postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Fwd: Problem with relaying denied error

Fwd: Problem with relaying denied error

From: Rich <rhdyes_at_nospam>
Date: Mon Oct 25 2010 - 06:23:07 GMT
To: postfix-users@postfix.org

---------- Forwarded message ----------
From: Rich <rhdyes@gmail.com>
Date: Mon, Oct 25, 2010 at 2:00 AM
Subject: Re: Problem with relaying denied error
To: Stan Hoeppner <stan@hardwarefreak.com>

On Mon, Oct 25, 2010 at 1:39 AM, Stan Hoeppner <stan@hardwarefreak.com>wrote:

> Rich put forth on 10/24/2010 10:58 PM:
> > I am getting the below error when I try to send email from a pc from the
> > same network using sasl authentication to the postfix server.
> >
> > Oct 24 23:02:36 server postfix/smtp[25874]: 7349F21003C: to=<
> > rhdyes@gmail.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.07,
> > delays=0.05/0.01/0/0.01, dsn=5.0.0, status=bounced (host
> > 127.0.0.1[127.0.0.1] said: 558 Relaying denied: domain not valid
> >
> > Below here is the postconf -n result. I am using vams, spampd as a proxy
> > server for spamassassin all running on the same server.
>
> > relay_domains = 10.0.0.0/24
>
> Get rid of this ^^ or specify some domain names or host names, not an IP
> subnet. See: http://www.postfix.org/postconf.5.html#relay_domains
>
> > This postfix configuration has been used to relay mail to a Domino server
> > for over a year. The only addition I have added was the sasl
> authentication
> > so I can use is as smtp server.
>
> > Any ideas?
>
> Yes. I would suggest configuring a new smtpd listener for this. Most
> people use the master.cf default TCP 587 listener daemon to accept
> submitted mail. MUA clients will need to be configured accordingly.
> Apparently your current configuration relays all mail to the Domino
> server after it is piped through various anti spam processes, which I
> believe is why you're getting the error.
>
> I believe what you need is to enable 587 in master.cf, and eliminate all
> of the A/S junk for submitted mail, something like:
>
> 587 inet n - n - - smtpd
> -o smtpd_enforce_tls=yes
> -o smtpd_sasl_auth_enable=yes
> -o content_filter=
> -o header_checks=
> -o smtpd_recipient_restrictions=permit_mynetworks,reject
>
> And it would probably be very helpful if we could see the contents of:
>
> transport_maps = hash:/etc/postfix/keytrans
>
I have this line in the keytrans
domain.com smtp:[10.0.0.100]
I take this as saying transfer any mail for the domain domain.com to the
smtp port on the server 10.0.0.100

>
> The contents of this file may be preventing SASL submitted mail delivery
> to the outside world, especially if there is a line in there that tells
> Postfix to relay all mail to the Domino server you mention above.
>
> --
> Stan
>