My scenario is I've qmail working mail server, I've installed ubuntu spam snake on another box in my network, everything works fine, mailscanner is detecting spams and virus mailwatch shows everything allright. My major problem is most of my domain users are roaming users using outlook. Earlier qmail was successfully authenticating for outgoing smtp mails from roaming users. When I've installed spamsnake and forward port 25 on router to my spamsnake my roaming users getting 554 5.7.1 Relay access denied error I think smtp auth is not working so my outside users can not relay mails from outlook. Although when I'm testing mails from inside my network its working fine. Please advice me how to solve this problem. My main.cf file is as follows. smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = /usr/share/doc/postfix # TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache broken_sasl_auth_clients=yes # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = saloni.fenoplast.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = fenoplast.com mydestination = relayhost = mynetworks = 127.0.0.0/8, 192.168.0.0/24 mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all html_directory = /usr/share/doc/postfix/html message_size_limit = 10485760 local_transport = error:No local mail delivery local_recipient_maps = virtual_alias_maps = hash:/etc/postfix/virtual relay_recipient_maps = hash:/etc/postfix/relay_recipients transport_maps = hash:/etc/postfix/transport relay_domains = hash:/etc/postfix/relay_domains smtpd_helo_required = yes smtpd_sender_restrictions = reject_non_fqdn_sender, reject_unknown_sender_domain, permit #smtpd_sender_restrictions = permit smtpd_recipient_restrictions = reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, reject_unauth_pipelining, permit smtpd_data_restrictions = reject_unauth_pipelining header_checks = regexp:/etc/postfix/header_checks
Ok, so let me get this straight. You're relaying outgoing mails from Qmail to the spamsnake? If so, make sure that you have the ip of your qmail box listed in the mynetworks string of main.cf.
yes I'm relaying my outgoing mails from qmail box to spamsnake, as my qmail is on private ip and 192.168.0.0/24 network is already there in network section of main.cf. My problem is for roaming users who use outlook on their laptop and on different public ip. if they use webmail they can send mails. but from outlook they get "Relay access denied" error although they use " My server requires authentication" option on their outlook As I understand spamsnake does not support sasl Auth....it might be the problem? Please suggest me. Thanks.
I don't know if the spamsnake is the problem. I think it has to do with your connection from outlook to qmail. They should be connecting to qmail from their outlook, which in turns sends mail out of the qmail box --> the spamsnake. Therefore I think it's an outlook/qmail issue. When you didn't have a spamsnake, were you able to send mails via outlook?
yes, without spamsnake in between qmail works fine, let me give you complete picture. Earlier port 25, 110 from forwarded to qmail box's IP, when I've put spamsnake I've change port 25 forwarded to spamsnake box to pass traffic through spamsnake. port 110 still forwarded to qmail box. without spamsnake qmail works fine. roaming users can send mails with "My server requires authentication" options in outlook but with spamsnake it gives Relay access denied. Thanks
Hi Manish, From what you are saying, your Outlook users were connecting to QMail on port 25 then you put SpamSnake on Port 25 and now they can't send? can they send internal mails? or is it all mail, internal and external? Is there any reason why you can put Qmail on a different port (by using NAT translation or something similar?) and change the port in Outlook? Saying that have you configurede the SpamSnake server as per Rocky's Howto (http://www.howtoforge.com/the-perfect-spamsnake-ubuntu-jeos-9.10)? If so, how are you able to relay to external domains when the SpamSnake will only deliver to the domains in '/etc/postfix/relay_recipients', '/etc/postfix/relay_domains' and '/etc/postfix/transport'? (least I think this is the case, Anyone, please correct me if im wrong!) Regards Drex
Drex is correct, roaming users won't be able to authenticate against the SpamSnake because it doesn't store your local users, qmail does. What you need to do is change qmail to use port 26, have your users update outlook to use port 26 and forward that port to your qmail box ip. They should be able to go around the SpamSnake to send emails. Rocky
Thanks Rocky and Drex...You have clered my doubt, I was wondering earlier this might be only problem as spamsnake does not authenticate external users, qmail does....thanks a lot.
