Can Send Email, But Not Recieve; Relay access denied

Hi,

I'm stuggling to get ISPConfig up and running. I followed the Ubuntu Perfect Setup. When I send test emails to user accounts that I have set up, I quickly get a bounce message back. Here's the complaint in the return mail:

PERM_FAILURE: SMTP Error (state 9): 554 <[email protected]>: Relay access denied

I've searched this forum and found lots of similar problems, but mostly about SENDING mail rather than RECEIVING it. I've tried some of the solutions suggested in the similar topics, but nothing has worked, so its possible that I've messed things up worse.

Again, I can send emails, but not recieve. Any help would be appriciated!

 

I've had exactly the same problem some days ago.
The strange thing was that it was only with one of the domains.. all other domains did not have the 554 error!

I deleted the account/domain, and remade it.. after this all was fine again!

If you are having the 554 problem with only one domain, try what I did, and it might fix it also

 

Hmmm... I haven't tried adding additional domains yet. I don't think it will matter, though, because I totally removed and reinstalled Postfix and ISPConfig trying to fix the problem, with the same result. But I'll try setting one or two of my other domains up tomorrow to see if the same thing happens.

Thanks for the tip!

 

Yes.

Yes, both mydomain.dom and www.mydomain.dom are listed.

What do you mean by "a local domain on your server? The DNS (I'm using my registrar's DNS service) points to my IP and I've set "mydomain.dom" up through ISPConfig. The website is running just fine. Does that mean "mydomian.dom" is "a local domain" on my server?

Anyway, I don't understand how a setting in an email client could effect wether or not mail gets delivered to an address. Client or no client, the mail never arrives in the users "mailbox"!

Thanks for your help. I'll go ahead and set up another domain (I adjusted the DNS entries last night; they should have propogated by now) to check out edge's theory.

 

Okay, I set up another domain. Same result. Web page works. Sending mail out works (I'm using mail2web.com to get into the account and send mail) but incoming mail is rejected.

 

What's the domain of the incoming mail?
What's in /etc/postfix/local-host-names?

 

You mean the actual domain the mail is addressed to? Sure, what the heck.

My test email address in this case is:
[email protected]

Code:

###################################
#
# ISPConfig local-host-names Configuration File
#         Version 1.0
#
###################################
localhost
server.localdomain
localhost.server.localdomain
localhost.localdomain
www.smallmericles.com
www.ricklynn.com
www.nbmap.com
smallmericles.com
ricklynn.com
nbmap.com
#### MAKE MANUAL ENTRIES BELOW THIS LINE! ####

Here's the mail.log entries for a recent attempt to send:

Code:

Mar 10 12:02:18 localhost postfix/smtpd[20146]: connect from wproxy.gmail.com[64.233.184.196]
Mar 10 12:02:19 localhost postfix/smtpd[20146]: NOQUEUE: reject: RCPT from wproxy.gmail.com[64.233.184.196]: 554 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<wproxy.gmail.com>
Mar 10 12:02:19 localhost postfix/smtpd[20146]: disconnect from wproxy.gmail.com[64.233.184.196]

 

I found out that mail.ricklynn.com is the mail server for ricklynn.com. Then I did this:

Code:

dig mail.ricklynn.com

; <<>> DiG 9.2.1 <<>> mail.ricklynn.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30276
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.ricklynn.com.             IN      A

;; ANSWER SECTION:
[B][COLOR="Red"]mail.ricklynn.com.      3336    IN      CNAME   ricklynn.com.[/COLOR][/B]
ricklynn.com.           3321    IN      A       216.212.44.217

;; Query time: 2 msec
;; SERVER: 81.169.163.104#53(81.169.163.104)
;; WHEN: Sat Mar 11 11:08:32 2006
;; MSG SIZE  rcvd: 65

mail.ricklynn.com is a CNAME, not an A record.

On http://langfeldt.net/DNS-HOWTO/BIND-9/DNS-HOWTO-5.html, I found this:

Please change it!

 

I've changed the DNS entries:

Code:

; <<>> DiG 9.3.1 <<>> mail.ricklynn.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47115
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;mail.ricklynn.com.             IN      A

;; ANSWER SECTION:
mail.ricklynn.com.      3070    IN      A       216.212.44.217

;; AUTHORITY SECTION:
ricklynn.com.           3070    IN      NS      ns3.secureserver.net.
ricklynn.com.           3070    IN      NS      ns4.secureserver.net.

;; ADDITIONAL SECTION:
ns3.secureserver.net.   170722  IN      A       64.202.165.10
ns4.secureserver.net.   170722  IN      A       68.178.211.105

;; Query time: 111 msec
;; SERVER: 216.212.0.10#53(216.212.0.10)
;; WHEN: Mon Mar 13 08:26:47 2006
;; MSG SIZE  rcvd: 135

...but I still get the same results.

I'm also testing smallmericles.com. I set up the DNS differently, without a "mail" subdomain:

Code:

; <<>> DiG 9.3.1 <<>> smallmericles.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14950
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;smallmericles.com.             IN      A

;; ANSWER SECTION:
smallmericles.com.      3360    IN      A       216.212.44.217

;; AUTHORITY SECTION:
smallmericles.com.      3360    IN      NS      NS3.SECURESERVER.NET.
smallmericles.com.      3360    IN      NS      NS4.SECURESERVER.NET.

;; ADDITIONAL SECTION:
NS3.SECURESERVER.NET.   170584  IN      A       64.202.165.10
NS4.SECURESERVER.NET.   170584  IN      A       68.178.211.105

;; Query time: 167 msec
;; SERVER: 216.212.0.10#53(216.212.0.10)
;; WHEN: Mon Mar 13 08:29:04 2006
;; MSG SIZE  rcvd: 135

...but it still behaves the same way, too.

 

I just sent a test mail to [email protected], and it came back.
Is 216.212.44.217 your ISPConfig server?
Can you post /etc/postfix/local-host-names, /etc/postfix/virtusertable and /etc/postfix/main.cf?

 

216.212.44.217 is my public IP. This server is behind my ISPs VINA eLink at 192.168.1.60. Please keep in mind that I'm not a network expert, but this is my understanding of how the network is set up, supported by the fact that the web server is working just fine (i.e., www.ricklynn.com and www.smallmericles.com are working properly).

Code:

###################################
#
# ISPConfig local-host-names Configuration File
#         Version 1.0
#
###################################
localhost
server.localdomain
localhost.server.localdomain
localhost.localdomain
www.smallmericles.com
www.ricklynn.com
www.nbmap.com
smallmericles.com
ricklynn.com
nbmap.com
#### MAKE MANUAL ENTRIES BELOW THIS LINE! ####

Code:

###################################
#
# ISPConfig virtusertable Configuration File
#         Version 1.0
#
###################################
[email protected]    web1_matt
[email protected]    web1_matt
[email protected]    web1_matt
[email protected]    web1_matt
[email protected]    web2_rick
[email protected]    web2_rick
[email protected]    web2_rick
[email protected]    web2_rick
[email protected]    web3_matt
[email protected]    web3_matt
[email protected]    web3_matt
[email protected]    web3_matt
#### MAKE MANUAL ENTRIES BELOW THIS LINE! ####

Code:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

myhostname = server.littleblue.net
virtual_maps = hash:/etc/postfix/virtusertable
mydestination = /etc/postfix/local-host-names
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = server.littleblue.net, littleblue.net, localhost.localdomain, localhost.localdomain, localhost
relayhost =
mynetworks = 192.168.0.0/24,192.168.1.0/24,127.0.0.0/8
mailbox_command =
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
home_mailbox = Maildir/

 

Okay, done.

Well, now I get an entirely different error. Here is the new returned email message:

Code:

This is the Postfix program at host server.littleblue.net.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to <postmaster>

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                       The Postfix program

<[email protected]> (expanded from <[email protected]>): mail
- Show quoted text -
   for littleblue.nbmap.com loops back to myself


Final-Recipient: rfc822; [email protected]
Original-Recipient: rfc822; [email protected]
Action: failed
Status: 5.0.0
Diagnostic-Code: X-Postfix; mail for littleblue.nbmap.com loops back to myself



---------- Forwarded message ----------
From: "Matt Smith" <[email protected]>
To: [email protected], [email protected]
Date: Mon, 13 Mar 2006 11:37:27 -0600
Subject: Mar-13 New Test 1
Here we go, everybody, here we go...
Matt

This is troubling because I changed (or tried to change) my server name from the nbmap.com domain to my littleblue.net domain. (i.e., from littleblue.nbmap.com to server.littleblue.net). I must have missed something since this email claims to be from "Mail Delivery System [email protected]>". Where is that coming from? It should be "Mail Delivery System <[email protected]>", right?

Thanks for your continued assistance! Seems like we're getting somewhere now.

 

Oh, and for that matter, this:

Code:

<[email protected]> (expanded from <[email protected]>)

should say this:

Code:

<[email protected]> (expanded from <[email protected]>)

right?

 

Oh, sure, that works!

But why does it work? Is it going to cause me any troubles later? Why does Postfix think my server is called littleblue.nbmap.com? Or is that a question for some Postfix forum out there? I'd really like to understand what's going on so I can troubleshoot problems if/when things get out of whack!

Thanks so much!

 

No.

Maybe it's your hostname or in /etc/mailname?

 

Bingo. It's /etc/mailname.

Now, after reading up on /etc/mailname I've changed it to littleblue.net and removed littleblue.nbmap.com from local-host-names, just to keep things tidy.

But now email bounces back with:

Code:

This is the Postfix program at host server.littleblue.net.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to <postmaster>

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                       The Postfix program

<[email protected]> (expanded from <[email protected]>): mail for
   littleblue.net loops back to myself


Final-Recipient: rfc822; [email protected]
Original-Recipient: rfc822; [email protected]
Action: failed
Status: 5.0.0
Diagnostic-Code: X-Postfix; mail for littleblue.net loops back to myself



---------- Forwarded message ----------
From: "Matt Smith" <[email protected]>
To: [email protected]
Date: Tue, 14 Mar 2006 08:16:52 -0600
Subject: Mar-13 New Test 3
How dry I am, how dry I am...
Matt

...and this from mail.log...

Code:

Mar 14 08:16:47 localhost postfix/smtpd[7479]: connect from wproxy.gmail.com[64.233.184.204]
Mar 14 08:16:47 localhost postfix/smtpd[7479]: CBA6A9004E6: client=wproxy.gmail.com[64.233.184.204]
Mar 14 08:16:48 localhost postfix/cleanup[7484]: CBA6A9004E6: message-id=<[email protected]>
Mar 14 08:16:48 localhost postfix/qmgr[7464]: CBA6A9004E6: from=<[email protected]>, size=1348, nrcpt=1 (queue active)
Mar 14 08:16:48 localhost postfix/smtpd[7486]: connect from host44-217.birch.net[216.212.44.217]
Mar 14 08:16:48 localhost postfix/smtp[7485]: warning: host littleblue.net[216.212.44.217] greeted me with my own hostname server.littleblue.net
Mar 14 08:16:48 localhost postfix/smtp[7485]: warning: host littleblue.net[216.212.44.217] replied to HELO/EHLO with my own hostname server.littleblue.net
Mar 14 08:16:48 localhost postfix/smtp[7485]: CBA6A9004E6: to=<[email protected]>, orig_to=<[email protected]>, relay=littleblue.net[216.212.44.217], delay=1, status=bounced (mail for littleblue.net loops back to myself)
Mar 14 08:16:48 localhost postfix/smtpd[7486]: disconnect from host44-217.birch.net[216.212.44.217]
Mar 14 08:16:48 localhost postfix/cleanup[7484]: 633309004E9: message-id=<[email protected]>
Mar 14 08:16:48 localhost postfix/qmgr[7464]: 633309004E9: from=<>, size=3176, nrcpt=1 (queue active)
Mar 14 08:16:48 localhost postfix/qmgr[7464]: CBA6A9004E6: removed
Mar 14 08:16:49 localhost postfix/smtp[7485]: 633309004E9: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[64.233.185.27], delay=1, status=sent (250 2.0.0 OK 1142345816 33si1531260wra)
Mar 14 08:16:49 localhost postfix/qmgr[7464]: 633309004E9: removed

Ideas? I guess I could set /etc/mailname back to littleblue.nbmap.com or even just nbmap.com, but I want littleblue.net to be my ISP domain name. It feels like I'm missing something obvious now, but I don't know what to try next.