[SOLVED] Postfix not relaying for mynetworks

Hello,

I just added a server to our multi-server setup for doing SMTP relaying for our clients (it will be replacing our existing relay server, which is not managed through ISPConfig3)

Most clients will be relaying via username/password - which I have tested and works -- but I would like you still be able to have our IP address blocks relay without authentication, but this is not working.

In my main.cf file, I have the following for 'mynetworks':

mynetworks = hash:/etc/postfix/mynetworks

and the 'mynetworks' file consists of our CIDR IP address blocks. I copied this file from our current relay server, and ran 'postmap /etc/postfix/mynetworks' on it to create the 'mynetworks.db' file. When i try to send an e-mail from an IP in our blocks, the message gets rejected, saying relaying is not permitted.

All the smtpd_*_restrictions have 'permit_mynetworks' listed, so I am at a loss as to why the IPs are not being allowed to relay through.

Your insight is greatly appreciated. Thanks!

 

"I don't think mynetworks is a hashed db file. I would just use:

mynetworks = /etc/postfix/mynetworks"

I have tried it without the hash as well (the way you wrote it -- and restarting Postfix after making the change) but the e-mails still get rejected as the client not being authorized.

 

OK, so this is resolved. The problem is that I was trying to send through port 587 but not specifying any authentication settings, but it seems that when you send e-mail via a SSL/TLS port, 'mynetworks' is bypassed since it is assumed that the client is sending authentication credentials.

If I change the port to a non-authenticated port (e.g., 25), the the e-mail form a "whitelisted" IP goes through.

My thought at the time was that is I sent it through one of the SSL/TLS ports (587, 465) but didn't send auth credentials, then the e-mail would go through, but also encrypted. That does nto seem to be the case, alas. It is good to know, though.