| View previous topic :: View next topic |
| Author |
Message |
Midyr2
n00b
Joined: 10 Jan 2018
Posts: 2
|
 Posted: Wed Jan 10, 2018 1:31 pm Post subject: [SOLVED] Postfix SASL Realyhost |
 |
|
Hi,
I want to configure my postfix this way, that I access my server via internet and my server forward these mails to my provider.
Incoming mailing works
I tried many hints from many forums, but nothing works.
I get this error:
nuada postfix/smtp[23303]: BB09E25C03: to=<yy@yyy.com>, relay=PROVIDER.de[xxx]:587, delay=0.16, delays=0/0/0.11/0.05, dsn=5.7.1, status=bounced (host PROVIDER.de[xxx] said: 554 5.7.1 <DSL-ip.de[xxxx]>: Client host rejected: Access denied (in reply to RCPT TO command))
postconf -n
| Code: |
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
home_mailbox = .maildir/
html_directory = no
inet_protocols = ipv4
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
meta_directory = /etc/postfix
mydestination = localhost.$mydomain, localhost, $myhostname
mydomain = MYDOMAIN.de
myhostname = HOST.MYDOMAIN.de
mynetworks = 192.xxx.x.x/16, 127.0.0.0/8
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
relayhost = [PROVIDER.de]:587
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
shlib_directory = /usr/lib64/postfix/${mail_version}
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
smtp_sasl_security_options = noplaintext,noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_use_tls = no
smtpd_recipient_restrictions = permit_mynetworks
smtpd_relay_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = MYDOMAIN.de
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_cert_file = fullchain.pem
smtpd_tls_key_file = privkey.pem
smtpd_tls_security_level = may
unknown_local_recipient_reject_code = 550 |
| Code: |
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (no) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
-o receive_override_options=no_address_mappings
-o content_filter=amavis:[127.0.0.1]:10024
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o receive_override_options=no_address_mapping
-o content_filter=amavis:[127.0.0.1]:10024
pickup unix n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200s
-o smtp_never_send_ehlo=yes
-o disable_dns_lookups=yes
localhost:10025 inet n - n - - smtpd
-o smtp_dns_support_level=enabled
-o content_filter=
-o myhostname=HOST.MYDOMAIN.de
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
#-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
|
cat sasl_password
| Code: |
[PROVIDER]:587 LOGIN:PASSWORD |
Any hint?
Midyr
EDIT
If I change the relayhost to
relayhost = [PROVIDER.de]
an change also the entry in sasl_password
I get this error:
nuada postfix/smtp[27026]: 9326425C03: to=<xxxr@xxx>, relay=PROVIDER.de[ddd]:25, delay=0.19, delays=0.01/0.02/0.11/0.05, dsn=5.7.1, status=bounced (host PROVIDER.de[ssss] said: 554 5.7.1 <xxxxr@xxxx>: Relay access denied (in reply to RCPT TO command))
Last edited by Midyr2 on Wed Jan 10, 2018 2:27 pm; edited 2 times in total |
|
| Back to top |
|
 |
khayyam
Watchman
Joined: 07 Jun 2012
Posts: 6227
Location: Room 101
|
| Posted: Wed Jan 10, 2018 1:54 pm Post subject: Re: Postfix SASL Realyhost |
|
|
Midyr2 ... I think this is the source of your problem. I have a similar relay (only with 'relayhost_maps' as I have various relays) and the following is set:
| /etc/postfix/main.cf: | smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtp_tls_CApath = /etc/ssl/certs |
HTH & best ... khay |
|
| Back to top |
|
|
Midyr2
n00b
Joined: 10 Jan 2018
Posts: 2
|
| Posted: Wed Jan 10, 2018 2:26 pm Post subject: Re: Postfix SASL Realyhost |
|
|
| khayyam wrote: |
Midyr2 ... I think this is the source of your problem. I have a similar relay (only with 'relayhost_maps' as I have various relays) and the following is set:
| /etc/postfix/main.cf: | smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtp_tls_CApath = /etc/ssl/certs |
HTH & best ... khay |
Hi,
yes, you are right. I forgott to enable smtp_use_tls
Thanks
Midyr |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
