incoming mail, relay access denied
Been trying to figure this out...
I have a new server set up about a month ago, CentOS with virtualmin control panel.
On a shared ip, I have one domain that, when someone tries to mail to it, they get a bounce saying:
----------
Final-recipient: rfc822; (username)@(domainname).or
Action: failed
Status: 5.1.1
Diagnostic-Code: smtp; 554 5.7.1 : Relay access denied
----------
and I get a 'Relay access denied' message in the maillog. Like this:
--------
May 24 11:02:55 jessica postfix/smtpd[31268]: NOQUEUE: reject: RCPT from qmta04.westchester.pa.mail
-------------
Mail for this domain has been working ok until yesterday.
I've checked the dns (and the connection is making it to the server), it appears ok. My hosting company confirmed dns was good.
All the other domains are receiving mail ok. I don't see anything that I've set differently for this one.
In a "could this be related?"... the shared ip this domain is on was blacklisted on trendmicro's dul list a few days ago. I wrote them and they said the issue was rdns related (getting the rdns pointed to my server was on my list, but I had not done that yet). I wrote back and they removed me from the blacklist, and I contacted my host and the reverse dns is being set.
However, even after being removed from the blacklist (I have confirmed this), I'm still getting the 'relay access denied' message, and just on that one domain. Wouldn't blacklisting affect all the sites on that ip?
Does postfix have access to the blacklist for verification, and would it have caused a block somehow, I had assumed only spamassassin would do that, after the email was accepted. IF postfix does check blacklists, is there a way to have it's cache flushed? I did have postgrey on, but that is disabled right now until I can fix this, just to make sure it wasn't doing anything.
Any suggestions on how to fix this? And what relay would this be blocking anyway? Postfix to - ?
Chris
I have a new server set up about a month ago, CentOS with virtualmin control panel.
On a shared ip, I have one domain that, when someone tries to mail to it, they get a bounce saying:
----------
Final-recipient: rfc822; (username)@(domainname).or
Action: failed
Status: 5.1.1
Diagnostic-Code: smtp; 554 5.7.1 : Relay access denied
----------
and I get a 'Relay access denied' message in the maillog. Like this:
--------
May 24 11:02:55 jessica postfix/smtpd[31268]: NOQUEUE: reject: RCPT from qmta04.westchester.pa.mail
-------------
Mail for this domain has been working ok until yesterday.
I've checked the dns (and the connection is making it to the server), it appears ok. My hosting company confirmed dns was good.
All the other domains are receiving mail ok. I don't see anything that I've set differently for this one.
In a "could this be related?"... the shared ip this domain is on was blacklisted on trendmicro's dul list a few days ago. I wrote them and they said the issue was rdns related (getting the rdns pointed to my server was on my list, but I had not done that yet). I wrote back and they removed me from the blacklist, and I contacted my host and the reverse dns is being set.
However, even after being removed from the blacklist (I have confirmed this), I'm still getting the 'relay access denied' message, and just on that one domain. Wouldn't blacklisting affect all the sites on that ip?
Does postfix have access to the blacklist for verification, and would it have caused a block somehow, I had assumed only spamassassin would do that, after the email was accepted. IF postfix does check blacklists, is there a way to have it's cache flushed? I did have postgrey on, but that is disabled right now until I can fix this, just to make sure it wasn't doing anything.
Any suggestions on how to fix this? And what relay would this be blocking anyway? Postfix to - ?
Chris
Maciej S
Post output of "postconf -n" command. If you can use your real domain names, it would be easier. If you really don't want to, remember to use the same name in postconf as in your logfiles (every occurrence of your domain mask as mydomain in both places, etc).
ASKER
Hi Oklit,
Don't think that would be a problem, the domain is epiccommunityservices.org I have a test account at test@epiccommunityservices
Am I supposed to put a domain name in with that command? By itself, postconf -n says:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost, jessica.andrews.com
newaliases_path = /usr/bin/newaliases.postfi
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3
sample_directory = /usr/share/doc/postfix-2.3
sender_bcc_maps = hash:/etc/postfix/bcc
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictio
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_option
unknown_local_recipient_re
virtual_alias_maps = hash:/etc/postfix/virtual
Don't think that would be a problem, the domain is epiccommunityservices.org I have a test account at test@epiccommunityservices
Am I supposed to put a domain name in with that command? By itself, postconf -n says:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost, jessica.andrews.com
newaliases_path = /usr/bin/newaliases.postfi
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3
sample_directory = /usr/share/doc/postfix-2.3
sender_bcc_maps = hash:/etc/postfix/bcc
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictio
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_option
unknown_local_recipient_re
virtual_alias_maps = hash:/etc/postfix/virtual
ASKER
I don't quite understand what you mean by:
"remember to use the same name in postconf as in your logfiles (every occurrence of your domain mask as mydomain in both places, etc)."
"remember to use the same name in postconf as in your logfiles (every occurrence of your domain mask as mydomain in both places, etc)."
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you bevhost. I looked there and found some missing entries. Did some more reading and found after fixing I had to reload the db, postmap /etc/postfix/virtual Working now :)