Solved

Postfix and Dovecot new mail setup not working

Posted on 2013-11-22
11
381 Views
Last Modified: 2013-11-26
Installed Postfix and Dovecot today, I'm receiving email fine but, I cannot send at all, no matter where I try and send an email to I get.........

Transaction failed
554 5.7.1 <email address@domain.com>: Relay access denied

I'm VERY weak with Linux - can someone give me some guidance

If I change the line in my /etc/postfix/main.cf to

mynetworks = localhost

Open in new window


Then it works, but my Outlook client stops being able to send and my iPhone does not work with my mail account.

Pete
0
Comment
Question by:Pete Long
  • 6
  • 5
11 Comments
 
LVL 16

Expert Comment

by:Enphyniti
ID: 39670103
You probably want to define your networks manually.  Is the server on the same subnet as your outlook client?

At anyrate, if you're relaying for 'mynetworks' then 'mynetworks' has to contain the address info for everything you want to relay for.  You can enter this in class or host mode

mynetworks = 127.0.0.0/8, 192.168.0.0/28

etc...  try that and reload postfix
0
 
LVL 57

Author Comment

by:Pete Long
ID: 39670199
I could enter 0.0.0.0/0 but I suspect then I suspect I would be an open relay?

There must be a way to only allow authenticated users to send/relay?

PL
0
 
LVL 57

Author Comment

by:Pete Long
ID: 39670211
I could  be using any IP at any site - Outlook needs to be able to connect to and send via SMTP as does my iphone? I cant add every single IP address I might need to send from?
0
 
LVL 57

Author Comment

by:Pete Long
ID: 39670230
0.0.0.0/0 works

It seems to ad authentication I need to add, to

smtpd_recipient_restrictions,

"permit_sasl_authenticated,reject_unauth_destination"

But thats not making any sense at the moment......................
0
 
LVL 16

Accepted Solution

by:
Enphyniti earned 500 total points
ID: 39670242
Ah.  I gotcha.

Yeah, you don't want to set up an open relay.  What you are looking for is authentication via ESMTP or POP-before_SMTP.  With Pop-before-SMTP, essentially, IPs from which successful POP authentications are made are added to a short term relay list.  The duration is configurable.  It's been many years since I did it, but it worked okay.

I've never used ESMTP, but you might want to look into that first.

take a look at this link: http://wiki2.dovecot.org/HowTo/PopBSMTPAndDovecot
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 57

Author Comment

by:Pete Long
ID: 39670279
I think this will de what I need http://www.postfix.org/SASL_README.html
0
 
LVL 16

Expert Comment

by:Enphyniti
ID: 39670312
yeah that looks like it would work as well.
0
 
LVL 57

Author Comment

by:Pete Long
ID: 39670357
it didn't - my lack of Linux knowledge is very frustrating I don't have a clue what I'm doing ;(
0
 
LVL 16

Expert Comment

by:Enphyniti
ID: 39670365
That makes it pretty difficult to run a mailserver.  Have you considered Google Apps or Office 365?
0
 
LVL 16

Expert Comment

by:Enphyniti
ID: 39670417
Sorry, I re-read that last post and realized it's not very helpful and comes off kind of rude.

I only mean to illustrate that getting a mailserver running is only part of maintaining one, and probably not even the most difficult part at that.  You're also on the hook for diagnosing and fixing it when it breaks, and knowing the signs of external intrusion and what do do about it.

Without a solid understanding of the underlying OS, you might be setting yourself up for some long and frustrating evenings of despair in the future.

I only mentioned the alternatives because they might be more practical for your situation.

On the other hand, if this is not a business/production system and you're just doing it to learn, then there's no better way to learn than by doing.

I would start with PopBSMTP since it is probably the easiest to implement even if it's not the "best" method out there.
0
 
LVL 57

Author Comment

by:Pete Long
ID: 39679275
No offence taken M8 :)

>>>I only mean to illustrate that getting a mailserver running is only part of maintaining one, and probably not even the most difficult part at that.  You're also on the hook for diagnosing and fixing it when it breaks, and knowing the signs of external intrusion and what do do about it.

I agree, I look after a few hundred M$ Exchange Servers :)

It took me a while to get this problem sorted, but for the benefit of anyone else who finds this Q this is how I did it..................

Configure Postfix for SASL Authentication from Dovecot

Thanks for your help - I hope I can return the favor one day in one of my stronger TAs

Pete
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
android phone won't sync contacts with gmail 2 94
Setting up gmail and iPhone 6 3 53
Export content of emails to Word document 9 57
Unable to view Outlook 2013 calendar 2 60
Problem: You created a new custom form in Outlook for your contacts (added fields, deleted fields, changed the layout of fields, whatever) and made it the default form for contacts. The good news is that all new contacts will utilize the new form. T…
Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now