incoming mail, relay access denied

Posted on 2009-05-24
Medium Priority
Last Modified: 2013-12-16
Been trying to figure this out...

I have a new server set up about a month ago, CentOS with virtualmin control panel.

On a shared ip, I have one domain that, when someone tries to mail to it, they get a bounce saying:

Final-recipient: rfc822; (username)@(domainname).org
Action: failed
Status: 5.1.1
Diagnostic-Code: smtp; 554 5.7.1 : Relay access denied

and I get a 'Relay access denied' message in the maillog. Like this:

May 24 11:02:55 jessica postfix/smtpd[31268]: NOQUEUE: reject: RCPT from qmta04.westchester.pa.mail.comcast.net[]: 554 5.7.1 <test@(domainname).org>: Relay access denied; from=<chris@(mydomain).com> to=<test@(domainname).org> proto=ESMTP helo=<QMTA04.westchester.pa.mail.comcast.net>

Mail for this domain has been working ok until yesterday.

I've checked the dns (and the connection is making it to the server), it appears ok.  My hosting company confirmed dns was good.

All the other domains are receiving mail ok. I don't see anything that I've set differently for this one.

In a "could this be related?"... the shared ip this domain is on was blacklisted on trendmicro's dul list a few days ago. I wrote them and they said the issue was rdns related (getting the rdns pointed to my server was on my list, but I had not done that yet). I wrote back and they removed me from the blacklist, and I contacted my host and the reverse dns is being set.

However, even after being removed from the blacklist (I have confirmed this), I'm still getting the 'relay access denied' message, and just on that one domain. Wouldn't blacklisting affect all the sites on that ip?

Does postfix have access to the blacklist for verification, and would it have caused a block somehow, I had assumed only spamassassin would do that, after the email was accepted. IF postfix does check blacklists, is there a way to have it's cache flushed? I did have postgrey on, but that is disabled right now until I can fix this, just to make sure it wasn't doing anything.

Any suggestions on how to fix this? And what relay would this be blocking anyway? Postfix to - ?

Question by:St_Aug_Beach_Bum
  • 3
LVL 23

Expert Comment

by:Maciej S
ID: 24463094
Post output of "postconf -n" command. If you can use your real domain names, it would be easier. If you really don't want to, remember to use the same name in postconf as in your logfiles (every occurrence of your domain mask as mydomain in both places, etc).

Author Comment

ID: 24463133
Hi Oklit,

Don't think that would be a problem, the domain is epiccommunityservices.org  I have a test account at test@epiccommunityservices.org  

Am I supposed to put a domain name in with that command?  By itself, postconf -n says:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost, jessica.andrews.com
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sender_bcc_maps = hash:/etc/postfix/bcc
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual

Author Comment

ID: 24463469
I don't quite understand what you mean by:

"remember to use the same name in postconf as in your logfiles (every occurrence of your domain mask as mydomain in both places, etc)."
LVL 19

Accepted Solution

bevhost earned 2000 total points
ID: 24464269
epiccommunityservices.org must be listed in mydestination or in the /etc/postfix/virtual file if it is a virtual domain.
Otherwise postfix won't see it as a domain it has mailboxes for and will try to relay it somewhere?
It could also be setup in virtual_alias_domains parameter in main.cf

If you have only a small  number of domains, then you probably list them all in my_destination.

Author Closing Comment

ID: 31584874
Thank you bevhost.  I looked there and found some missing entries.  Did some more reading and found after fixing I had to reload the db, postmap /etc/postfix/virtual  Working now :)

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Stellar Exchange Toolkit: this 5 in 1 toolkit comes loaded with mega-software tool. Here’s an introduction to tools’ usage and advantages:
This installment of Make It Better gives Media Temple customers the latest news, plugins, and tutorials to make their Grid shared hosting experience that much smoother.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Suggested Courses

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question