options add the following into your main.cf debug_peer_list = IPADDRESSYOURWANTTODEBUG debug_peer_level = 3 Hope this helps anyone else. Andy