New Install - Works Great But.

Discussion in 'Installation/Configuration' started by fraginhell, Dec 22, 2005.

  1. fraginhell

    fraginhell New Member

    Hi Guys.
    I did an Install on Cent OS 4 and all has gone very well. Every thing seams to be working fine. I have created a reseller/client and one site.
    All Access is good everything is working as it should, however there's just one bit I'm not too sure on.
    I ran an external open relay test which passed ok (it denyed sending any mail)
    I setup an account in Outlook 2003.
    Under Accounts -> more setting-> outgoing server I clicked outgoing server requires auth + log into incoming mail before sending.
    I can get mail ok, but when I try to send I found the following error in the log, however the mail still got sent.

    Dec 22 23:08:22 webserver postfix/smtpd[14883]: NOQUEUE: reject: RCPT from unknown[]: 554 <[email protected]>: Relay access denied; from=<keith@????.com> to=<[email protected]> proto=ESMTP helo=<homer>

    however It arrived into my hotmail account shortly afterwards, what have I got setup wrong.

    Thanks for any help.
  2. falko

    falko Super Moderator Howtoforge Staff

    Can you send to other email accounts than hotmail that are not on your server?
  3. fraginhell

    fraginhell New Member

    Yup I can send out to any account, which is why I was wondering If I had my outlook setup correctly?
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    What is the setting of your mynetworks variable in your postfix file?
  5. falko

    falko Super Moderator Howtoforge Staff

    I could imagine the hotmail blocks emails that come from dynamic IP addresses. Does your server have a dynamic or a static IP address?
  6. fraginhell

    fraginhell New Member

    I have static IP with an SPF record so smtp to hotmail works ok, both with the ispconfig setup and my old setup.

    I checked the of postfix included below. I notice there is not a permit my networks setting (I did'nt configure it) it just as is then followed your install for Fedora Core 4 so either I missed some thing or its just a thing from centos.

    queue_directory = /var/spool/postfix
    command_directory = /usr/sbin
    daemon_directory = /usr/libexec/postfix
    mail_owner = postfix
    inet_interfaces = all
    unknown_local_recipient_reject_code = 550
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    debug_peer_level = 2
    debugger_command =
    xxgdb $daemon_directory/$process_name $process_id & sleep 5
    sendmail_path = /usr/sbin/sendmail.postfix
    newaliases_path = /usr/bin/newaliases.postfix
    mailq_path = /usr/bin/mailq.postfix
    setgid_group = postdrop
    html_directory = no
    manpage_directory = /usr/share/man
    sample_directory = /usr/share/doc/postfix-2.1.5/samples
    readme_directory = /usr/share/doc/postfix-2.1.5/README_FILES
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtpd_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    virtual_maps = hash:/etc/postfix/virtusertable
    mydestination = /etc/postfix/local-host-names

    Can you also confirm if I have my outlook client setup correctly.
    From what I'm guessing about what Ive read clients should only be able to send email once they have already auth'd using TLS.

    Thanks again for all your help.

  7. fraginhell

    fraginhell New Member

    I think I migth have found the problem. I enabled use same settings as my incoming mail server rather than log on to incoming mail server before sending. I'm no longer getting relay access denied any more. My only worry is why did it still allow me to send mail, unless my_permitnetworks was overriding it?
  8. falko

    falko Super Moderator Howtoforge Staff

    Ah, you're talking about your Outlook settings. Yes, this is correct.

    If you're sending emails to users that are on the server, then you don't have to authenticate.
    If your mynetworks setting allowed you to send without authentication to external email addresses, than you shouldn't have got the relay access denied message. I don't know why the email arrived anyway...:confused:

Share This Page