Solved

postfix can not get relaying from outside server to work

Posted on 2014-02-11
15
860 Views
Last Modified: 2014-02-17
I am trying to get relaying from my outside server to my mail server. And it seems what ever i do the relay gets rejected

So on my server i have
define(`SMART_HOST', `mail.mydomain.com')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 26')dnl


This works, i can see my postfix server get the relay

On my mail server i have in my main.cf
mynetworks = 127.0.0.0/8, 216.xxx.xxx.0/24, 74.xxx.xxx.49/32
#mynetworks_style = host


after i change the main.cf i do a
#postfix reload

I then just for fun
[root@rmail postfix]# postconf  | grep mynetwork
mynetworks = 127.0.0.0/8, 216.xxx.xxx.0/24, 74.xxx.xxx.49/32
mynetworks_style = subnet



when i try to send email i get
Feb 11 22:34:57 rmail postfix/smtpd[12578]: NOQUEUE: reject: RCPT from billing.mydomain.com[74.xxx.xxx.49]: 554 5.7.1 <root@billing.mydomain.com>: Relay access denied; from=<> to=<root@billing.mydomain.com> proto=ESMTP helo=<localhost.localdomain>


I have been playing with this all night and getting no where. Would love any help

Thanks
0
Comment
Question by:paries
  • 8
  • 7
15 Comments
 
LVL 13

Expert Comment

by:Sandy
ID: 39852458
Try this and paste output below

#telnet mail.mydomain.com 25

helo localhost
mail from: a@a.com
rcpt to: a@a.com
data
Subject: hello
test
.

If it give error somewhere in between that relay access denied then you need to add IP address in allow-list..

TY/SA
0
 

Author Comment

by:paries
ID: 39852460
[root@mrslate mail]# telnet rmail.mydomain.com 26
Trying 198.xxx.xxx.61...
Connected to rmail.mydomain.com.
Escape character is '^]'.
220 rmail.mydomain.com ESMTP Postfix
helo localhost
250 rmail.mydomain.com
mail from: randy@mydomain.com
250 2.1.0 Ok
rcpt to: me@gmail.com
554 5.7.1 <me@gmail.com>: Relay access denied


and this is from the log on the mail server
Feb 12 00:14:39 rmail postfix/smtpd[14528]: NOQUEUE: reject: RCPT from billing.mydomain.com[74.xxx.xxx.49]: 554 5.7.1 <me@gmail.com>: Relay access denied; from=<randy@mydomain.com> to=<me@gmail.com> proto=SMTP helo=<localhost>


not sure what you mean by :::then you need to add IP address in allow-list..

I though that is what the mynetworks in the main.cf does?

Thanks for your help

Randy
0
 
LVL 13

Assisted Solution

by:Sandy
Sandy earned 500 total points
ID: 39852466
Randy, yes you are right... mynetworks does the exact what i asked for but i am sorry i didn't seen that final comment you added above in your question.

Now... according to me what you have to do is .. you need to check whether postfix is checking for sender_verfication because i guess these are the filters at the end of main.cf which are causing this issue..

IF still doesn't work then increase the verbosity of logs to see what exactly is denying the access.

TY/SA
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39852468
Also check whether SASL is causing this..
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39852470
comment this as-well

#mynetworks_style = subnet
0
 

Author Comment

by:paries
ID: 39853253
so i put it in debug mode

i know this is a lot, but maybe some one can see something::
postfix/smtpd[21172]: < billing.mydomain.com[74.xxx.xxx.49]: helo localhost
postfix/smtpd[21172]: > billing.mydomain.com[74.xxx.xxx.49]: 250 rmail.mydomain.com
postfix/smtpd[21172]: < billing.mydomain.com[74.xxx.xxx.49]: mail from: randy@mydomain.com
postfix/smtpd[21172]: extract_addr: input: randy@mydomain.com
postfix/smtpd[21172]: smtpd_check_addr: addr=randy@mydomain.com
postfix/smtpd[21172]: connect to subsystem private/rewrite
postfix/smtpd[21172]: send attr request = rewrite
postfix/smtpd[21172]: send attr rule = local
postfix/smtpd[21172]: send attr address = randy@mydomain.com
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: flags
postfix/smtpd[21172]: input attribute name: flags
postfix/smtpd[21172]: input attribute value: 0
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: address
postfix/smtpd[21172]: input attribute name: address
postfix/smtpd[21172]: input attribute value: randy@mydomain.com
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: (list terminator)
postfix/smtpd[21172]: input attribute name: (end)
postfix/smtpd[21172]: rewrite_clnt: local: randy@mydomain.com -> randy@mydomain.com
postfix/smtpd[21172]: send attr request = resolve
postfix/smtpd[21172]: send attr sender =
postfix/smtpd[21172]: send attr address = randy@mydomain.com
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: flags
postfix/smtpd[21172]: input attribute name: flags
postfix/smtpd[21172]: input attribute value: 0
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: transport
postfix/smtpd[21172]: input attribute name: transport
postfix/smtpd[21172]: input attribute value: dovecot
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: nexthop
postfix/smtpd[21172]: input attribute name: nexthop
postfix/smtpd[21172]: input attribute value: mydomain.com
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: recipient
postfix/smtpd[21172]: input attribute name: recipient
postfix/smtpd[21172]: input attribute value: randy@mydomain.com
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: flags
postfix/smtpd[21172]: input attribute name: flags
postfix/smtpd[21172]: input attribute value: 1024
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: (list terminator)
postfix/smtpd[21172]: input attribute name: (end)
postfix/smtpd[21172]: resolve_clnt: `' -> `randy@mydomain.com' -> transp=`dovecot' host=`mydomain.com' rcpt=`randy@mydomain.com' flags= class=virtual
postfix/smtpd[21172]: ctable_locate: install entry key randy@mydomain.com
postfix/smtpd[21172]: extract_addr: in: randy@mydomain.com, result: randy@mydomain.com
postfix/smtpd[21172]: fsspace: .: block size 4096, blocks free 6448499
postfix/smtpd[21172]: smtpd_check_queue: blocks 4096 avail 6448499 min_free 0 msg_size_limit 0
postfix/smtpd[21172]: > billing.mydomain.com[74.xxx.xxx.49]: 250 2.1.0 Ok
postfix/smtpd[21172]: < billing.mydomain.com[74.xxx.xxx.49]: rcpt to:me@gmail.com
postfix/smtpd[21172]: extract_addr: input: me@gmail.com
postfix/smtpd[21172]: smtpd_check_addr: addr=me@gmail.com
postfix/smtpd[21172]: send attr request = rewrite
postfix/smtpd[21172]: send attr rule = local
postfix/smtpd[21172]: send attr address = me@gmail.com
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: flags
postfix/smtpd[21172]: input attribute name: flags
postfix/smtpd[21172]: input attribute value: 0
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: address
postfix/smtpd[21172]: input attribute name: address
postfix/smtpd[21172]: input attribute value: me@gmail.com
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: (list terminator)
postfix/smtpd[21172]: input attribute name: (end)
postfix/smtpd[21172]: rewrite_clnt: local: me@gmail.com -> me@gmail.com
postfix/smtpd[21172]: send attr request = resolve
postfix/smtpd[21172]: send attr sender =
postfix/smtpd[21172]: send attr address = me@gmail.com
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: flags
postfix/smtpd[21172]: input attribute name: flags
postfix/smtpd[21172]: input attribute value: 0
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: transport
postfix/smtpd[21172]: input attribute name: transport
postfix/smtpd[21172]: input attribute value: smtp
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: nexthop
postfix/smtpd[21172]: input attribute name: nexthop
postfix/smtpd[21172]: input attribute value: gmail.com
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: recipient
postfix/smtpd[21172]: input attribute name: recipient
postfix/smtpd[21172]: input attribute value: me@gmail.com
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: flags
postfix/smtpd[21172]: input attribute name: flags
postfix/smtpd[21172]: input attribute value: 4096
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: (list terminator)
postfix/smtpd[21172]: input attribute name: (end)
postfix/smtpd[21172]: resolve_clnt: `' -> `me@gmail.com' -> transp=`smtp' host=`gmail.com' rcpt=`me@gmail.com' flags= class=default
postfix/smtpd[21172]: ctable_locate: install entry key me@gmail.com
postfix/smtpd[21172]: extract_addr: in: me@gmail.com, result: me@gmail.com
postfix/smtpd[21172]: send attr request = rewrite
postfix/smtpd[21172]: send attr rule = local
postfix/smtpd[21172]: send attr address = double-bounce
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: flags
postfix/smtpd[21172]: input attribute name: flags
postfix/smtpd[21172]: input attribute value: 0
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: address
postfix/smtpd[21172]: input attribute name: address
postfix/smtpd[21172]: input attribute value: double-bounce@rmail.mydomain.com
postfix/smtpd[21172]: private/rewrite socket: wanted attribute: (list terminator)
postfix/smtpd[21172]: input attribute name: (end)
postfix/smtpd[21172]: rewrite_clnt: local: double-bounce -> double-bounce@rmail.mydomain.com
postfix/smtpd[21172]: >>> START Helo command RESTRICTIONS <<<
postfix/smtpd[21172]: generic_checks: name=permit_mynetworks
postfix/smtpd[21172]: permit_mynetworks: billing.mydomain.com 74.xxx.xxx.49
postfix/smtpd[21172]: match_hostname: billing.mydomain.com ~? 127.0.0.0/8
postfix/smtpd[21172]: match_hostaddr: 74.xxx.xxx.49 ~? 127.0.0.0/8
postfix/smtpd[21172]: match_hostname: billing.mydomain.com ~? 216.xxx.xxx.0/24
postfix/smtpd[21172]: match_hostaddr: 74.xxx.xxx.49 ~? 216.xxx.xxx.0/24
postfix/smtpd[21172]: match_hostname: billing.mydomain.com ~? 74.xxx.xxx.49/32
postfix/smtpd[21172]: match_hostaddr: 74.xxx.xxx.49 ~? 74.xxx.xxx.49/32
postfix/smtpd[21172]: generic_checks: name=permit_mynetworks status=1
postfix/smtpd[21172]: >>> START Sender address RESTRICTIONS <<<
postfix/smtpd[21172]: generic_checks: name=permit_mynetworks
postfix/smtpd[21172]: permit_mynetworks: billing.mydomain.com 74.xxx.xxx.49
postfix/smtpd[21172]: match_hostname: billing.mydomain.com ~? 127.0.0.0/8
postfix/smtpd[21172]: match_hostaddr: 74.xxx.xxx.49 ~? 127.0.0.0/8
postfix/smtpd[21172]: match_hostname: billing.mydomain.com ~? 216.xxx.xxx.0/24
postfix/smtpd[21172]: match_hostaddr: 74.xxx.xxx.49 ~? 216.xxx.xxx.0/24
postfix/smtpd[21172]: match_hostname: billing.mydomain.com ~? 74.xxx.xxx.49/32
postfix/smtpd[21172]: match_hostaddr: 74.xxx.xxx.49 ~? 74.xxx.xxx.49/32
postfix/smtpd[21172]: generic_checks: name=permit_mynetworks status=1
postfix/smtpd[21172]: >>> CHECKING RECIPIENT MAPS <<<
postfix/smtpd[21172]: ctable_locate: move existing entry key randy@mydomain.com
postfix/smtpd[21172]: maps_find: recipient_canonical_maps: randy@mydomain.com: not found
postfix/smtpd[21172]: match_string: mydomain.com ~? rmail.mydomain.com
postfix/smtpd[21172]: match_string: mydomain.com ~? localhost
postfix/smtpd[21172]: match_string: mydomain.com ~? localhost.localdomain
postfix/smtpd[21172]: match_string: mydomain.com ~? localhost.rmail.mydomain.com
postfix/smtpd[21172]: match_list_match: mydomain.com: no match
postfix/smtpd[21172]: maps_find: recipient_canonical_maps: @mydomain.com: not found
postfix/smtpd[21172]: mail_addr_find: randy@mydomain.com -> (not found)
postfix/smtpd[21172]: maps_find: canonical_maps: randy@mydomain.com: not found
postfix/smtpd[21172]: match_string: mydomain.com ~? rmail.mydomain.com
postfix/smtpd[21172]: match_string: mydomain.com ~? localhost
postfix/smtpd[21172]: match_string: mydomain.com ~? localhost.localdomain
postfix/smtpd[21172]: match_string: mydomain.com ~? localhost.rmail.mydomain.com
postfix/smtpd[21172]: match_list_match: mydomain.com: no match
postfix/smtpd[21172]: maps_find: canonical_maps: @mydomain.com: not found
postfix/smtpd[21172]: mail_addr_find: randy@mydomain.com -> (not found)
postfix/smtpd[21172]: send attr request = lookup
postfix/smtpd[21172]: send attr table = mysql:/etc/postfix/mysql/virtual_alias_maps.cf
postfix/smtpd[21172]: send attr flags = 16448
postfix/smtpd[21172]: send attr key = randy@mydomain.com
postfix/smtpd[21172]: private/proxymap socket: wanted attribute: status
postfix/smtpd[21172]: input attribute name: status
postfix/smtpd[21172]: input attribute value: 0
postfix/smtpd[21172]: private/proxymap socket: wanted attribute: value
postfix/smtpd[21172]: input attribute name: value
postfix/smtpd[21172]: input attribute value: randy.paries@mydomain.com
postfix/smtpd[21172]: private/proxymap socket: wanted attribute: (list terminator)
postfix/smtpd[21172]: input attribute name: (end)
postfix/smtpd[21172]: dict_proxy_lookup: table=mysql:/etc/postfix/mysql/virtual_alias_maps.cf flags=lock|fold_fix key=randy@mydomain.com -> status=0 result=randy.paries@mydomain.com
postfix/smtpd[21172]: maps_find: virtual_alias_maps: proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf(0,lock|fold_fix): randy@mydomain.com = randy.paries@mydomain.com
postfix/smtpd[21172]: mail_addr_find: randy@mydomain.com -> randy.paries@mydomain.com
postfix/smtpd[21172]: >>> START Recipient address RESTRICTIONS <<<
postfix/smtpd[21172]: generic_checks: name=reject_unknown_sender_domain
postfix/smtpd[21172]: reject_unknown_address: randy@mydomain.com
postfix/smtpd[21172]: ctable_locate: leave existing entry key randy@mydomain.com
postfix/smtpd[21172]: generic_checks: name=reject_unknown_sender_domain status=0
postfix/smtpd[21172]: generic_checks: name=reject_unknown_recipient_domain
postfix/smtpd[21172]: reject_unknown_address: me@gmail.com
postfix/smtpd[21172]: ctable_locate: move existing entry key me@gmail.com
postfix/smtpd[21172]: reject_unknown_mailhost: gmail.com
postfix/smtpd[21172]: lookup gmail.com type MX flags 0
postfix/smtpd[21172]: dns_query: gmail.com (MX): OK
postfix/smtpd[21172]: dns_get_answer: type MX for gmail.com
postfix/smtpd[21172]: dns_get_answer: type MX for gmail.com
postfix/smtpd[21172]: dns_get_answer: type MX for gmail.com
postfix/smtpd[21172]: dns_get_answer: type MX for gmail.com
postfix/smtpd[21172]: dns_get_answer: type MX for gmail.com
postfix/smtpd[21172]: generic_checks: name=reject_unknown_recipient_domain status=0
postfix/smtpd[21172]: generic_checks: name=reject_non_fqdn_sender
postfix/smtpd[21172]: reject_non_fqdn_address: randy@mydomain.com
postfix/smtpd[21172]: generic_checks: name=reject_non_fqdn_sender status=0
postfix/smtpd[21172]: generic_checks: name=reject_non_fqdn_recipient
postfix/smtpd[21172]: reject_non_fqdn_address: me@gmail.com
postfix/smtpd[21172]: generic_checks: name=reject_non_fqdn_recipient status=0
postfix/smtpd[21172]: generic_checks: name=reject_unlisted_recipient
postfix/smtpd[21172]: >>> CHECKING RECIPIENT MAPS <<<
postfix/smtpd[21172]: ctable_locate: leave existing entry key me@gmail.com
postfix/smtpd[21172]: maps_find: recipient_canonical_maps: me@gmail.com: not found
postfix/smtpd[21172]: match_string: gmail.com ~? rmail.mydomain.com
postfix/smtpd[21172]: match_string: gmail.com ~? localhost
postfix/smtpd[21172]: match_string: gmail.com ~? localhost.localdomain
postfix/smtpd[21172]: match_string: gmail.com ~? localhost.rmail.mydomain.com
postfix/smtpd[21172]: match_list_match: gmail.com: no match
postfix/smtpd[21172]: maps_find: recipient_canonical_maps: @gmail.com: not found
postfix/smtpd[21172]: mail_addr_find: me@gmail.com -> (not found)
postfix/smtpd[21172]: maps_find: canonical_maps: me@gmail.com: not found
postfix/smtpd[21172]: match_string: gmail.com ~? rmail.mydomain.com
postfix/smtpd[21172]: match_string: gmail.com ~? localhost
postfix/smtpd[21172]: match_string: gmail.com ~? localhost.localdomain
postfix/smtpd[21172]: match_string: gmail.com ~? localhost.rmail.mydomain.com
postfix/smtpd[21172]: match_list_match: gmail.com: no match
postfix/smtpd[21172]: maps_find: canonical_maps: @gmail.com: not found
postfix/smtpd[21172]: mail_addr_find: me@gmail.com -> (not found)
postfix/smtpd[21172]: send attr request = lookup
postfix/smtpd[21172]: send attr table = mysql:/etc/postfix/mysql/virtual_alias_maps.cf
postfix/smtpd[21172]: send attr flags = 16448
postfix/smtpd[21172]: send attr key = me@gmail.com
postfix/smtpd[21172]: private/proxymap socket: wanted attribute: status
postfix/smtpd[21172]: input attribute name: status
postfix/smtpd[21172]: input attribute value: 1
postfix/smtpd[21172]: private/proxymap socket: wanted attribute: value
postfix/smtpd[21172]: input attribute name: value
postfix/smtpd[21172]: input attribute value: (end)
postfix/smtpd[21172]: private/proxymap socket: wanted attribute: (list terminator)
postfix/smtpd[21172]: input attribute name: (end)
postfix/smtpd[21172]: dict_proxy_lookup: table=mysql:/etc/postfix/mysql/virtual_alias_maps.cf flags=lock|fold_fix key=me@gmail.com -> status=1 result=
postfix/smtpd[21172]: send attr request = lookup
postfix/smtpd[21172]: send attr table = mysql:/etc/postfix/mysql/domain_alias_maps.cf
postfix/smtpd[21172]: send attr flags = 16448
postfix/smtpd[21172]: send attr key = me@gmail.com
postfix/smtpd[21172]: private/proxymap socket: wanted attribute: status
postfix/smtpd[21172]: input attribute name: status
postfix/smtpd[21172]: input attribute value: 1
postfix/smtpd[21172]: private/proxymap socket: wanted attribute: value
postfix/smtpd[21172]: input attribute name: value
postfix/smtpd[21172]: input attribute value: (end)
postfix/smtpd[21172]: private/proxymap socket: wanted attribute: (list terminator)
postfix/smtpd[21172]: input attribute name: (end)
postfix/smtpd[21172]: dict_proxy_lookup: table=mysql:/etc/postfix/mysql/domain_alias_maps.cf flags=lock|fold_fix key=me@gmail.com -> status=1 result=
postfix/smtpd[21172]: send attr request = lookup
postfix/smtpd[21172]: send attr table = mysql:/etc/postfix/mysql/catchall_maps.cf
postfix/smtpd[21172]: send attr flags = 16448
postfix/smtpd[21172]: send attr key = me@gmail.com
postfix/smtpd[21172]: private/proxymap socket: wanted attribute: status
postfix/smtpd[21172]: input attribute name: status
postfix/smtpd[21172]: input attribute value: 1
postfix/smtpd[21172]: private/proxymap socket: wanted attribute: value
postfix/smtpd[21172]: input attribute name: value
postfix/smtpd[21172]: input attribute value: (end)
postfix/smtpd[21172]: private/proxymap socket: wanted attribute: (list terminator)
postfix/smtpd[21172]: input attribute name: (end)
postfix/smtpd[21172]: dict_proxy_lookup: table=mysql:/etc/postfix/mysql/catchall_maps.cf flags=lock|fold_fix key=me@gmail.com -> status=1 result=
postfix/smtpd[21172]: send attr request = lookup
postfix/smtpd[21172]: send attr table = mysql:/etc/postfix/mysql/domain_alias_catchall_maps.cf
postfix/smtpd[21172]: send attr flags = 16448
postfix/smtpd[21172]: send attr key = me@gmail.com
postfix/smtpd[21172]: private/proxymap socket: wanted attribute: status
postfix/smtpd[21172]: input attribute name: status
postfix/smtpd[21172]: input attribute value: 1
postfix/smtpd[21172]: private/proxymap socket: wanted attribute: value
postfix/smtpd[21172]: input attribute name: value
postfix/smtpd[21172]: input attribute value: (end)
postfix/smtpd[21172]: private/proxymap socket: wanted attribute: (list terminator)
postfix/smtpd[21172]: input attribute name: (end)
postfix/smtpd[21172]: dict_proxy_lookup: table=mysql:/etc/postfix/mysql/domain_alias_catchall_maps.cf flags=lock|fold_fix key=me@gmail.com -> status=1 result=
postfix/smtpd[21172]: maps_find: virtual_alias_maps: me@gmail.com: not found
postfix/smtpd[21172]: match_string: gmail.com ~? rmail.mydomain.com
postfix/smtpd[21172]: match_string: gmail.com ~? localhost
postfix/smtpd[21172]: smtp_get: EOF
postfix/smtpd[21172]: match_hostname: billing.mydomain.com ~? 127.0.0.0/8
postfix/smtpd[21172]: match_hostaddr: 74.xxx.xxx.49 ~? 127.0.0.0/8
postfix/smtpd[21172]: match_hostname: billing.mydomain.com ~? 216.xxx.xxx.0/24
postfix/smtpd[21172]: match_hostaddr: 74.xxx.xxx.49 ~? 216.xxx.xxx.0/24
postfix/smtpd[21172]: match_hostname: billing.mydomain.com ~? 74.xxx.xxx.49/32
postfix/smtpd[21172]: match_hostaddr: 74.xxx.xxx.49 ~? 74.xxx.xxx.49/32
postfix/smtpd[21172]: lost connection after RCPT from billing.mydomain.com[74.xxx.xxx.49]
postfix/smtpd[21172]: disconnect from billing.mydomain.com[74.xxx.xxx.49]
postfix/smtpd[21172]: master_notify: status 1
postfix/smtpd[21172]: connection closed
postfix/smtpd[21172]: auto_clnt_close: disconnect private/tlsmgr stream
postfix/smtpd[21172]: rewrite stream disconnect
postfix/smtpd[21172]: proxymap stream disconnect
postfix/smtpd[21172]: auto_clnt_close: disconnect 127.0.0.1:7777 stream
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39853269
something wrong here

postfix/smtpd[21172]: generic_checks: name=reject_unknown_sender_domain
postfix/smtpd[21172]: reject_unknown_address: randy@mydomain.com
postfix/smtpd[21172]: ctable_locate: leave existing entry key randy@mydomain.com
postfix/smtpd[21172]: generic_checks: name=reject_unknown_sender_domain status=0
postfix/smtpd[21172]: generic_checks: name=reject_unknown_recipient_domain
postfix/smtpd[21172]: reject_unknown_address: me@gmail.com
postfix/smtpd[21172]: ctable_locate: move existing entry key me@gmail.com
postfix/smtpd[21172]: reject_unknown_mailhost: gmail.com
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:paries
ID: 39853323
this is from #postconf  | grep mynetwork (below)
mynetworks_style = subnet seems suspicious, but http://www.postfix.org/BASIC_CONFIGURATION_README.html says
Alternatively, you can specify the mynetworks list by hand, in which case Postfix ignores the mynetworks_style setting. To specify the list of trusted networks by hand, specify network blocks in CIDR (network/mask) notation
, So i assume that is a red herring

#postconf  | grep mynetwork
mynetworks = 127.0.0.0/8, 216.xxx.xxx.0/24, 74.xxx.xxx.49/32
mynetworks_style = subnet
parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions
smtpd_client_event_limit_exceptions = ${smtpd_client_connection_limit_exceptions:$mynetworks}
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, check_helo_access pcre:/etc/postfix/helo_access.pcre
smtpd_sender_restrictions = permit_mynetworks, reject_sender_login_mismatch, permit_sasl_authenticate
0
 

Accepted Solution

by:
paries earned 0 total points
ID: 39853381
found it!
had to add permit_mynetworks to smtpd_recipient_restriction

thanks for the help debugging
0
 

Author Comment

by:paries
ID: 39853520
I've requested that this question be closed as follows:

Accepted answer: 0 points for paries's comment #a39853381

for the following reason:

found in this article
http://www.postfix.org/SMTPD_ACCESS_README.html
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39853439
that you found once debug was on..
0
 

Author Comment

by:paries
ID: 39853460
need to change to accept multiple solutions
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39853521
yes pls
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39853546
I am fine with this .. You can close this now also.
0
 

Author Closing Comment

by:paries
ID: 39864306
with help from sandy debugging found in this article
http://www.postfix.org/SMTPD_ACCESS_README.html
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
The purpose of this video is to demonstrate how to set up an account with Mailchimp. This will be demonstrated using a Windows 8 PC. Tools Used are: Mailchimp.com Go to Mailchimp.com : Enter an Email, Username, and Password. Click Create My Acco…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now