Relay access denied when using SMTP to external recipients

Discussion in 'Installation/Configuration' started by Kamran Shah, Oct 10, 2005.

  1. Kamran Shah

    Kamran Shah New Member

    Unable to send emails to any domains not hosted locally on this server via SMTP client. If I do the same using SMTP client I receive NDR and below message in my /var/log/maillog.

    Oct 10 12:12:12 portal postfix/smtpd[9641]: NOQUEUE: reject: RCPT from gateway[195.xx.xx.xxx]: 554 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<Inbox>

    Everything works fine if I use web mail client UebiMiau except UebiMiau translates internal emails to [email protected]@myserverhostname.com. But at it lets me send emails to [email protected] without any problem, see the log message below which works perfectly.

    Oct 10 12:25:32 portal postfix/smtp[9943]: 78FFA485C8E: to=<[email protected]>, relay=mx2.mail.yahoo.com[4.79.181.13], delay=23, status=sent (250 ok dirdel)

    I have read few threads where people are facing this error "Relay access denied" but couldn't really find the resolution for my problem.

    I have perfectly installed ISPConfig on FC4 without any problems. /etc/postfix/main.cf has following entry as per installation instruction. I have tried check_relay_domains appears same after restarting postfix.

    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
     
  2. falko

    falko Super Moderator Howtoforge Staff

    That's because you're on the system itself when you use webmail (the webmail program is running on the server).

    In your email client you have to activate something like "Server needs authentication." for that mailbox.
     
  3. Kamran Shah

    Kamran Shah New Member

    Any ideas what would be the fix, I have opened a separate thread for this issue as it doesn't relate to relaying http://www.howtoforge.com/forums/showthread.php?p=3952#post3952
     
  4. falko

    falko Super Moderator Howtoforge Staff

    Did you enable "Server needs authentication" in your email client?
     
  5. Kamran Shah

    Kamran Shah New Member

    Server Authentication resolved my issue - hurray

    I was using my Pocket PC (Orange M2000 with WM2003SE) Email client and configuration worked for another free pop3/smtp server but not for this one I installed with ISPConfig.

    After Falko's reply I realised it could be this client so tried on Outlook Express on my PC which worked perfectly so it is down to the client I have on my PPC.

    If I enable Server Authentication on my PPC it would come up with connectivity error while without server authentication it worked for internal mail destinations.

    I finally tweaked with my PPC client and found that Server information contains Incoming mail, Outgoing mail and Domain where I was adding the same domain name I wanted to get email working. After deleting domain from these tried again and it worked, not sure what this domain means and why is it here, can't see such thing in Outlook Express.

    I was already impressed with Falko's knowledge from previous posts and knew he will fix it.

    Although my webmail issue is still there, which is probably down to the UebiMiau settings which I can't find how to fix. I used the package to install from ispconfig.com but might try squirrilmail or any other client some other time.
     
  6. caMi

    caMi New Member

  7. tonsai

    tonsai New Member

    Relay Access Denied

    Make sure you are authenticating to your 'outgoing' mail server and not the incoming.
     
  8. torgnyw

    torgnyw New Member

    You need to add your local network to mynetwork

    Set mynetworks = 127.0.0.0/8, 192.168.1.0/24

    My home network is 192.168.1.0 with netmask 255.255.255.0 (24 bit mask)
    This worked fine for me. This setting sets what networks you allow to send mail trough your smtp server.

    -Torgny
     
  9. massimopasquali

    massimopasquali New Member

    relay access denied width sasl authenticated

    hello

    i have the same problem, but i have configurated postfix to authenticate the sender. So postfix to work fine fonaly i use this into my lan, but when i go out of my office and i to connect width my notebook by dialup internt connection i can't to send email to external at my domain, becouse i recived the error 554 relay access denied

    what you think about my problem?

    Bye!
     
  10. falko

    falko Super Moderator Howtoforge Staff

    Did you enable "Server requires aurthentication" in your email client?
    What's in /etc/postfix/main.cf (please strip out the comments)?
     
  11. massimopasquali

    massimopasquali New Member

    this is my main.cf

    command_directory = /usr/sbin
    daemon_directory = /usr/libexec/postfix
    setgid_group = postdrop

    append_dot_mydomain = no

    smtp_banner = $myhostname ESMTP pasqualinformatica.com
    biff = no

    myhostname =smtp.pasqualinformatica.com

    mydestination = $myhostname loalhost localhost.$mydomain

    #relay_domains =
    mynetworks = 127.0.0.1/8, 192.168.3.0/24

    disable_vrfy_command = yes
    smtpd_helo_required = yes


    virtual_mailbox_base = /var/mail/vmail
    virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
    virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf

    virtual_alias_domains = $virtual_alias_maps
    virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf

    virtual_uid_maps = static:1008
    virtual_gid_maps = static:1008

    alias_maps = mysql:/etc/postfix/mysql-alis_maps.cf

    smtpd_sender_restrictions = permit_sasl_authenticated,
    permit_mynetworks

    smtpd_recipient_restrictions = permit_sasl_authenticated,
    permit_mynetworks,
    reject_unauth_destination


    smtpd_sasl_auth_enable = yes
    #smtpd_sasl_local_domain = yes
    smtpd_sasl_security_options = noanonymous
    smtp_sasl_password_maps = mysql:/etc/postfix/mysql_auth.conf
    smtp_sender_login_maps = mysql:/etc/postfix/mysql_auth.conf

    smtpd_pix_workaround_delay_time = 20s
    smtpd_pix_workaround_threshold_time = 500s

    #message_size_limit = 10240000
    message_size_limit = 20240000
    #message_size_limit = 3000000


    can you look please? becouse I am becoming crazy

    thanks
     
  12. falko

    falko Super Moderator Howtoforge Staff

    Did you enable "Server requires authentication" in your email client?
     
  13. massimopasquali

    massimopasquali New Member

    yes i do it
     
  14. falko

    falko Super Moderator Howtoforge Staff

    And do you use the correct username and password in your email client?

    What's the output of
    Code:
    telnet localhost 25
    ehlo localhost
    ?
     
  15. xionax

    xionax New Member

    I'm encountering the exact same problem.
    The output is, for me:

    Code:
    anderith:~# telnet localhost 25
    Trying 127.0.0.1...
    Connected to localhost.
    Escape character is '^]'.
    220 anderith.rg-it.net ESMTP Postfix (Debian/GNU)
    ehlo localhost
    250-anderith.rg-it.net
    250-PIPELINING
    250-SIZE 10240000
    250-VRFY
    250-ETRN
    250 8BITMIME
    - SMTP authentication is enabled
    Postconf -n is:

    Code:
    alias_database = hash:/etc/aliases
    alias_maps = hash:/etc/aliases
    append_dot_mydomain = no
    biff = no
    config_directory = /etc/postfix
    delay_warning_time = 4h
    home_mailbox = Maildir/
    inet_interfaces = all
    mailbox_command =
    mailbox_size_limit = 0
    mydestination = /etc/postfix/local-host-names
    myhostname = anderith.rg-it.net
    mynetworks = 127.0.0.0/8
    myorigin = /etc/mailname
    recipient_delimiter = +
    relayhost =
    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    cat /etc/postfix/virtusertable:

    Code:
    anderith:~# cat /etc/postfix/virtusertable
    ###################################
    #
    # ISPConfig virtusertable Configuration File
    #         Version 1.0
    #
    ###################################
    [email protected]    web2_rgit
    [email protected]    web2_rgit
    [email protected]    web2_rgit
    [email protected]    web2_rgit
    [email protected]    web2_rgit
    [email protected]    web2_rgit
    [email protected]    web3_robert
    [email protected]    web3_robert
    [email protected]    web3_robert
    [email protected]    web3_robert
    [email protected]    web3_robert
    [email protected]    web3_robert
    [email protected]    web3_robert
    [email protected]    web3_robert
    #### MAKE MANUAL ENTRIES BELOW THIS LINE! ####anderith:~#
    
    cat /etc/postfix/local-host-names:

    Code:
    anderith:~# cat /etc/postfix/local-host-names
    ###################################
    #
    # ISPConfig local-host-names Configuration File
    #         Version 1.0
    #
    ###################################
    localhost
    anderith.rg-it.net
    localhost.anderith.rg-it.net
    localhost.rg-it.net
    localhost.localdomain
    www.xerox.rg-it.net
    www.rg-it.net
    www.xs4some.org
    xerox.rg-it.net
    rg-it.net
    rails.rg-it.net
    xs4some.org
    xs4some.org..xs4some.org
    blog.xs4some.org
    #### MAKE MANUAL ENTRIES BELOW THIS LINE! ####anderith:~#
    Situation: I'm trying to send an email - from Outlook - to an @gmail.com address.
    Internal (within my @xs4some.org domain) works OK, webmail works OK, telnet locally works ok, telnet externally doesn't work.
    And ofcourse; from Outlook it doesn't work.

    Some help is definitely appreciated. :)

    edit:
    Almost forgot to mention; I'm running Debian Sarge.
     
    Last edited: Feb 11, 2007
  16. falko

    falko Super Moderator Howtoforge Staff

    By reading the output of postconf -n, I assume you didn't follow the "Perfect Setup for Debian Sarge"? Please configure your Postfix as described here: http://www.howtoforge.com/perfect_setup_debian_sarge_p4
     
  17. nevernamed

    nevernamed New Member

    Same Problem

    I seem to be having the same problem.
    When I log into my webmail (squirrelmail) I can send mail no problem. I sent mail to my gmail and it got there. However, when I try to send mail through my thunderbird e-mail client I get the relay access denied error.
    This is odd because I've had no problems with this system for about a month since I initially got it running. Does anybody have any idea what within my client could be causing the problem? Thanks!
     
  18. falko

    falko Super Moderator Howtoforge Staff

    Did you enable "Server requires authentication." in your email client?
     
  19. nevernamed

    nevernamed New Member

    Yes I did. I just got home and I tried it again and I was able to send mail (to my gmail). This leads me to believe that it's just something now allowing me to send mail from outside of my network. Do you know what it might be? The only mail port that I have open is 993.... could that be the problem?
     
  20. falko

    falko Super Moderator Howtoforge Staff

    "Server requires authentication." allows your mail client to use SMTP-AUTH which is required to send mails outside your server.

    Port 993 is for IMAPS. For sending emails, port 25 (SMTP) must be open.
     

Share This Page