Hi, I followed the instruction pretty thoroughly unfortunately I am having issues. When I try to relay through the machine I get denied. I don't have any entries in the Baruwa db and I am unsure of how they get there. When i change the transport map to point at a hash file I am get transport unavailable and unable to verify. The getadsmpt script woorks just fine and i hashed that too. Here is conf files and and log of the deny. Any help? # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = ESMTP SpamSnake biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = /usr/share/doc/postfix # TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = belatrix.mycompany.on.ca alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = mycompany.on.ca mydestination = relayhost = mynetworks = 127.0.0.0/8, 10.9.1.0/24 mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all html_directory = /usr/share/doc/postfix/html message_size_limit = 10485760 local_transport = error:No local mail delivery local_recipient_maps = verify_recipient = reject_unknown_recipient_domain, reject_unverified_recipient look_ahead = check_recipient_access hash:/etc/postfix/access unverified_recipient_reject_code = 550 address_verify_map = btree:/var/lib/postfix/verify relay_domains = mysql:/etc/postfix/mysql-relay_domains.cf relay_recipient_maps = hash:/etc/postfix/relay_recipients transport_maps = mysql:/etc/postfix/mysql-transports.cf virtual_alias_maps = hash:/etc/postfix/virtual disable_vrfy_command = yes strict_rfc821_envelopes = no smtpd_delay_reject = yes smtpd_recipient_limit = 100 smtpd_helo_required = yes smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, permit smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, permit smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_sender_domain, permit smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_recipient_domain, reject_unauth_destination, look_ahead, whitelist_policy, grey_policy, rbl_policy, spf_policy, permit smtpd_data_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining smtpd_restriction_classes = spf_policy, rbl_policy, grey_policy, whitelist_policy, verify_recipient, look_ahead spf_policy = check_policy_service unixrivate/policy rbl_policy = reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net grey_policy = check_policy_service unixrivate/greyfix whitelist_policy = check_sender_access mysql:/etc/postfix/mysql-global_whitelist.cf header_checks = regexp:/etc/postfix/header_checks (ip's names changed) Dec 13 14:42:10 belatrix postfix/smtpd[6613]: NOQUEUE: reject: RCPT from mail.sender.com[212.32.35.213]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail.sender.com>
Hey, Baruwa Setup Instructions: Log into Baruwa as admin --> Settings --> Accounts --> Create Account Once you've created the user, you'll get 2 new tabs on that page, Profile Settings and Associated Addresses Fill out Profile Settings choosing Domain Admin and set a low score of 6 and a high score of 9 and check scan email. Fill out the Associated Addresses or domains for which the user is the admin of eg. domain.com. domain.com will show up under the Associated Addresses header. Click on domain.com and you'll be taken into Domain Information. Go ahead and add your smtp server, or the ip of the receiving smtp server. Select enable and if you use a non-standard port, set it, otherwise use 25. Once you've done that, you can click on the test button next to the pencil, to see if your receiving server will accept the connection. Now, you can log out as admin, and log in as the user you just setup and mails should start flowing. The relay_domains and transports settings in main.cf will use the entries you've provided in Baruwa. Therefore, no hash file is required. *Note: If you're using relay_recipients hash populated by the script, then you don't need the following in main.cf: verify_recipient = reject_unknown_recipient_domain, reject_unverified_recipient look_ahead = check_recipient_access hash:/etc/postfix/access unverified_recipient_reject_code = 550 address_verify_map = btree:/var/lib/postfix/verify Remove look_ahead from smtpd_recipient_restrictions. Remove look_ahead and verify_recipient from smtpd_restriction_classes. Let me know if this helped. Thanks, Rocky
