how to set relay_domains to any destination /

Hi,

I'm trying to configure PostFix to send mail to anywhere..

however, I can only send mail to destinations which I set in the var relay_domains

I mean, if i want to send mail to someone@hotmail.com i have to set
relay_domains = hotmail.com

If i want to send to hotmail.com and yahoo.com i have to set:
relay_domains = hotmail.com, yahoo.com

so, how do I set to send to any domain? I tried relay_domains = all but it didnt work

thank you
alpiresAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
Do you have transports defined?

Have a look at http://www.postfix.org/docs.html to make sure you understand what the setting does.
http://www.postfix.org/docs.html

To send out email messages from locally submitted email, you do not need to configure relay_domains.
relay_domains is used to allow others to use your mail server to send/relay email messages to these domains.

You should configure authentication in postfix which will let you or anyone who authenticates to send emails through this mailserver to anywhere the email is addressed.

Are you using a local email client like kmail, mutt pine (terminal non-graphical) or Gentoo equivalent GUI?
0
alpiresAuthor Commented:
I just installed postfix on ubuntu from terminal..

I want to configure authenticated server.. but i was testing step by step..
I'm noob at linux much more at postfix..

i tought first step would be send email from telnet on (window's cmd) without auth.. then later i'd try to set the auth..

so can u help me ? :D

what If i post my main.cf ?

thank you
0
tty2Commented:
relay_domains = $mydestination
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

alpiresAuthor Commented:
wouldnt work..

220 mail.judsmtp.com.br ESMTP Postfix (Ubuntu)
mail from:<contato@judsmtp.com.br>
250 2.1.0 Ok
rcpt to:<judson@apcsoftware.com.br>
554 5.7.1 <judson@apcsoftware.com.br>: Relay access denied


see my configs:

myhostname = mail.judsmtp.com.br
mydomain = judsmtp.com.br
myorigin = $mydomain
inet_interfaces = all
mynetworks = 192.168.0.0/16, 127.0.0.0/8
mydestination = $myhostname, localhost.$mydomain, $mydomain


i have to configure the relay_domains to send to @anythingIwant
0
arnoldCommented:
first you have to define
mynetworks=127.0.0.0/8, [LAN_IP_segment]
i.e. if your LAN is 192.168.0.0/24 you would replace the [LAN_IP_segment] with 192.168.0.0/24.
once this change is done, telnet 192.168.0.x 25 will let you send any email to any destination.

An alternate method to test the email configuration without going through the telnet and SMTP session process is:
echo "To: <email_address_of_recipient>
From: <email_address_of_sender
Subject: enter what you want here

Enter the body of the message here

" | /usr/bin/sendmail -oi -t
check /var/log/maillog to see what happened to the message.
0
arnoldCommented:
what is the IP to which you are connecting?
is the IP in the 192.168.0.0/16 range or are you using the external IP of your router?
Did you restart postfix after you made the changes.  Look in /var/log/maillog to see what IP it lists for the SMTP connection.  If this IP is not in the 127.0.0.0/8 nor in the 192.168.0.0/16 range it will not let you relay.
Try the non-SMTP session example I provided.
0
alpiresAuthor Commented:
i'm not trying to send from lan, i'm trying to send from outside...
you can try yourself:

telnet 189.35.145.83 25

check it
0
arnoldCommented:
You can not send from outside unless you authenticate first.
you do not want to setup your mail server as a limited open relay which adding the two domains you referenced to relay_domains list would lead to.

look at /etc/postfix/access
you can add an entry there
<yourIP> OK
and after processing your remote system will be allowed to relay as long as your IP remains the one you entered in the access file.
The other option is to configure/setup authentication.
edit /etc/postfix/master.cf and uncomment the "-o smtpd_sasl" line.
reload/restart postfix and your postfix will now authenticate based on the systems configuration i.e. local users /etc/passwd or if it is joined to an AD using winbind or LDAP/NIS/NIS+ via nsswitch.conf.

when establishing an SMTP session say hello (ehlo <yourhostname.)
You will see a display of supported extended commands.
0
alpiresAuthor Commented:
how do i set user/pass and enable auth.. so I can try with outlook

note that I want to send mail only, pop is not interesting for me
0
tty2Commented:
Please, show the output of

postconf | grep relay_domains

Must be

relay_domains = $mydestination

It is set in /etc/postfix/main.cf.
0
alpiresAuthor Commented:
root@judson-desktop:/home/judson# postconf | grep relay_domains
fast_flush_domains = $relay_domains
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $sender_bcc_maps $recipient_bcc_maps $smtp_generic_maps $lmtp_generic_maps
relay_domains = $mydestination
relay_domains_reject_code = 554
0
tty2Commented:
If you try to send email from outsidevia telnet, it is normal - relay must be denied.
If you want, add your IP to
mydestination = $myhostname, localhost.$mydomain, $mydomain,<your_ip>
0
alpiresAuthor Commented:
but i want to send from anywhere.. not only where its setted up to send..

i just want to auth and send
0
tty2Commented:
Authentication in postfix howto:
http://www.postfix.org/SASL_README.html
0
arnoldCommented:
edit /etc/postfix/master.cf and remove the # on the line where -o smtpd_sasl* is.
reload/restart postfix and you should be good to go using local users with the exception of root as I explained in an earlier comment: #30643470.
0
alpiresAuthor Commented:
arnold, its not what I want ..

I want be able to configure outlook from anywhere to send authenticated email using this server

I wont send from local machine
0
arnoldCommented:
You first have to enable the authentication on your postfix server which is what uncomenting the entry "-o smtpd_sasl" in the master.cf file does upon restart of the postfix service..
0
alpiresAuthor Commented:
ok, from master.cf
uncomented line   -o smtpd_sasl_auth_enable=yes

what next?
0
alpiresAuthor Commented:
i thnk its starting to work..
outlook is asking for user and password
where do I set it ? :D
0
tty2Commented:
The saslpasswd2 command-line utility creates and maintains the database:

    % saslpasswd2 -c -u example.com username
    Password:
    Again (for verification):

This command creates an account username@example.com.

    Important

    users must specify username@example.com as login name, not username.

Run the following command to reuse the Postfix mydomain parameter value as the login domain:

    % saslpasswd2 -c -u `postconf -h mydomain` username
    Password:
    Again (for verification):

    Note

    Run saslpasswd2 without any options for further help on how to use the command.

The sasldblistusers2 command lists all existing users in the sasldb database:

    % sasldblistusers2
    username1@example.com: password1
    username2@example.com: password2

http://www.postfix.org/SASL_README.html
0
alpiresAuthor Commented:
i have created username as you say.. but its not authenticating yet..
i'm getting error "Could not authenticate" from outlook

root@judson-desktop:/home/judson# saslpasswd2 -c -u `postconf -h mydomain` judson
Password:
Again (for verification):
root@judson-desktop:/home/judson# sasldblistusers2
judson@judsmtp.com.br: userPassword
root@judson-desktop:/home/judson#


i am trying to auth using judson@judsmtp.com.br and my password...
0
tty2Commented:
There is a lot of parameters in main.cf:
permit_sasl_authenticated,
smtpd_sasl_auth_enable,
smtpd_sasl_security_options,
smtpd_sasl_local_domain,
smtpd_sasl_path,
broken_sasl_auth_clients...
Check howto.
0
arnoldCommented:
tty2 provided you information on setting up virtual domain/user authentication.
The other option is to use the local user from /etc/passwd.
useradd -m -c "Postfix test auth user" -k -s /bin/bash <username>
passwd <username>

Try using this user to login.  Check the /var/log/maillog for information on what the issues might be. When configuring outlook which settings are you using?
0
alpiresAuthor Commented:
isnt there easier settings for auth? .. i read a tuto which say to just add these lines, create the saslpass and done.. but its not working:

smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/saslpass
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain =
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, permit

saslpass file
servers ip TAB user:pass
0
arnoldCommented:
Check the log of /var/log/maillog to see what is going on.  You telling me what is not working without any detail on what you are providing and how you configured outlook does not make it clear what the issue might be.  What if anything does outlook displays in the error.
What settings did you configure in outlook for the auhtnetication? What are you providing for the username user@domain or just user?

http://postfix.state-of-mind.de/patrick.koetter/smtpauth/smtp_auth_mailclients.html
0
alpiresAuthor Commented:
I configured my main.cf as the tuto explains.. but its not working yet :S


root@judson-desktop:/home/judson# postfix reload
postfix/postfix-script: refreshing the Postfix mail system
root@judson-desktop:/home/judson# telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 mail.judsmtp.com.br ESMTP Postfix (Ubuntu)
EHLO mail.judsmtp.com.br
250-mail.judsmtp.com.br
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN DIGEST-MD5 NTLM CRAM-MD5
250-AUTH=LOGIN PLAIN DIGEST-MD5 NTLM CRAM-MD5
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.
root@judson-desktop:/home/judson# printf 'test\0test\0testpass' | mmencode
dGVzdAB0ZXN0AHRlc3RwYXNz
root@judson-desktop:/home/judson# telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 mail.judsmtp.com.br ESMTP Postfix (Ubuntu)
EHLO localhost
250-mail.judsmtp.com.br
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN DIGEST-MD5 NTLM CRAM-MD5
250-AUTH=LOGIN PLAIN DIGEST-MD5 NTLM CRAM-MD5
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth plain
334
dGVzdAB0ZXN0AHRlc3RwYXNz
535 5.7.8 Error: authentication failed: authentication failure
quit
221 2.0.0 Bye
Connection closed by foreign host.
root@judson-desktop:/home/judson#




main.cf

myhostname = mail.judsmtp.com.br
mydomain = judsmtp.com.br
myorigin = $mydomain
mynetworks = 192.168.0.0/16, 127.0.0.0/8
mydestination = $myhostname, localhost.$mydomain, $mydomain

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
relay_domains =
smtpd_recipient_restrictions =
   permit_sasl_authenticated,
   permit_mynetworks,
   check_relay_domains
0
alpiresAuthor Commented:
and my outlook is configured as it is supposed to be :)

pop/smtp server: 189.35.145.83 (pop wont work, doesnt matter.. i want smtp only)

judson@smtp.com.br
pass 123123

"my server requires auth" is checked.. feel free to try urself
server is on
0
alpiresAuthor Commented:
judson@judsmtp.com.br *
0
arnoldCommented:
I think you are not encoding it properly

You have username/password yet you are encoding three things.
http://www.technoids.org/saslmech.html
the other problem it is not clear which is the valid username/password.
try to see whether the AUTH login works:
username encoded in base64 is the first response.
password encoded in base64 is the second response.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
alpiresAuthor Commented:
would you like to connect though SSH and try it? i'm not getting how to do this :S

server: 189.35.145.83
login as root
pass 123
0
alpiresAuthor Commented:
this is testing server.. if you fix, please save each command line you did, so I can do the same in my main server
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Servers

From novice to tech pro — start learning today.