Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: postfix relay denied on 11.4

  1. #1
    jdd NNTP User

    Default postfix relay denied on 11.4

    Hello,

    I was never confident with postfix, but used it for several years now on my own server. I even noted the exact config used.

    But my old server crashed and I have to build fast a news one and I don't receive mails anymore.

    here is the log message when trying to send to me from gmail:

    Jun 4 08:06:34 ks3095514 postfix/smtpd[4008]: connect from mail-pw0-f50.google.com[209.85.160.50]
    Jun 4 08:06:34 ks3095514 postfix/smtpd[4008]: NOQUEUE: reject: RCPT from mail-pw0-f50.google.com[209.85.160.50]: 554 5.7.1 <jdd@dodin.net>: Relay access denied; from=<lesrevesdeness@gmail.com> to=<jdd@dodin.net> proto=ESMTP helo=<mail-pw0-f50.google.com>
    Jun 4 08:06:35 ks3095514 postfix/smtpd[4008]: disconnect from mail-pw0-f50.google.com[209.85.160.50]

    the main.cf file is the openSUSE default one (see below). Part of my problems seems to come from the reverse. I *could once* receive one test messsage to " ks3095514.kimsufi.com" (the default reverse/domain name) (below, commented out), but not for my own domain (dodin.org). Most of the time the only necessary lines are mydomain, myhostname, myorigin and mydestination, but this don't work anymore. New defaults??. local (from and to the server) mail works, root can send to jdd and I read it from home.

    thanks
    jdd

    mydomain = dodin.org
    inet_protocols = all
    biff = no
    mail_spool_directory = /var/mail
    canonical_maps = hash:/etc/postfix/canonical
    virtual_alias_domains = hash:/etc/postfix/virtual
    relocated_maps = hash:/etc/postfix/relocated
    transport_maps = hash:/etc/postfix/transport
    sender_canonical_maps = hash:/etc/postfix/sender_canonical
    masquerade_exceptions = root
    masquerade_classes = envelope_sender, header_sender, header_recipient
    #myhostname = ks3095514.kimsufi.com
    myhostname = kim3.dodin.org
    delay_warning_time = 1h
    message_strip_characters = \0
    program_directory = /usr/lib/postfix
    inet_interfaces = localhost
    masquerade_domains =
    mydestination = $myhostname, localhost.$mydomain
    defer_transports =
    mynetworks_style = subnet
    disable_dns_lookups = no
    relayhost =
    content_filter =
    mailbox_command =
    mailbox_transport =
    strict_8bitmime = no
    disable_mime_output_conversion = no
    smtpd_sender_restrictions = hash:/etc/postfix/access
    smtpd_client_restrictions =
    smtpd_helo_required = no
    smtpd_helo_restrictions =
    strict_rfc821_envelopes = no
    smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
    smtp_sasl_auth_enable = no
    smtpd_sasl_auth_enable = no
    smtpd_use_tls = no
    smtp_use_tls = no
    smtp_enforce_tls = no
    alias_maps = hash:/etc/aliases
    mailbox_size_limit = 0
    message_size_limit = 0

  2. #2

    Default Re: postfix relay denied on 11.4

    I do not understand what you try to accomplish: is it you want to receive mail for multiple domains or you have multiple domains and want to receive mail only for dodin.org?

    In the first case you might need to have a look ad virtual domains, a quick google search for potfix main.cf example multiple domains :
    Handling mail for multiple virtual domains with postfix and maybe ISP-style Email Server with Debian "Sarge" and Postfix 2.1 | workaround.org (not for opensuse but I think you can use the info from there or find specific howtos for opensuse).

    If it's the latter one, looking in your main.cf it seems you allow mail to be delivered to $myhostname (which is kim3.dodin.org so mail @kim3.dodin.org should work but that is not listed as your MX or a CNAME in your dns - see DNS health check : find bugs on your domain - DnsQueries ) and to localhost.$mydomain (is this also kim3.... ?).
    I am not sure, but maybe adding the masquarade domain might fix the issue.

    The last MX lookup for dodin.org was still ks3095514.kimsufi.com so either you are testing different configurations or the dns records did not propagate yet.

    Cheers.

  3. #3
    jdd NNTP User

    Default Re : Re: postfix relay denied on 11.4

    Quote Originally Posted by ghostintheruins View Post
    I do not understand what you try to accomplish: is it you want to receive mail for multiple domains or you have multiple domains and want to receive mail only for dodin.org?
    only for dodin.org right now


    If it's the latter one, looking in your main.cf it seems you allow mail to be delivered to $myhostname (which is kim3.dodin.org so mail @kim3.dodin.org should work
    I am not sure, but maybe adding the masquarade domain might fix the issue.

    The last MX lookup for dodin.org was still ks3095514.kimsufi.com so either you are testing different configurations or the dns records did not propagate yet.
    the mx was changed for tests and forgotten there :-(. changed for dodin.org now.

    I always fails understanding why postfix uses mydomain and myhostname and how. (kim3 is the hostname and dodin.org mydomain) - that's sure on this network there is only one computer for me.

    thanks
    jdd

  4. #4
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: Re : Re: postfix relay denied on 11.4

    But your log file shows you tried to send to dodin.net. Which is it, dodin.net or dodin.org?

    The short answer is that mydestination should contain all the possible domains you want to accept. So you should add dodin.org and dodin.net to what's already there.

  5. #5
    jdd NNTP User

    Default Re : Re: Re : Re: postfix relay denied on 11.4

    Quote Originally Posted by ken_yap View Post
    But your log file shows you tried to send to dodin.net. Which is it, dodin.net or dodin.org?

    The short answer is that mydestination should contain all the possible domains you want to accept. So you should add dodin.org and dodin.net to what's already there.
    dodin.net is an old domain name I don't use anymore, but sometime I receive a mial on it, but on the dodin.net zone, the mx is to dodin.org.

    Why is the variable name "destination" to *receive* mails?? no problem, I will add it
    thanks
    jdd

  6. #6
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: Re : Re: Re : Re: postfix relay denied on 11.4

    You must match all destinations that the sender could put on the envelope. Even though gmail is contacting dodin.org, the envelope says the mail is for dodin.net. At the moment your server looks at the envelope and says, dodin.net? that's not me, and rejects the email.

  7. #7
    jdd NNTP User

    Default Re : Re: Re : Re: Re : Re: postfix relay denied on 11.4

    Quote Originally Posted by ken_yap View Post
    You must match all destinations that the sender could put on the envelope. Even though gmail is contacting dodin.org, the envelope says the mail is for dodin.net. At the moment your server looks at the envelope and says, dodin.net? that's not me, and rejects the email.
    problem is I have no return at all!

    I noticed I had in the old config file "relay_domains = $mydestination, dodin.net"

    I added it, but this don't seems to change anything! - and nothing in the logs!!

  8. #8
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: Re : Re: Re : Re: Re : Re: postfix relay denied on 11.4

    You add the allowed destinations to $mydestinations, not $relay_domains.

    $relay_domains serves a different purpose, even though it is derived from $mydestinations by default.

    Postfix Configuration Parameters

  9. #9
    jdd NNTP User

    Default Re : Re: Re : Re: Re : Re: Re : Re: postfix relay denied on 11.4

    Quote Originally Posted by ken_yap View Post
    You add the allowed destinations to $mydestinations, not $relay_domains.

    $relay_domains serves a different purpose, even though it is derived from $mydestinations by default.

    Postfix Configuration Parameters
    here is the main.cf file that worked until now (on the other server) - I just changed the hostname (with no better result).

    mailbox_size_limit = 0
    message_size_limit = 10240000
    mydomain = dodin.org
    #myhostname = ks33269.kimsufi.com
    myhostname = kim3.dodin.org
    myorigin = $mydomain
    #mydestination = $mydomain
    #pour recevoir deux domaines
    mydestination = $myhostname, localhost.$mydomain

    relay_domains = $mydestination, dodin.net
    mail_spool_directory = /var/mail
    canonical_maps = hash:/etc/postfix/canonical
    virtual_alias_maps = hash:/etc/postfix/virtual
    virtual_alias_domains = hash:/etc/postfix/virtual
    relocated_maps = hash:/etc/postfix/relocated
    transport_maps = hash:/etc/postfix/transport
    sender_canonical_maps = hash:/etc/postfix/sender_canonical
    masquerade_exceptions = root
    masquerade_classes = envelope_sender, header_sender, header_recipient
    delay_warning_time = 1h
    message_strip_characters = \0
    program_directory = /usr/lib/postfix
    readme_directory = /usr/share/doc/packages/postfix-doc/README_FILES
    inet_interfaces = localhost
    masquerade_domains =
    defer_transports =
    mynetworks_style = subnet
    disable_dns_lookups = no
    relayhost =
    mailbox_command =
    mailbox_transport =
    strict_8bitmime = no
    disable_mime_output_conversion = no
    smtpd_sender_restrictions = hash:/etc/postfix/access
    smtpd_client_restrictions =
    smtpd_helo_required = no
    smtpd_helo_restrictions =
    strict_rfc821_envelopes = no
    smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
    smtp_sasl_auth_enable = no
    smtpd_sasl_auth_enable = no
    smtpd_use_tls = no
    smtp_use_tls = no
    alias_maps = hash:/etc/aliases

  10. #10
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,686
    Blog Entries
    4

    Default Re: Re : Re: Re : Re: Re : Re: Re : Re: postfix relay denied on 11.4

    You were doing it wrong in the past. Perhaps you got away with it by accident.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •