Postfix on Cent OS no relaying to On Premise Exchange Server

Thomas Grassi
Thomas Grassi used Ask the Experts™
on
Cent OS 7
postfix

I recently upgraded my on premise exchange server from 2010 to Exchange 2016 CU 9 DAG 2 Node

After the upgrade my cron jobs stopped sending emails.

 I modified the main.cf file

/usr/libexec/postfix/main.cf
[root]# vi /usr/libexec/postfix/main.cf
[root]# vi /etc/postfix/main.cf

Found two of them

restarted postfix
 systemctl restart postfix

sent test email

 echo test | mailx -s TEST admin@mynet.com

[root@]# mailq
/var/spool/mqueue is empty
      Total requests: 0
[root]#

Email is never received and it is not stuck in the q

I run logwatch cron job daily and receive none

Any ideas

Thank you

Tom
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Michael B. SmithManaging Consultant

Commented:
what does the postfix transmission log say?

did you enable verbose logging on the exchange receive connector? if so, what does it say?
Thomas GrassiSystems Administrator

Author

Commented:
Michael

In the file /var/log/maillog    

Aug 28 20:53:21 tgcs018 postfix/smtpd[29596]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 454 4.7.1 <admin@mynet.com>: Relay access denied; from=<root@centserver.mynet.com> to=<admin@mynet.com> proto=ESMTPhelo                                                                 =<centserver.mynet.com>


The Cent OS server is on the same subnet as the on premise exchange server.  I have Ubuntu and Raspberry PI Raspbian working fine they also are all on the same subnet.

Thoughts
Michael B. SmithManaging Consultant

Commented:
Exchange does not, by default, allow relaying from anywhere. Even the same subnet.

You'll need to enable relay on the receive connector for this IP, or use authenticated SMTP to validate your access to the Exchange server.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Thomas GrassiSystems Administrator

Author

Commented:
Michael

My receive connector does allow all my internal servers to relay mail thru

under scoping  Remote Network settings  Ip Addresses is   10.2.9.0/22

Network adapter bindings is All available IPV4   port 25

I added the ip address of the cent server to the relay connector on both dags but still getting same error relay access denied

Is there something in the main.cf that I can use?
Mihai BarbosTrying to tame bits. They're nasty.

Commented:
Somewhere in main.cf there's a parameter mynetworks. That's what controls the relaying.
You can read more about it here
Barry GillChief of Staff
Commented:
The relay error is not coming from Exchange. You won't find any associated logs there...

This is due to a configuration error in Postfix.

You say you have two main.cf files
/usr/libexec/postfix/main.cf
/etc/postfix/main.cf

Open in new window

What is the difference between these two? There should only be one main.cf in use and a typical CentOS installation would use /etc/postfix/main.cf. Check your startup parameters to confirm where you are getting your configs from and then go check that main.cf file out (and anything it references). A handy way to do this is by using
postconf -n

Open in new window

. This will output anything non-standard (and will hopefully show you which file is being referenced.

SO, things to look for in /etc/postfix/main.cf:
myhostname = centserver.mynet.com
mydomain = mynet.com
mynetworks = 127.0.0.0/8
myorigin = $mydomain
relayhost = $mydomain
inet_interfaces = loopback-only
mydestination =

Open in new window


Once you make changes to main.cf, make sure you don't forget to check master.cf too...
Thomas GrassiSystems Administrator

Author

Commented:
Mihai

The link does not work


Barry

[root@tgcs018 /]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
html_directory = no
inet_interfaces = loopback-only
inet_protocols = ipv4
local_transport = error: local delivery disabled
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination =
mydomain = mynet.com
myhostname = CENTSERVER.mynet.com
mynetworks = 10.2.9.0/22
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
relayhost = 10.2.9.17
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
unknown_local_recipient_reject_code = 550

Open in new window


So that shows that the main.cf is coming from  /etc/postfix  

I renamed the main.cf in /usr/libexec/postfix     restarted postfix but no email yet


Thoughts?
Trying to tame bits. They're nasty.
Commented:
Sorry, the link works now.

Your localhost is not in mynetworks. Change mynetworks to something like:

mynetworks = 127.0.0.0/8 10.2.9.0/22

Open in new window

Thomas GrassiSystems Administrator

Author

Commented:
Mihai

That was it  needed the  127.0.0.0/8 added to mynetworks in main.cf


Barry

Thank for your help also

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial