# setting up a mail relay with postfix and 1and1 [solved]

## pubecon

What I would like to do is use 1and1 as a relay host for my mail.  I'm guessing it's possible, given this (faq.oneandone.co.uk) and this (gentoo-wiki.com).

but I'm having a bit of trouble

I thought this would work (main.cf)

```

command_directory = /usr/sbin

daemon_directory = /usr/lib/postfix

myhostname = me.dnsalias.com

mydomain = mydomain.co.uk

inet_interfaces = all

mydestination = $myhostname, localhost.$mydomain, $mydomain

unknown_local_recipient_reject_code = 450

mynetworks_style = subnet

mynetworks = 192.168.16.0/24, 127.0.0.0/8

alias_maps = hash:/etc/mail/aliases

alias_database = hash:/etc/mail/aliases

home_mailbox = .maildir/

local_destination_concurrency_limit = 2

default_destination_concurrency_limit = 10

debug_peer_level = 2

debugger_command =

         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

         xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

setgid_group = postdrop

manpage_directory = /usr/share/man

sample_directory = /etc/postfix/sample

readme_directory = /usr/share/doc/postfix-2.0.11

##spam and av

mailbox_command = /usr/bin/procmail

content_filter = smtp-amavis:[127.0.0.1]:10024

##1and1 relaying

#

#

relayhost = smtp.1and1.co.uk

smtp_sasl_auth_enable = yes

smtp_sasl_password_maps = hash:/etc/postfix/saslpass

smtp_sasl_security_options = noanonymous 

```

I also have 

```

smtp.1and1.co.uk  a1and1username:thepassword

```

in my saslpasswd file, as outlined on the wiki and on the 1and1faq

but it doesn't! All mail bounces back with

```

host smtp.1and1.co.uk[212.227.126.224] said: 550 relaying to <anyone@anydomainotherthanmyown.com> prohibited by administrator (in reply to RCPT TO command)

```

I've clearly missed something and it must be something daft but I don't have much of an error to go on...

any ideas on how to proceed?

edit: missed out line when pasting main.cfLast edited by pubecon on Fri Dec 09, 2005 12:30 pm; edited 2 times in total

----------

## magic919

I think Postfix is not actually doing the SASL bit.  Suggest you up logging to verbose and watch logs as you attempt.  

Was there a good reason to leave off this bit?  Was on 1and1 FAQ.

smtp_sasl_security_options = noanonymous

----------

## tuxmin

Didn't you miss one line in your config?

```

smtp_sasl_security_options = noanonymous

```

Alex!!

----------

## pubecon

you were quite correct.

Unfortunately that was just me missing the last line out when I was copying. damn! Got all excited there...

I tried adding some vs to /etc/postfix/master.cf:

```
smtp      inet  n       -       n       -       -       smtpd -v
```

but it gave me no more info on what's going.  Is this not the way to go about increasing the log verbosity?

----------

## magic919

Yes, that's the correct method.  Have you reloaded postfix to take on board the change?

----------

## pubecon

yeah.  No effect.

I managed to get more info by adding smtp.1and1.co.uk to the debug_peer_list but I can't make any sense of it right away...

```

Dec  9 10:46:36 backup postfix/qmgr[4128]: DC1F24AD3A: from=<dave@me.dnsalias.com>, size=443, nrcpt=1 (queue active)

Dec  9 10:46:37 backup postfix/smtp[4137]: DC1F24AD3A: to=<me@yahoo.com>, relay=s                        mtp.1and1.co.uk[212.227.126.224], delay=1, status=bounced (host smtp.1and1.co.uk[212.2                        27.126.224] said: 550 relaying to <me@yahoo.com> prohibited by administrator (in reply to RCPT TO command))

Dec  9 10:46:37 backup postfix/cleanup[4135]: 420D34AD42: message-id=<20051209104637.4                        20D34AD42@me.dnsalias.com>

Dec  9 10:46:37 backup postfix/qmgr[4128]: 420D34AD42: from=<>, size=2367, nrcpt=1 (queue active)

Dec  9 10:46:37 backup postfix/qmgr[4128]: DC1F24AD3A: removed

Dec  9 10:46:37 backup postfix/local[4139]: 420D34AD42: to=<dave@me.dnsalias.com>,                         relay=local, delay=0, status=sent (delivered to maildir)

Dec  9 10:46:37 backup postfix/qmgr[4128]: 420D34AD42: removed

Dec  9 10:49:51 backup postfix/postfix-script: refreshing the Postfix mail system

Dec  9 10:49:51 backup postfix/master[4116]: reload configuration

Dec  9 10:50:20 backup postfix/pickup[4150]: 8575F4ACD8: uid=1000 from=<dave>

Dec  9 10:50:20 backup postfix/cleanup[4171]: 8575F4ACD8: message-id=<20051209105020.G                        A4166@backup.mydomain.co.uk>

Dec  9 10:50:20 backup postfix/qmgr[4151]: 8575F4ACD8: from=<dave@me.dnsalias.com>, size=420, nrcpt=1 (queue active)

Dec  9 10:50:20 backup postfix/smtp[4173]: < smtp.1and1.co.uk[212.227.126.224]: 220 mrvdomng.kundenserver.de ESMTP Fri, 09 Dec 2005 11:49:59 +0100

Dec  9 10:50:20 backup postfix/smtp[4173]: > smtp.1and1.co.uk[212.227.126.224]: EHLO me.dnsalias.com

Dec  9 10:50:20 backup postfix/smtp[4173]: vstream_fflush_some: fd 13 flush 26

Dec  9 10:50:20 backup postfix/smtp[4173]: vstream_buf_get_ready: fd 13 got 117

Dec  9 10:50:20 backup postfix/smtp[4173]: < smtp.1and1.co.uk[212.227.126.224]: 250-mrvdomng.kundenserver.de Hello me.dnsalias.com [my.ip.add.ress]

Dec  9 10:50:20 backup postfix/smtp[4173]: < smtp.1and1.co.uk[212.227.126.224]: 250-SIZE 20971520

Dec  9 10:50:20 backup postfix/smtp[4173]: < smtp.1and1.co.uk[212.227.126.224]: 250-PIPELINING

Dec  9 10:50:20 backup postfix/smtp[4173]: < smtp.1and1.co.uk[212.227.126.224]: 250 HELP

Dec  9 10:50:20 backup postfix/smtp[4173]: server features: 0xd size 20971520

Dec  9 10:50:20 backup postfix/smtp[4173]: Using ESMTP PIPELINING, TCP send buffer size is 4096

Dec  9 10:50:20 backup postfix/smtp[4173]: > smtp.1and1.co.uk[212.227.126.224]: MAIL FROM:<dave@me.dnsalias.com> SIZE=420

Dec  9 10:50:20 backup postfix/smtp[4173]: > smtp.1and1.co.uk[212.227.126.224]: RCPT TO:<me@yahoo.com>

Dec  9 10:50:20 backup postfix/smtp[4173]: > smtp.1and1.co.uk[212.227.126.224]: DATA

Dec  9 10:50:20 backup postfix/smtp[4173]: vstream_fflush_some: fd 13 flush 82

Dec  9 10:50:20 backup postfix/smtp[4173]: vstream_buf_get_ready: fd 13 got 171

Dec  9 10:50:20 backup postfix/smtp[4173]: < smtp.1and1.co.uk[212.227.126.224]: 250 <dave@me.dnsalias.com> is syntactically correct

Dec  9 10:50:20 backup postfix/smtp[4173]: < smtp.1and1.co.uk[212.227.126.224]: 550 relaying to <me@yahoo.com> prohibited by administrator

Dec  9 10:50:20 backup postfix/smtp[4173]: connect to subsystem private/bounce

Dec  9 10:50:20 backup postfix/smtp[4173]: send attr nrequest = 0

Dec  9 10:50:20 backup postfix/smtp[4173]: send attr flags = 0

Dec  9 10:50:20 backup postfix/smtp[4173]: send attr queue_id = 8575F4ACD8

Dec  9 10:50:20 backup postfix/smtp[4173]: send attr original_recipient = me@yahoo.com

Dec  9 10:50:20 backup postfix/smtp[4173]: send attr recipient = me@yahoo.com

Dec  9 10:50:20 backup postfix/smtp[4173]: send attr offset = 156

Dec  9 10:50:20 backup postfix/smtp[4173]: send attr status = 5.0.0

Dec  9 10:50:20 backup postfix/smtp[4173]: send attr action = failed

Dec  9 10:50:20 backup postfix/smtp[4173]: send attr reason = host smtp.1and1.co.uk[212.227.126.224] said: 550 relaying to <me@yahoo.com> prohibited by administrator (in reply to RCPT TO command)

Dec  9 10:50:20 backup postfix/smtp[4173]: private/bounce socket: wanted attribute: status

Dec  9 10:50:20 backup postfix/smtp[4173]: vstream_fflush_some: fd 14 flush 289

Dec  9 10:50:20 backup postfix/smtp[4173]: vstream_buf_get_ready: fd 14 got 10

Dec  9 10:50:20 backup postfix/smtp[4173]: input attribute name: status

Dec  9 10:50:20 backup postfix/smtp[4173]: input attribute value: 0

Dec  9 10:50:20 backup postfix/smtp[4173]: private/bounce socket: wanted attribute: (list terminator)

Dec  9 10:50:20 backup postfix/smtp[4173]: input attribute name: (end)

Dec  9 10:50:20 backup postfix/smtp[4173]: 8575F4ACD8: to=<me@yahoo.com>, relay=s                        mtp.1and1.co.uk[212.227.126.224], delay=0, status=bounced (host smtp.1and1.co.uk[212.227.126.224] said: 550 relaying to <me@yahoo.com> prohibited by administrator (in reply to RCPT TO command))

Dec  9 10:50:20 backup postfix/smtp[4173]: rec_put_type: 68 at 156

Dec  9 10:50:20 backup postfix/smtp[4173]: vstream_fflush_some: fd 12 flush 1

Dec  9 10:50:20 backup postfix/smtp[4173]: < smtp.1and1.co.uk[212.227.126.224]: 503 Valid RCPT TO <recipient> must precede DATA

Dec  9 10:50:20 backup postfix/smtp[4173]: > smtp.1and1.co.uk[212.227.126.224]: RSET

Dec  9 10:50:20 backup postfix/smtp[4173]: > smtp.1and1.co.uk[212.227.126.224]: QUIT

Dec  9 10:50:20 backup postfix/smtp[4173]: vstream_fflush_some: fd 13 flush 12

Dec  9 10:50:21 backup postfix/smtp[4173]: vstream_buf_get_ready: fd 13 got 63

Dec  9 10:50:21 backup postfix/smtp[4173]: < smtp.1and1.co.uk[212.227.126.224]: 250 Reset OK

Dec  9 10:50:21 backup postfix/smtp[4173]: name_mask: resource

Dec  9 10:50:21 backup postfix/smtp[4173]: name_mask: software

Dec  9 10:50:21 backup postfix/cleanup[4171]: 097FE4AD42: message-id=<20051209105021.097FE4AD42@me.dnsalias.com>

Dec  9 10:50:21 backup postfix/qmgr[4151]: 097FE4AD42: from=<>, size=2344, nrcpt=1 (queue active)

Dec  9 10:50:21 backup postfix/qmgr[4151]: 8575F4ACD8: removed

Dec  9 10:50:21 backup postfix/local[4175]: 097FE4AD42: to=<dave@me.dnsalias.com>, relay=local, delay=0, status=sent (delivered to maildir)

Dec  9 10:50:21 backup postfix/qmgr[4151]: 097FE4AD42: removed

```

actually, now I look at it, only the first few lines are me sending.  the rest is just guff about the email coming back isn't it? ARGH!

----------

## magic919

Their server is not advertising that it supports SMTP AUTH.

----------

## magic919

This is easy.

Try auth.smtp.1and1.co.uk

250-mrelayeu1.kundenserver.de pleased to meet you

250-STARTTLS

250-AUTH PLAIN LOGIN

250-AUTH=PLAIN LOGIN

250-PIPELINING

250-8BITMIME

250-SIZE 20971520

250 HELP

----------

## pubecon

oh ballcocks!

any ideas on how to proceed?

(oops - posted a bit late - will give that a go)

----------

## UberLord

Any reason why you want to relay through 1&1 (I use them to btw) as opposed to postfix sending it itself?

----------

## pubecon

well the domain is hosted by 1and1.co.uk.

By sticking squirrelmail on their web server, I can log in to either the 1and1 imap inbox or my imap server (using the multilogin plugin).  It just means that if my server goes kaput, that email can continue as normal via the webmail interface.

Email is downloaded periodically from the external 1and1 server to the internal server.

The problem is that getting a static IP address from BT costs an extra fiver a month and, unfortunately (!), I have been (mis) blacklisted by sorbs.net - apparently because my dynamic IP is in the block of a spammer.

I figured that by using 1and1 as a relay, I could avoid this annoyance ever happening again.

and yay, a new error

```

Dec  9 11:17:24 backup postfix/smtp[4798]: 4DF154AD42: to=<me@yahoo.com>, relay=auth.smtp.1and1.co.uk[212.227.15.179], delay=2, status=bounced (host auth.smtp.1and1.co.uk[212.227.15.179] said: 550 must be authenticated (in reply to RCPT TO command))

```

edit: added link to multilogin pluginLast edited by pubecon on Fri Dec 09, 2005 11:43 am; edited 2 times in total

----------

## magic919

The question now is - is Postfix trying to AUTH and failing, or is it not trying.  See the logs (again).  -vv if you need even more verbose.

----------

## pubecon

am already at vvv and it doesn't seem to be doing anything.  Adding (to main.cf)

```

debug_peer_list = 127.0.0.1, auth.smtp.1and1.co.uk

```

gives back all this jazz

```

Dec  9 11:34:07 backup postfix/master[5017]: daemon started -- version 2.1.5

Dec  9 11:34:43 backup postfix/pickup[5028]: 03A884ACD8: uid=1000 from=<dave>

Dec  9 11:34:43 backup postfix/cleanup[5125]: 03A884ACD8: message-id=<20051209113442.GA5120@backup.me.co.u               k>

Dec  9 11:34:43 backup postfix/qmgr[5029]: 03A884ACD8: from=<dave@me.dnsalias.com>, size=420, nrcpt=1 (queue active)

Dec  9 11:34:43 backup postfix/smtp[5127]: < auth.smtp.1and1.co.uk[212.227.15.179]: 220 auth.smtp.oneandone.co               .uk (mrelayeu3) Welcome to Nemesis ESMTP server

Dec  9 11:34:43 backup postfix/smtp[5127]: > auth.smtp.1and1.co.uk[212.227.15.179]: EHLO me.dnsalias.com

Dec  9 11:34:43 backup postfix/smtp[5127]: vstream_fflush_some: fd 13 flush 26

Dec  9 11:34:43 backup postfix/smtp[5127]: vstream_buf_get_ready: fd 13 got 51

Dec  9 11:34:43 backup postfix/smtp[5127]: < auth.smtp.1and1.co.uk[212.227.15.179]: 250-mrelayeu3.kundenserver.de pleased to meet you

Dec  9 11:34:43 backup postfix/smtp[5127]: vstream_buf_get_ready: fd 13 got 117

Dec  9 11:34:43 backup postfix/smtp[5127]: < auth.smtp.1and1.co.uk[212.227.15.179]: 250-STARTTLS

Dec  9 11:34:43 backup postfix/smtp[5127]: < auth.smtp.1and1.co.uk[212.227.15.179]: 250-AUTH PLAIN LOGIN

Dec  9 11:34:43 backup postfix/smtp[5127]: < auth.smtp.1and1.co.uk[212.227.15.179]: 250-AUTH=PLAIN LOGIN

Dec  9 11:34:43 backup postfix/smtp[5127]: < auth.smtp.1and1.co.uk[212.227.15.179]: 250-PIPELINING

Dec  9 11:34:43 backup postfix/smtp[5127]: < auth.smtp.1and1.co.uk[212.227.15.179]: 250-8BITMIME

Dec  9 11:34:43 backup postfix/smtp[5127]: < auth.smtp.1and1.co.uk[212.227.15.179]: 250-SIZE 20971520

Dec  9 11:34:43 backup postfix/smtp[5127]: < auth.smtp.1and1.co.uk[212.227.15.179]: 250 HELP

Dec  9 11:34:43 backup postfix/smtp[5127]: server features: 0x3f size 20971520

Dec  9 11:34:43 backup postfix/smtp[5127]: maps_find: smtp_sasl_passwd: auth.smtp.1and1.co.uk: not found

Dec  9 11:34:43 backup postfix/smtp[5127]: maps_find: smtp_sasl_passwd: auth.smtp.1and1.co.uk: not found

Dec  9 11:34:43 backup postfix/smtp[5127]: smtp_sasl_passwd_lookup: host `auth.smtp.1and1.co.uk' no auth info                found

Dec  9 11:34:43 backup postfix/smtp[5127]: Using ESMTP PIPELINING, TCP send buffer size is 4096

Dec  9 11:34:43 backup postfix/smtp[5127]: > auth.smtp.1and1.co.uk[212.227.15.179]: MAIL FROM:<dave@me.dnsalias.com> SIZE=420

Dec  9 11:34:43 backup postfix/smtp[5127]: > auth.smtp.1and1.co.uk[212.227.15.179]: RCPT TO:<me@yahoo.com               >

Dec  9 11:34:43 backup postfix/smtp[5127]: > auth.smtp.1and1.co.uk[212.227.15.179]: DATA

Dec  9 11:34:43 backup postfix/smtp[5127]: vstream_fflush_some: fd 13 flush 82

Dec  9 11:34:43 backup postfix/smtp[5127]: vstream_buf_get_ready: fd 13 got 46

Dec  9 11:34:43 backup postfix/smtp[5127]: < auth.smtp.1and1.co.uk[212.227.15.179]: 250 mail from: <dave@me.dnsalias.com> ok

Dec  9 11:34:45 backup postfix/smtp[5127]: vstream_buf_get_ready: fd 13 got 27

Dec  9 11:34:45 backup postfix/smtp[5127]: < auth.smtp.1and1.co.uk[212.227.15.179]: 550 must be authenticated

Dec  9 11:34:45 backup postfix/smtp[5127]: connect to subsystem private/bounce

Dec  9 11:34:45 backup postfix/smtp[5127]: send attr nrequest = 0

Dec  9 11:34:45 backup postfix/smtp[5127]: send attr flags = 0

Dec  9 11:34:45 backup postfix/smtp[5127]: send attr queue_id = 03A884ACD8

Dec  9 11:34:45 backup postfix/smtp[5127]: send attr original_recipient = me@yahoo.com

Dec  9 11:34:45 backup postfix/smtp[5127]: send attr recipient = me@yahoo.com

Dec  9 11:34:45 backup postfix/smtp[5127]: send attr offset = 156

Dec  9 11:34:45 backup postfix/smtp[5127]: send attr status = 5.0.0

Dec  9 11:34:45 backup postfix/smtp[5127]: send attr action = failed

Dec  9 11:34:45 backup postfix/smtp[5127]: send attr reason = host auth.smtp.1and1.co.uk[212.227.15.179] said: 550 must be authenticated (in reply to RCPT TO command)

Dec  9 11:34:45 backup postfix/smtp[5127]: private/bounce socket: wanted attribute: status

Dec  9 11:34:45 backup postfix/smtp[5127]: vstream_fflush_some: fd 14 flush 255

Dec  9 11:34:45 backup postfix/smtp[5127]: vstream_buf_get_ready: fd 14 got 10

Dec  9 11:34:45 backup postfix/smtp[5127]: input attribute name: status

Dec  9 11:34:45 backup postfix/smtp[5127]: input attribute value: 0

Dec  9 11:34:45 backup postfix/smtp[5127]: private/bounce socket: wanted attribute: (list terminator)

Dec  9 11:34:45 backup postfix/smtp[5127]: input attribute name: (end)

Dec  9 11:34:45 backup postfix/smtp[5127]: 03A884ACD8: to=<me@yahoo.com>, relay=auth.smtp.1and1.co.uk[212.227.15.179], delay=2, status=bounced (host auth.smtp.1and1.co.uk[212.227.15.179] said: 550 must be authenticated (in reply to RCPT TO command))

Dec  9 11:34:45 backup postfix/smtp[5127]: rec_put_type: 68 at 156

Dec  9 11:34:45 backup postfix/smtp[5127]: vstream_fflush_some: fd 12 flush 1

Dec  9 11:34:45 backup postfix/smtp[5127]: vstream_buf_get_ready: fd 13 got 25

Dec  9 11:34:45 backup postfix/smtp[5127]: < auth.smtp.1and1.co.uk[212.227.15.179]: 554 no valid recipients

Dec  9 11:34:45 backup postfix/smtp[5127]: > auth.smtp.1and1.co.uk[212.227.15.179]: RSET

Dec  9 11:34:45 backup postfix/smtp[5127]: > auth.smtp.1and1.co.uk[212.227.15.179]: QUIT

Dec  9 11:34:45 backup postfix/smtp[5127]: vstream_fflush_some: fd 13 flush 12

Dec  9 11:34:45 backup postfix/smtp[5127]: vstream_buf_get_ready: fd 13 got 8

Dec  9 11:34:45 backup postfix/smtp[5127]: < auth.smtp.1and1.co.uk[212.227.15.179]: 250 OK

Dec  9 11:34:45 backup postfix/smtp[5127]: name_mask: resource

Dec  9 11:34:45 backup postfix/smtp[5127]: name_mask: software

Dec  9 11:34:45 backup postfix/cleanup[5125]: C24AD4AD45: message-id=<20051209113445.C24AD4AD45@me.dnsalias.com>

Dec  9 11:34:45 backup postfix/qmgr[5029]: C24AD4AD45: from=<>, size=2266, nrcpt=1 (queue active)

Dec  9 11:34:45 backup postfix/qmgr[5029]: 03A884ACD8: removed

Dec  9 11:34:45 backup postfix/local[5129]: C24AD4AD45: to=<dave@me.dnsalias.com>, relay=local, delay=0, s               tatus=sent (delivered to maildir)

Dec  9 11:34:45 backup postfix/qmgr[5029]: C24AD4AD45: removed

```

Apologies for posting these log transcripts, most of which will be irrelevant (i.e. me getting the mail bounced back) but I am unable to discern what is valid and what is not at the moment.

looks like the problem is in

```

Dec  9 11:34:43 backup postfix/smtp[5127]: maps_find: smtp_sasl_passwd: auth.smtp.1and1.co.uk: not found

Dec  9 11:34:43 backup postfix/smtp[5127]: maps_find: smtp_sasl_passwd: auth.smtp.1and1.co.uk: not found

Dec  9 11:34:43 backup postfix/smtp[5127]: smtp_sasl_passwd_lookup: host `auth.smtp.1and1.co.uk' no auth info found 

```

woops! forgot to change my saslpasswd file.

OK.  No errors that time.  I await an email in my yahoo inbox before celebrating and changing the subject line...

edit: AWESOME! It works! Thanks to all.  That was a bit of a fight, so I hope this thread'll help someone else.Last edited by pubecon on Fri Dec 09, 2005 11:56 am; edited 1 time in total

----------

## magic919

Looks like you have it under control.  It's a bit like trying to juggle more than 2 balls at times.  Do turn off the -vv debug stuff  :Smile: 

----------

