• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 398
  • Last Modified:

Postfix and Dovecot new mail setup not working

Installed Postfix and Dovecot today, I'm receiving email fine but, I cannot send at all, no matter where I try and send an email to I get.........

Transaction failed
554 5.7.1 <email address@domain.com>: Relay access denied

I'm VERY weak with Linux - can someone give me some guidance

If I change the line in my /etc/postfix/main.cf to

mynetworks = localhost

Open in new window


Then it works, but my Outlook client stops being able to send and my iPhone does not work with my mail account.

Pete
0
Pete Long
Asked:
Pete Long
  • 6
  • 5
1 Solution
 
Jon BrelieSystem ArchitectCommented:
You probably want to define your networks manually.  Is the server on the same subnet as your outlook client?

At anyrate, if you're relaying for 'mynetworks' then 'mynetworks' has to contain the address info for everything you want to relay for.  You can enter this in class or host mode

mynetworks = 127.0.0.0/8, 192.168.0.0/28

etc...  try that and reload postfix
0
 
Pete LongTechnical ConsultantAuthor Commented:
I could enter 0.0.0.0/0 but I suspect then I suspect I would be an open relay?

There must be a way to only allow authenticated users to send/relay?

PL
0
 
Pete LongTechnical ConsultantAuthor Commented:
I could  be using any IP at any site - Outlook needs to be able to connect to and send via SMTP as does my iphone? I cant add every single IP address I might need to send from?
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
Pete LongTechnical ConsultantAuthor Commented:
0.0.0.0/0 works

It seems to ad authentication I need to add, to

smtpd_recipient_restrictions,

"permit_sasl_authenticated,reject_unauth_destination"

But thats not making any sense at the moment......................
0
 
Jon BrelieSystem ArchitectCommented:
Ah.  I gotcha.

Yeah, you don't want to set up an open relay.  What you are looking for is authentication via ESMTP or POP-before_SMTP.  With Pop-before-SMTP, essentially, IPs from which successful POP authentications are made are added to a short term relay list.  The duration is configurable.  It's been many years since I did it, but it worked okay.

I've never used ESMTP, but you might want to look into that first.

take a look at this link: http://wiki2.dovecot.org/HowTo/PopBSMTPAndDovecot
0
 
Pete LongTechnical ConsultantAuthor Commented:
I think this will de what I need http://www.postfix.org/SASL_README.html
0
 
Jon BrelieSystem ArchitectCommented:
yeah that looks like it would work as well.
0
 
Pete LongTechnical ConsultantAuthor Commented:
it didn't - my lack of Linux knowledge is very frustrating I don't have a clue what I'm doing ;(
0
 
Jon BrelieSystem ArchitectCommented:
That makes it pretty difficult to run a mailserver.  Have you considered Google Apps or Office 365?
0
 
Jon BrelieSystem ArchitectCommented:
Sorry, I re-read that last post and realized it's not very helpful and comes off kind of rude.

I only mean to illustrate that getting a mailserver running is only part of maintaining one, and probably not even the most difficult part at that.  You're also on the hook for diagnosing and fixing it when it breaks, and knowing the signs of external intrusion and what do do about it.

Without a solid understanding of the underlying OS, you might be setting yourself up for some long and frustrating evenings of despair in the future.

I only mentioned the alternatives because they might be more practical for your situation.

On the other hand, if this is not a business/production system and you're just doing it to learn, then there's no better way to learn than by doing.

I would start with PopBSMTP since it is probably the easiest to implement even if it's not the "best" method out there.
0
 
Pete LongTechnical ConsultantAuthor Commented:
No offence taken M8 :)

>>>I only mean to illustrate that getting a mailserver running is only part of maintaining one, and probably not even the most difficult part at that.  You're also on the hook for diagnosing and fixing it when it breaks, and knowing the signs of external intrusion and what do do about it.

I agree, I look after a few hundred M$ Exchange Servers :)

It took me a while to get this problem sorted, but for the benefit of anyone else who finds this Q this is how I did it..................

Configure Postfix for SASL Authentication from Dovecot

Thanks for your help - I hope I can return the favor one day in one of my stronger TAs

Pete
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 6
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now