Loading ...
Sorry, an error occurred while loading the content.

sasl + Relay access denied

Expand Messages
  • spamvoll@googlemail.com
    hi guys.. i cant send mail with my saslauth user saslauth -d log: saslauthd[6983] :do_auth : auth success: [user=peter] [service=smtp] [realm=]
    Message 1 of 1 , Feb 11, 2010
    • 0 Attachment
      hi guys..

      i cant send mail with my saslauth user

      saslauth -d log:
      saslauthd[6983] :do_auth : auth success: [user=peter]
      [service=smtp] [realm=] [mech=ldap]
      saslauthd[6983] :do_request : response: OK

      postfix log:
      Feb 11 10:17:32 smtp postfix/smtpd[6987]: connect from unknown[10.0.0.20]
      Feb 11 10:17:32 smtp postfix/smtpd[6987]: setting up TLS connection
      from unknown[10.0.0.20]
      Feb 11 10:17:34 smtp postfix/smtpd[6987]: TLS connection established
      from unknown[10.0.0.20]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256
      bits)
      Feb 11 10:17:39 smtp postfix/smtpd[6987]: NOQUEUE: reject: RCPT from
      unknown[10.0.0.20]: 554 5.7.1 <spamvoll@...>: Relay access
      denied; from=<peter@...> to=<spamvoll@...> proto=ESMTP
      helo=<[10.0.0.20]>
      Feb 11 10:17:41 smtp postfix/smtpd[6987]: disconnect from unknown[10.0.0.20]

      so postfix send the request to sasl and sasl succeded, but there are
      no messages that postfix geht the ok from the saslauthd

      any ideas ?

      postconf -n
      address_verify_map = btree:/var/spool/postfix/data/verify
      alias_maps = hash:/etc/aliases, proxy:ldap:/etc/postfix/ldap-aliases.cf
      body_checks = pcre:/etc/postfix/body_checks
      bounce_queue_lifetime = 3d
      broken_sasl_auth_clients = yes
      command_directory = /usr/sbin
      config_directory = /etc/postfix
      daemon_directory = /usr/libexec/postfix
      debug_peer_level = 2
      disable_vrfy_command = yes
      header_checks = pcre:/etc/postfix/body_checks
      html_directory = no
      inet_interfaces = $myhostname, localhost
      mail_owner = postfix
      mailq_path = /usr/bin/mailq.postfix
      manpage_directory = /usr/share/man
      maximal_queue_lifetime = 3d
      mydestination = $myhostname, localhost.$mydomain, localhost
      myhostname = smtp.example.com
      mynetworks = 1.1.1.1/32, 1.1.1.2/32, 127.0.0.0/8
      newaliases_path = /usr/bin/newaliases.postfix
      queue_directory = /var/spool/postfix
      readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
      relay_domains = proxy:ldap:/etc/postfix/ldap-relay_domains.cf
      sample_directory = /usr/share/doc/postfix-2.3.3/samples
      sendmail_path = /usr/sbin/sendmail.postfix
      setgid_group = postdrop
      smtp_tls_note_starttls_offer = yes
      smtp_tls_security_level = may
      smtp_use_tls = yes
      smtpd_banner = $myhostname ESMTP
      smtpd_helo_required = yes
      smtpd_recipient_restrictions =
      check_recipient_access btree:/etc/postfix/access_recipient-rfc,
      check_client_access btree:/etc/postfix/access_client,
      check_helo_access btree:/etc/postfix/access_helo,
      check_sender_access btree:/etc/postfix/access_sender,
      check_recipient_access btree:/etc/postfix/access_recipient,
      reject_non_fqdn_sender,
      reject_non_fqdn_recipient,
      reject_unknown_sender_domain,
      reject_unknown_recipient_domain,
      reject_sender_login_mismatch,
      permit_sasl_authenticated,
      permit_mynetworks,
      reject_rbl_client bl.spamcop.net,
      reject_rbl_client dnsbl.njabl.org,
      reject_unauth_destination,
      permit
      smtpd_sasl_auth_enable = yes
      smtpd_sasl_authenticated_header = no
      smtpd_sasl_security_options = noanonymous
      smtpd_sasl_tls_security_options = noanonymous
      smtpd_sender_login_maps = proxy:ldap:/etc/postfix/ldap-aliases.cf
      smtpd_tls_auth_only = no
      smtpd_tls_cert_file = /etc/pki/tls/certs/smtp.example.com.cert
      smtpd_tls_key_file = /etc/pki/tls/private/smtp.example.com.key
      smtpd_tls_loglevel = 1
      smtpd_tls_mandatory_protocols = !SSLv2
      smtpd_tls_received_header = yes
      smtpd_tls_security_level = may
      smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache
      smtpd_tls_session_cache_timeout = 3600s
      smtpd_use_tls = yes
      strict_rfc821_envelopes = yes
      tls_random_source = dev:/dev/urandom
      transport_maps = btree:/etc/postfix/transport
      unknown_local_recipient_reject_code = 550
    Your message has been successfully submitted and would be delivered to recipients shortly.