Postfix 554 relay access denied

Hello,

I've a question concerning the configuration of postfix.
I have a server running on SLES 10 where I configured postfix. This server should be a relay host and should also buffer mails if someone will send lots of mails like newsletters for example. The access to this server will be controlled through an ACL.
So I'm able to send mails to internal addresses over this new server to our mail server. But if I try to send a mail to an external address like gmx.net, gmail.com or yahoo.com I've got the error 554 Relay access denied.
So what I want to achieve is that postfix will relay ALL mails (internal and external) to our mail server when the client/application has the permission to send mails.

Here is my config:
/etc/postfix/main.cf (without comments)

Code:

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
mail_owner = postfix

unknown_local_recipient_reject_code = 550
debug_peer_level = 2
debugger_command =
	 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
	 xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = maildrop
html_directory = /usr/share/doc/packages/postfix/html
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/packages/postfix/samples
readme_directory = /usr/share/doc/packages/postfix/README_FILES
inet_protocols = all
biff = no
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical
virtual_alias_maps = hash:/etc/postfix/virtual
virtual_alias_domains = hash:/etc/postfix/virtual
relocated_maps = hash:/etc/postfix/relocated
transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
myhostname = g99la004
program_directory = /usr/lib/postfix
inet_interfaces = 223.99.214.221 ::1
masquerade_domains = smtptest.de
mydestination = $mydomain
defer_transports = 
mynetworks_style = class
disable_dns_lookups = yes
relayhost = [internetmailgateway]
relay_domains = $mydomain, domain1.de, domain2.de, domain3.de
mailbox_command = 
mailbox_transport = 
strict_8bitmime = no
disable_mime_output_conversion = no
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_client_restrictions = 
smtpd_banner = $myhostname - powered by $mail_name 
smtpd_helo_required = no
smtpd_helo_restrictions = 
strict_rfc821_envelopes = no
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = no
smtpd_use_tls = no
smtp_use_tls = no
alias_maps = hash:/etc/aliases
mailbox_size_limit = 0
message_size_limit = 10240000

output of the command postconf -n

Code:

alias_maps = hash:/etc/aliases
biff = no
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
defer_transports = 
disable_dns_lookups = yes
disable_mime_output_conversion = no
html_directory = /usr/share/doc/packages/postfix/html
inet_interfaces = 223.99.214.221 ::1
inet_protocols = all
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_command = 
mailbox_size_limit = 0
mailbox_transport = 
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains = smtptest.de
masquerade_exceptions = root
message_size_limit = 10240000
mydestination = $mydomain
myhostname = g99la004
mynetworks_style = class
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/packages/postfix/README_FILES
relay_domains = $mydomain, domain1.de, domain2.de, domain3.de
relayhost = [internetmailgateway]
relocated_maps = hash:/etc/postfix/relocated
sample_directory = /usr/share/doc/packages/postfix/samples
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtp_sasl_auth_enable = no
smtp_use_tls = no
smtpd_banner = $myhostname - powered by $mail_name
smtpd_client_restrictions = 
smtpd_helo_required = no
smtpd_helo_restrictions = 
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = no
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_use_tls = no
strict_8bitmime = no
strict_rfc821_envelopes = no
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_domains = hash:/etc/postfix/virtual
virtual_alias_maps = hash:/etc/postfix/virtual

The error I've got when I try to send a mail to gmx or yahoo within /var/log/mail:
part out of mail.info

Code:

NOQUEUE: reject: RCPT from server.domain[IP-Address]: 554 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<domain4.com>

I hope you can tell me what's wrong...

Best regards,

 

Either set up SMTP-AUTH on the mail server and enable "Server requires authentication." in your email client, or add your client's IP address/subnet to the mynetworks paramater in /etc/postfix/main.cf (comment out mynetworks_style then). Restart Postfix afterwards.

 

I was having that exact problem earlier, and discovered that same solution.

I added my network IP and everything started to work better, however i now cannot seem to resolve MX records!

As a result i seem to send mails into postfix, but get nothing out the other side, or anything to tell me there was an error!

Thank the lord for the log files, but all they can tell me is they couldn;t find an MX record.



When I dig MX hotmail.co.uk i get nothing, but when i check it on www.dnsstuff.com i find what i expected!




any ideas?

 

What's in /etc/resolv.conf?

 

falco: OK, i should have thought of that!!!

The only nameserver entry was the IP of my router, which seems to work fine with all but MX records!

I added in an extra nameserver, using the one my router got from my ISP, now it works fine!!!


Thanks

 

Hi falko,

thanks for your help. I have changed the variable mynetworks as you suggested and after restarting postfix I was able to send mails even to external addresses.

One question concerning smtp_auth - is this just to set these two variables to "yes"?

Code:

smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = no

or is there more to do? the service saslauthd is running at the moment.

 

Take a look at chapter 7 on http://www.howtoforge.com/perfect_setup_opensuse_10.2_p6 . It shows what you must do to enable SMTP-AUTH.

 

Error 554 Relay Access Denied

R: 554 5.7.1 <[email protected]>: Relay access denied

i am trying to relay mail to linux box
and ge this error i can send and receive emails through linux box.

i know i have to do Mynetwork setting but can you please help me in correctly seting them up

okay my linux box is 192.168.10.226 (IP) but 192.168.10.1 is the defualt gateway.

now the email which i am relaying on to this linux machine is

192.168.0.77 (ip) 192.168.0.1 defualt gateway

how can i set it up , i dont want to setup SMTP AUth

 

ERROR(23049093): SockCode=-10053 SeeCode=-52 PrevState=203 ThisState=204 NextState=204
vSock write error.Connection timed-out or aborted.vSocket: 0 closed


how can i fix this please

 

Add 192.168.0.77/32 to the mynetworks parameter in /etc/postfix/main.cf and restart Postfix.

 

how to get query mail queue

hi falks,

thank you for your help, one more qustion is when i send emails out i get deferred mails, which are in deferred queue i want to copy all those emails to a csv file or excel how can i do it...please help

 

The

Code:

postqueue -p

command could help you.