Loading ...
Sorry, an error occurred while loading the content.

Relay access denied on submission?

Expand Messages
  • LuKreme
    postfix/smtpd[4289]: Anonymous TLS connection established from mobile-166-147-083-103.mycingular.net[166.147.83.103]: TLSv1 with cipher ECDHE-RSA-AES256-SHA
    Message 1 of 2 , Aug 26 3:47 PM
    • 0 Attachment
      postfix/smtpd[4289]: Anonymous TLS connection established from mobile-166-147-083-103.mycingular.net[166.147.83.103]: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)

      mail postfix/smtpd[4289]: NOQUEUE: reject: RCPT from mobile-166-147-083-103.mycingular.net[166.147.83.103]: 454 4.7.1 <*munged*@...>: Relay access denied; from=<kremels@...> to=<*munged*@...> proto=ESMTP helo=<[10.33.25.94]>

      postfix/smtpd[4289]: disconnect from mobile-166-147-083-103.mycingular.net[166.147.83.103]


      $ postconf -M | grep submission
      submission inet n - n - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_sasl_security_options=noanonymous -o smtpd_sasl_local_domain=$myhostname -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o syslog_name=submit-tls


      $ postconf -n
      alias_database = hash:$config_directory/aliases
      alias_maps = hash:$config_directory/aliases, hash:/usr/local/mailman/data/aliases
      allow_percent_hack = no
      body_checks = pcre:$config_directory/body_checks.pcre
      bounce_size_limit = 10240
      broken_sasl_auth_clients = yes
      command_directory = /usr/local/sbin
      config_directory = /etc/postfix
      daemon_directory = /usr/local/libexec/postfix
      data_directory = /var/db/postfix
      debug_peer_level = 2
      debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5
      disable_vrfy_command = yes
      header_checks = pcre:$config_directory/header_checks.pcre
      header_size_limit = 10240
      home_mailbox = Maildir/
      html_directory = /usr/local/share/doc/postfix
      inet_interfaces = all
      inet_protocols = ipv4
      mail_owner = postfix
      mailbox_command = /usr/local/bin/procmail -t -a $EXTENSION
      mailbox_size_limit = 52428800
      mailq_path = /usr/local/bin/mailq
      manpage_directory = /usr/local/man
      maps_rbl_reject_code = 521
      message_size_limit = 26214400
      mime_header_checks = pcre:$config_directory/mime_headers.pcre
      mydestination = $myhostname, localhost.$mydomain, $mydomain, localhost, ns1.$mydomain, ns2.$mydomain, mail.$mydomain, www.$mydomain, webmail.$mydomain
      mydomain = covisp.net
      myhostname = mail.covisp.net
      mynetworks = 75.148.117.88/29, 127.0.0.0/8, 23.24.150.141
      myorigin = $mydomain
      newaliases_path = /usr/local/bin/newaliases
      postscreen_access_list = permit_mynetworks, cidr:$config_directory/postscreen_access.cidr
      postscreen_dnsbl_action = enforce
      postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..9]*3 list.dnswl.org=127.0.0.1*-1 list.dnswl.org=127.0.0.2*-3 list.dnswl.org=127.0.0.3*-9 dwl.spamhaus.org=127.0.2.[2;3]*-4 swl.spamhaus.org=127.0.2.[12;13]*-4
      postscreen_dnsbl_ttl = 1d
      postscreen_greet_action = enforce
      postscreen_greet_banner = mail.covisp.net ESTMP -- Please wait
      postscreen_greet_ttl = 1d
      postscreen_greet_wait = 4s
      queue_directory = /var/spool/postfix
      readme_directory = /usr/local/share/doc/postfix
      recipient_delimiter = +
      sample_directory = /usr/local/etc/postfix
      sendmail_path = /usr/local/sbin/sendmail
      setgid_group = maildrop
      show_user_unknown_table_name = no
      smtp_tls_security_level = may
      smtpd_banner = $myhostname ESMTP $mail_name $mail_version
      smtpd_data_restrictions = reject_unauth_pipelining, reject_multi_recipient_bounce, permit
      smtpd_error_sleep_time = 28
      smtpd_hard_error_limit = 8
      smtpd_helo_required = yes
      smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, permit
      smtpd_recipient_limit = 100
      smtpd_recipient_restrictions = reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_invalid_hostname, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unlisted_recipient, reject_unlisted_sender, reject_unknown_reverse_client_hostname, warn_if_reject reject_unknown_client_hostname, check_sender_access pcre:$config_directory/sender_access.pcre, check_client_access pcre:$config_directory/check_client_fqdn.pcre, check_recipient_access pcre:$config_directory/recipient_checks.pcre, check_client_access hash:$config_directory/access, permit
      smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
      smtpd_sasl_auth_enable = yes
      smtpd_sasl_path = private/auth
      smtpd_sasl_type = dovecot
      smtpd_soft_error_limit = 4
      smtpd_starttls_timeout = 40s
      smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem
      smtpd_tls_key_file = /etc/ssl/private/postfix.pem
      smtpd_tls_loglevel = 2
      smtpd_tls_security_level = may
      smtpd_tls_session_cache_database = btree:$data_directory/smtpd_sessions
      smtpd_tls_session_cache_timeout = 1800s
      soft_bounce = no
      swap_bangpath = no
      transport_maps = hash:/etc/postfix/transport
      undisclosed_recipients_header = To: List of Bcc addresses:;
      unknown_local_recipient_reject_code = 550
      virtual_alias_domains = kreme.com
      virtual_alias_maps = hash:$config_directory/virtual pcre:$config_directory/virtual.pcre, pcre:$config_directory/virtual_sql.pcre, proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf
      virtual_gid_maps = static:89
      virtual_mailbox_base = /usr/local/virtual
      virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf
      virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf
      virtual_minimum_uid = 89
      virtual_transport = virtual
      virtual_uid_maps = static:89

      --
      Oh, no! Not *ANOTHER* learning experience!
    • LuKreme
      ... Doh. Never mind. I was not connecting to the submission port. sall working properly if I connect to the right port. -- This was music that had not only
      Message 2 of 2 , Aug 26 3:51 PM
      • 0 Attachment
        On 26 Aug 2013, at 16:47 , LuKreme <kremels@...> wrote:

        > postfix/smtpd[4289]: Anonymous TLS connection established from mobile-166-147-083-103.mycingular.net[166.147.83.103]: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)
        >
        > mail postfix/smtpd[4289]: NOQUEUE: reject: RCPT from mobile-166-147-083-103.mycingular.net[166.147.83.103]: 454 4.7.1 <*munged*@...>: Relay access denied; from=<kremels@...> to=<*munged*@...> proto=ESMTP helo=<[10.33.25.94]>
        >
        > postfix/smtpd[4289]: disconnect from mobile-166-147-083-103.mycingular.net[166.147.83.103]

        Doh. Never mind. I was not connecting to the submission port.

        'sall working properly if I connect to the right port.

        --
        This was music that had not only escaped but had robbed a bank on the
        way out. It was music with its sleeves rolled up and its top button
        undone, raising its hat and grinning and stealing the silver. It was
        music that went down to the feet by way of the pelvis without paying a
        call on Mr. Brain. --Soul Music
      Your message has been successfully submitted and would be delivered to recipients shortly.