Ricky Nguyen
asked on
Postfix - Relay Access Denied - Error 554 5.7.1
Hi Experts,
Please help me... :(
I'm trying to setup Postfix on Debian server which also have Bind9 installed.
I managed to get my Postfix email server to send mails successfully to the local domain and received successfully a test external email from my hotmail account. The box is also sitting behind a firewall with ports 25,2525 & 587 opened for inbound and outbound.
What I can't do is send a reply email to that hotmail account and getting the following unsuccessful message in the log entries:
Please see my main.cf file (I replaced real domain name for mydomain1&2):
For the master.cf file - the only changes made were adding extra ports for postfix to listen to as my ISP blocks port 25 and have purchased a relay service from TZO.com to overcome this limitation:
I don't really understand what the maillog is telling me so I'm hoping you can help point me in the right direction. How can I overcome this Relay Access Denied error or is there a way to disable/enable this parameter?
I thank you in advance.
Ric
Please help me... :(
I'm trying to setup Postfix on Debian server which also have Bind9 installed.
I managed to get my Postfix email server to send mails successfully to the local domain and received successfully a test external email from my hotmail account. The box is also sitting behind a firewall with ports 25,2525 & 587 opened for inbound and outbound.
What I can't do is send a reply email to that hotmail account and getting the following unsuccessful message in the log entries:
Apr 28 22:02:28 ns1 postfix/qmgr[2884]: 58D731DA80: from=<root@xxxxx>, size=479, nrcpt=1 (queue active)
Apr 28 22:02:28 ns1 postfix/local[3003]: 58D731DA80: to=<xxxxx@xxxxx>, orig_to=<root>, relay=local, delay=0.09, delays=0.05/0.01/0/0.04, dsn=2.0.0, status=sent (delivered to command: procmail -a "$EXTENSION")
Apr 28 22:02:28 ns1 postfix/qmgr[2884]: 58D731DA80: removed
Apr 28 22:19:46 ns1 postfix/smtpd[3044]: connect from c114-76-235-101.farfl3.nsw.optusnet.com.au[114.76.235.101]
Apr 28 22:20:09 ns1 postfix/smtpd[3044]: NOQUEUE: reject: RCPT from c114-76-235-101.farfl3.nsw.optusnet.com.au[114.76.235.101]: 554 5.7.1 <xxxxxx@hotmail.com>: Relay access denied; from=<xxxxx@xxxxx> to=<xxxxx@hotmail.com> proto=SMTP helo=<mail>
Apr 28 22:20:13 ns1 postfix/smtpd[3044]: disconnect from c114-76-235-101.farfl3.nsw.optusnet.com.au[114.76.235.101]
Please see my main.cf file (I replaced real domain name for mydomain1&2):
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_recipient_restrictions = permit_sasl_authenticated
smtpd_sender_restrictions = permit_sasl_authenticated
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = ns1.mydomain1
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = mydomain1
mydestination = ns1.mydomain1, localhost.mydomain1, , localhost.$mydomain, $myhostname, mydomain1
relayhost = [omr.tzo.com]:2525
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.0.0/24
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocals = all
relay_domains = mydomain1, mydomain2
For the master.cf file - the only changes made were adding extra ports for postfix to listen to as my ISP blocks port 25 and have purchased a relay service from TZO.com to overcome this limitation:
smtp inet n - n - - smtpd
2525 inet n - n - - smtpd
25 inet n - n - - smtpd
I don't really understand what the maillog is telling me so I'm hoping you can help point me in the right direction. How can I overcome this Relay Access Denied error or is there a way to disable/enable this parameter?
I thank you in advance.
Ric
ASKER
Hi Arnold, thank you for your prompt reply. I can't seem to find the option for 587. I'm just finding it really difficult locating any definitive resources on setting up Postfix. I must have gone through hundreds of websites.
I'm thinking of getting a book. Would you recommend The Book of Postfix by Ralf Hildebrandt & Patrick Koetteror or Postfix by Richard Blum or is there any others?
I have a copy of Postfix: The Definitive Guide but find it too summarised and not enough focus on Postfix setup.
I'm thinking of getting a book. Would you recommend The Book of Postfix by Ralf Hildebrandt & Patrick Koetteror or Postfix by Richard Blum or is there any others?
I have a copy of Postfix: The Definitive Guide but find it too summarised and not enough focus on Postfix setup.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks very much arnold.
/etc/postfix/master.conf
uncomment the lines with
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=
Do the same for the smtps options for (587)
Then configure your email client to authenticate.
Once you authenticate to the mail server, it will let you relay through it.