# Postfix Problem and Questions

## Corona688

I've got postfix setup on a remote linux box.  When trying to send a reply to an email routed to me through it via SMTP, the server gives me the message "<xxxxxxx@twomix.devolution.com>: Relay access denied" which is very strange, since that's neither my address nor the relay host's address -- it's the destination email address.  Looking in the system log, there is:

```
Jan 25 18:56:51 steward postfix/smtpd[3094]: NOQUEUE: reject: RCPT from my-ip-address: 554 <xxxxxxx@twomix.devolution.com>: Relay access denied; from=<xxxxxxxx@burningsmell.org> to=<xxxxxxx@twomix.devolution.com> proto=ESMTP helo=<my-ip-address>
```

 I suspect it's something stupid I simply don't understand yet.

Now, the question.  Very small question but I fear a real big answer.  How would I go about setting up SMTP authentication, ideally over SSL?

----------

## ectospasm

I don't know about your relaying problem, but here's a HOWTO setting up SMTP AUTH (with TLS):

http://postfix.state-of-mind.de/patrick.koetter/smtpauth/

----------

## Chris W

 *Corona688 wrote:*   

> I've got postfix setup on a remote linux box.  When trying to send a reply to an email routed to me through it via SMTP, the server gives me the message "<xxxxxxx@twomix.devolution.com>: Relay access denied" which is very strange, since that's neither my address nor the relay host's address -- it's the destination email address.  

   If you are connecting to Postfix from another sub-net then the default configuration will consider you the same as an anonymous spammer and refuse to deliver mail not destined for itself.   If the remote address from which you wish to send mail is fixed (or in a known network block) and trustworthy  then you could define the mynetworks variable in main.cf to include the external address/range and all your internal ones.  See the main.cf comments for more details.

----------

## Corona688

Ah, I see.  That makes sense, and when you think about it it's a sensible default.  And that tutorial looks like it'll kill two birds with one stone...

----------

## Corona688

OK.  I've got it half-working.  I cannot figure out why, but even when authentication works it will not give me relay access.  I've substituted fake IP addresses and fake domain names.

Telnetting into server: 

```
telnet mymailserver.org 25

Trying mailserver-ip-address...

Connected to mymailserver.org.

Escape character is '^]'.

220 mymailserver.org ESMTP Postfix

ehlo my-ip-address

250-mymailserver.org

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-STARTTLS

250-AUTH LOGIN PLAIN

250-AUTH=LOGIN PLAIN

250 8BITMIME

AUTH PLAIN base64-encoded-authentication-stuff

235 Authentication successful

mail from:<myuser@mymailserver.org>

250 Ok

rcpt to:<test@test.com>

554 <test@test.com>: Relay access denied

quit

221 Bye

Connection closed by foreign host.
```

My system log:

```
Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const mail

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const ipv4

Jan 27 18:46:39 steward postfix/smtpd[13974]: name_mask: ipv4

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const mymailserver.org

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const mymailserver.org

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const Postfix

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const postfix

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const postfix

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const postdrop

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: expand $myhostname, localhost.$mydomain, localhost -> mymailserver.org, localhost.mymailserver.org, localhost

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: expand $myhostname -> mymailserver.org

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const smtp.accesscomm.ca

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const /usr/lib/postfix

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const /usr/sbin

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const /var/spool/postfix

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const pid

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const all

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const double-bounce

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const nobody

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const hash:/etc/mail/aliases

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 20050719

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 2.2.5

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const hash

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const deferred, defer

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: expand $mydestination -> mymailserver.org, localhost.mymailserver.org, localhost

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: expand $relay_domains -> mymailserver.org, localhost.mymailserver.org, localhost

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const TZ MAIL_CONFIG

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const subnet

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const +=

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const -=+

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const bounce

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const cleanup

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const defer

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const pickup

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const qmgr

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const rewrite

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const showq

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const error

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const flush

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const verify

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const trace

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: expand ${config_directory}/prng_exch -> /etc/postfix/prng_exch

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const /etc/postfix/newcert.pem

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const /etc/postfix/newreq.pem

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: expand $smtpd_tls_dcert_file ->

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const /etc/postfix/cacert.pem

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: expand $smtp_tls_cert_file ->

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: expand $smtp_tls_dcert_file ->

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 2

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 3

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 100s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 100s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 100s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 100s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 3600s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 3600s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 100s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 100s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 1000s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 1000s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 10s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 10s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 1s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 1s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 1s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 1s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 500s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 500s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 3600s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 3600s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 3600s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 3600s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 3600s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 18000s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 18000s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 1s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 1s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 127.0.0.0/8

Jan 27 18:46:39 steward postfix/smtpd[13974]: inet_addr_local: configured 3 IPv4 addresses

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 550

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: expand $myhostname ESMTP $mail_name -> mymailserver.org ESMTP Postfix

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const resource, software

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const permit_sasl_authenticated

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const permit_mynetworks, reject_unauth_destination

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const postmaster

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: expand $virtual_maps -> hash:/etc/mail/virtual

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const hash:/etc/mail/aliases

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: expand proxy:unix:passwd.byname $alias_maps -> proxy:unix:passwd.byname hash:/etc/mail/aliases

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const noanonymous

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const smtpd

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const CONNECT GET POST

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const <>

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const postmaster

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: expand $authorized_verp_clients ->

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: expand $myhostname -> mymailserver.org

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: expand ${smtpd_client_connection_limit_exceptions:$mynetworks} -> 127.0.0.0/8

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const permit_inet_interfaces

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: expand $smtpd_sasl_security_options -> noanonymous

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const yes

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const yes

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const yes

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const yes

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 300s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 300s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 1s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 1s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 100s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 100s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 3s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 3s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 100s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 100s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 300s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 300s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 1000s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 1000s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 300s

Jan 27 18:46:39 steward postfix/smtpd[13974]: dict_eval: const 300s

Jan 27 18:46:39 steward postfix/smtpd[13974]: process generation: 10 (10)

Jan 27 18:46:39 steward postfix/smtpd[13974]: match_string: mynetworks ~? debug_peer_list

Jan 27 18:46:39 steward postfix/smtpd[13974]: match_string: mynetworks ~? fast_flush_domains

Jan 27 18:46:39 steward postfix/smtpd[13974]: match_string: mynetworks ~? mynetworks

Jan 27 18:46:39 steward postfix/smtpd[13974]: match_string: relay_domains ~? debug_peer_list

Jan 27 18:46:39 steward postfix/smtpd[13974]: match_string: relay_domains ~? fast_flush_domains

Jan 27 18:46:39 steward postfix/smtpd[13974]: match_string: relay_domains ~? mynetworks

Jan 27 18:46:39 steward postfix/smtpd[13974]: match_string: relay_domains ~? permit_mx_backup_networks

Jan 27 18:46:39 steward postfix/smtpd[13974]: match_string: relay_domains ~? qmqpd_authorized_clients

Jan 27 18:46:39 steward postfix/smtpd[13974]: match_string: relay_domains ~? relay_domains

Jan 27 18:46:39 steward postfix/smtpd[13974]: match_string: permit_mx_backup_networks ~? debug_peer_list

Jan 27 18:46:39 steward postfix/smtpd[13974]: match_string: permit_mx_backup_networks ~? fast_flush_domains

Jan 27 18:46:39 steward postfix/smtpd[13974]: match_string: permit_mx_backup_networks ~? mynetworks

Jan 27 18:46:39 steward postfix/smtpd[13974]: match_string: permit_mx_backup_networks ~? permit_mx_backup_networks

Jan 27 18:46:40 steward postfix/smtpd[13974]: connect to subsystem private/proxymap

Jan 27 18:46:40 steward postfix/smtpd[13974]: send attr request = open

Jan 27 18:46:40 steward postfix/smtpd[13974]: send attr table = unix:passwd.byname

Jan 27 18:46:40 steward postfix/smtpd[13974]: send attr flags = 64

Jan 27 18:46:40 steward postfix/smtpd[13974]: private/proxymap socket: wanted attribute: status

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute name: status

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute value: 0

Jan 27 18:46:40 steward postfix/smtpd[13974]: private/proxymap socket: wanted attribute: flags

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute name: flags

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute value: 80

Jan 27 18:46:40 steward postfix/smtpd[13974]: private/proxymap socket: wanted attribute: (list terminator)

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute name: (end)

Jan 27 18:46:40 steward postfix/smtpd[13974]: dict_proxy_open: connect to map=unix:passwd.byname status=0 server_flags=0120

Jan 27 18:46:40 steward postfix/smtpd[13974]: dict_open: proxy:unix:passwd.byname

Jan 27 18:46:40 steward postfix/smtpd[13974]: warning: database /etc/mail/aliases.db is older than source file /etc/mail/aliases

Jan 27 18:46:40 steward postfix/smtpd[13974]: dict_open: hash:/etc/mail/aliases

Jan 27 18:46:40 steward postfix/smtpd[13974]: dict_open: hash:/etc/mail/virtual

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_string: smtpd_access_maps ~? debug_peer_list

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_string: smtpd_access_maps ~? fast_flush_domains

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_string: smtpd_access_maps ~? mynetworks

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_string: smtpd_access_maps ~? permit_mx_backup_networks

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_string: smtpd_access_maps ~? qmqpd_authorized_clients

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_string: smtpd_access_maps ~? relay_domains

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_string: smtpd_access_maps ~? smtpd_access_maps

Jan 27 18:46:40 steward postfix/smtpd[13974]: smtpd_sasl_initialize: SASL config file is smtpd.conf

Jan 27 18:46:40 steward postfix/smtpd[13974]: initializing the server-side TLS engine

Jan 27 18:46:40 steward postfix/smtpd[13974]: attr_clnt_create: transport=local endpoint=private/tlsmgr

Jan 27 18:46:40 steward postfix/smtpd[13974]: attr_clnt_connect: connected to private/tlsmgr

Jan 27 18:46:40 steward postfix/smtpd[13974]: send attr request = seed

Jan 27 18:46:40 steward postfix/smtpd[13974]: send attr size = 32

Jan 27 18:46:40 steward postfix/smtpd[13974]: private/tlsmgr: wanted attribute: status

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute name: status

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute value: 0

Jan 27 18:46:40 steward postfix/smtpd[13974]: private/tlsmgr: wanted attribute: seed

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute name: seed

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute value: HepaHADENBDLd4JYZqTSeninkZ188V3m/t4wl7yz4nY=

Jan 27 18:46:40 steward postfix/smtpd[13974]: private/tlsmgr: wanted attribute: (list terminator)

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute name: (end)

Jan 27 18:46:40 steward postfix/smtpd[13974]: send attr request = policy

Jan 27 18:46:40 steward postfix/smtpd[13974]: private/tlsmgr: wanted attribute: status

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute name: status

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute value: 0

Jan 27 18:46:40 steward postfix/smtpd[13974]: private/tlsmgr: wanted attribute: policy

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute name: policy

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute value: 0

Jan 27 18:46:40 steward postfix/smtpd[13974]: private/tlsmgr: wanted attribute: (list terminator)

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute name: (end)

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_string: fast_flush_domains ~? debug_peer_list

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_string: fast_flush_domains ~? fast_flush_domains

Jan 27 18:46:40 steward postfix/smtpd[13974]: attr_clnt_create: transport=local endpoint=private/anvil

Jan 27 18:46:40 steward postfix/smtpd[13974]: connection established

Jan 27 18:46:40 steward postfix/smtpd[13974]: master_notify: status 0

Jan 27 18:46:40 steward postfix/smtpd[13974]: name_mask: resource

Jan 27 18:46:40 steward postfix/smtpd[13974]: name_mask: software

Jan 27 18:46:40 steward postfix/smtpd[13974]: name_mask: noanonymous

Jan 27 18:46:40 steward postfix/smtpd[13974]: connect from domain-name-inside-my-isp[my-ip-address]

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_list_match: domain-name-inside-my-isp: no match

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_list_match: my-ip-address: no match

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_list_match: domain-name-inside-my-isp: no match

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_list_match: my-ip-address: no match

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_hostname: domain-name-inside-my-isp ~? 127.0.0.0/8

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_hostaddr: my-ip-address ~? 127.0.0.0/8

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_list_match: domain-name-inside-my-isp: no match

Jan 27 18:46:40 steward postfix/smtpd[13974]: match_list_match: my-ip-address: no match

Jan 27 18:46:40 steward postfix/smtpd[13974]: attr_clnt_connect: connected to private/anvil

Jan 27 18:46:40 steward postfix/smtpd[13974]: send attr request = connect

Jan 27 18:46:40 steward postfix/smtpd[13974]: send attr ident = smtp:my-ip-address

Jan 27 18:46:40 steward postfix/smtpd[13974]: private/anvil: wanted attribute: status

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute name: status

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute value: 0

Jan 27 18:46:40 steward postfix/smtpd[13974]: private/anvil: wanted attribute: count

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute name: count

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute value: 1

Jan 27 18:46:40 steward postfix/smtpd[13974]: private/anvil: wanted attribute: rate

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute name: rate

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute value: 1

Jan 27 18:46:40 steward postfix/smtpd[13974]: private/anvil: wanted attribute: (list terminator)

Jan 27 18:46:40 steward postfix/smtpd[13974]: input attribute name: (end)

Jan 27 18:46:40 steward postfix/smtpd[13974]: > domain-name-inside-my-isp[my-ip-address]: 220 mymailserver.org ESMTP Postfix

Jan 27 18:46:49 steward postfix/smtpd[13974]: < domain-name-inside-my-isp[my-ip-address]: ehlo my-ip-address

Jan 27 18:46:49 steward postfix/smtpd[13974]: > domain-name-inside-my-isp[my-ip-address]: 250-mymailserver.org

Jan 27 18:46:49 steward postfix/smtpd[13974]: > domain-name-inside-my-isp[my-ip-address]: 250-PIPELINING

Jan 27 18:46:49 steward postfix/smtpd[13974]: > domain-name-inside-my-isp[my-ip-address]: 250-SIZE 10240000

Jan 27 18:46:49 steward postfix/smtpd[13974]: > domain-name-inside-my-isp[my-ip-address]: 250-VRFY

Jan 27 18:46:49 steward postfix/smtpd[13974]: > domain-name-inside-my-isp[my-ip-address]: 250-ETRN

Jan 27 18:46:49 steward postfix/smtpd[13974]: > domain-name-inside-my-isp[my-ip-address]: 250-STARTTLS

Jan 27 18:46:49 steward postfix/smtpd[13974]: > domain-name-inside-my-isp[my-ip-address]: 250-AUTH LOGIN PLAIN

Jan 27 18:46:49 steward postfix/smtpd[13974]: match_list_match: domain-name-inside-my-isp: no match

Jan 27 18:46:49 steward postfix/smtpd[13974]: match_list_match: my-ip-address: no match

Jan 27 18:46:49 steward postfix/smtpd[13974]: > domain-name-inside-my-isp[my-ip-address]: 250-AUTH=LOGIN PLAIN

Jan 27 18:46:49 steward postfix/smtpd[13974]: > domain-name-inside-my-isp[my-ip-address]: 250 8BITMIME

Jan 27 18:47:00 steward postfix/smtpd[13974]: < domain-name-inside-my-isp[my-ip-address]: AUTH PLAIN base64-encoded-authentication-stuff

Jan 27 18:47:00 steward postfix/smtpd[13974]: smtpd_sasl_authenticate: sasl_method PLAIN, init_response base64-encoded-authentication-stuff

Jan 27 18:47:00 steward postfix/smtpd[13974]: smtpd_sasl_authenticate: decoded initial response myuser

Jan 27 18:47:00 steward postfix/smtpd[13974]: > domain-name-inside-my-isp[my-ip-address]: 235 Authentication successful

Jan 27 18:47:14 steward postfix/smtpd[13974]: < domain-name-inside-my-isp[my-ip-address]: mail from:<myuser@mymailserver.org>

Jan 27 18:47:14 steward postfix/smtpd[13974]: extract_addr: input: <myuser@mymailserver.org>

Jan 27 18:47:14 steward postfix/smtpd[13974]: smtpd_check_addr: addr=myuser@mymailserver.org

Jan 27 18:47:14 steward postfix/smtpd[13974]: connect to subsystem private/rewrite

Jan 27 18:47:14 steward postfix/smtpd[13974]: send attr request = rewrite

Jan 27 18:47:14 steward postfix/smtpd[13974]: send attr rule = local

Jan 27 18:47:14 steward postfix/smtpd[13974]: send attr address = myuser@mymailserver.org

Jan 27 18:47:14 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: flags

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute name: flags

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute value: 0

Jan 27 18:47:14 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: address

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute name: address

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute value: myuser@mymailserver.org

Jan 27 18:47:14 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: (list terminator)

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute name: (end)

Jan 27 18:47:14 steward postfix/smtpd[13974]: rewrite_clnt: local: myuser@mymailserver.org -> myuser@mymailserver.org

Jan 27 18:47:14 steward postfix/smtpd[13974]: send attr request = resolve

Jan 27 18:47:14 steward postfix/smtpd[13974]: send attr address = myuser@mymailserver.org

Jan 27 18:47:14 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: flags

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute name: flags

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute value: 0

Jan 27 18:47:14 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: transport

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute name: transport

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute value: local

Jan 27 18:47:14 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: nexthop

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute name: nexthop

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute value: mymailserver.org

Jan 27 18:47:14 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: recipient

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute name: recipient

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute value: myuser@mymailserver.org

Jan 27 18:47:14 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: flags

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute name: flags

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute value: 256

Jan 27 18:47:14 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: (list terminator)

Jan 27 18:47:14 steward postfix/smtpd[13974]: input attribute name: (end)

Jan 27 18:47:14 steward postfix/smtpd[13974]: resolve_clnt: `myuser@mymailserver.org' -> transp=`local' host=`mymailserver.org' rcpt=`myuser@mymailserver.org' flags= class=local

Jan 27 18:47:14 steward postfix/smtpd[13974]: ctable_locate: install entry key myuser@mymailserver.org

Jan 27 18:47:14 steward postfix/smtpd[13974]: extract_addr: result: myuser@mymailserver.org

Jan 27 18:47:14 steward postfix/smtpd[13974]: fsspace: .: block size 4096, blocks free 3932422

Jan 27 18:47:14 steward postfix/smtpd[13974]: smtpd_check_size: blocks 4096 avail 3932422 min_free 0 msg_size_limit 10240000

Jan 27 18:47:14 steward postfix/smtpd[13974]: > domain-name-inside-my-isp[my-ip-address]: 250 Ok

Jan 27 18:47:20 steward postfix/smtpd[13974]: < domain-name-inside-my-isp[my-ip-address]: rcpt to:<test@test.com>

Jan 27 18:47:20 steward postfix/smtpd[13974]: extract_addr: input: <test@test.com>

Jan 27 18:47:20 steward postfix/smtpd[13974]: smtpd_check_addr: addr=test@test.com

Jan 27 18:47:20 steward postfix/smtpd[13974]: send attr request = rewrite

Jan 27 18:47:20 steward postfix/smtpd[13974]: send attr rule = local

Jan 27 18:47:20 steward postfix/smtpd[13974]: send attr address = test@test.com

Jan 27 18:47:20 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: flags

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute name: flags

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute value: 0

Jan 27 18:47:20 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: address

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute name: address

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute value: test@test.com

Jan 27 18:47:20 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: (list terminator)

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute name: (end)

Jan 27 18:47:20 steward postfix/smtpd[13974]: rewrite_clnt: local: test@test.com -> test@test.com

Jan 27 18:47:20 steward postfix/smtpd[13974]: send attr request = resolve

Jan 27 18:47:20 steward postfix/smtpd[13974]: send attr address = test@test.com

Jan 27 18:47:20 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: flags

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute name: flags

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute value: 0

Jan 27 18:47:20 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: transport

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute name: transport

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute value: smtp

Jan 27 18:47:20 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: nexthop

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute name: nexthop

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute value: smtp.accesscomm.ca

Jan 27 18:47:20 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: recipient

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute name: recipient

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute value: test@test.com

Jan 27 18:47:20 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: flags

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute name: flags

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute value: 4096

Jan 27 18:47:20 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: (list terminator)

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute name: (end)

Jan 27 18:47:20 steward postfix/smtpd[13974]: resolve_clnt: `test@test.com' -> transp=`smtp' host=`smtp.accesscomm.ca' rcpt=`test@test.com' flags= class=default

Jan 27 18:47:20 steward postfix/smtpd[13974]: ctable_locate: install entry key test@test.com

Jan 27 18:47:20 steward postfix/smtpd[13974]: extract_addr: result: test@test.com

Jan 27 18:47:20 steward postfix/smtpd[13974]: send attr request = rewrite

Jan 27 18:47:20 steward postfix/smtpd[13974]: send attr rule = local

Jan 27 18:47:20 steward postfix/smtpd[13974]: send attr address = postmaster

Jan 27 18:47:20 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: flags

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute name: flags

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute value: 0

Jan 27 18:47:20 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: address

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute name: address

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute value: postmaster@mymailserver.org

Jan 27 18:47:20 steward postfix/smtpd[13974]: private/rewrite socket: wanted attribute: (list terminator)

Jan 27 18:47:20 steward postfix/smtpd[13974]: input attribute name: (end)

Jan 27 18:47:20 steward postfix/smtpd[13974]: rewrite_clnt: local: postmaster -> postmaster@mymailserver.org

Jan 27 18:47:20 steward postfix/smtpd[13974]: >>> START Client host RESTRICTIONS <<<

Jan 27 18:47:20 steward postfix/smtpd[13974]: generic_checks: name=permit_sasl_authenticated

Jan 27 18:47:20 steward postfix/smtpd[13974]: generic_checks: name=permit_sasl_authenticated status=1

Jan 27 18:47:20 steward postfix/smtpd[13974]: >>> START Recipient address RESTRICTIONS <<<

Jan 27 18:47:20 steward postfix/smtpd[13974]: generic_checks: name=permit_mynetworks

Jan 27 18:47:20 steward postfix/smtpd[13974]: permit_mynetworks: domain-name-inside-my-isp my-ip-address

Jan 27 18:47:20 steward postfix/smtpd[13974]: match_hostname: domain-name-inside-my-isp ~? 127.0.0.0/8

Jan 27 18:47:20 steward postfix/smtpd[13974]: match_hostaddr: my-ip-address ~? 127.0.0.0/8

Jan 27 18:47:20 steward postfix/smtpd[13974]: match_list_match: domain-name-inside-my-isp: no match

Jan 27 18:47:20 steward postfix/smtpd[13974]: match_list_match: my-ip-address: no match

Jan 27 18:47:20 steward postfix/smtpd[13974]: generic_checks: name=permit_mynetworks status=0

Jan 27 18:47:20 steward postfix/smtpd[13974]: generic_checks: name=reject_unauth_destination

Jan 27 18:47:20 steward postfix/smtpd[13974]: reject_unauth_destination: test@test.com

Jan 27 18:47:20 steward postfix/smtpd[13974]: permit_auth_destination: test@test.com

Jan 27 18:47:20 steward postfix/smtpd[13974]: ctable_locate: leave existing entry key test@test.com

Jan 27 18:47:20 steward postfix/smtpd[13974]: NOQUEUE: reject: RCPT from domain-name-inside-my-isp[my-ip-address]: 554 <test@test.com>: Relay access denied; from=<myuser@mymailserver.org> to=<test@test.com> proto=ESMTP helo=<my-ip-address>

Jan 27 18:47:20 steward postfix/smtpd[13974]: generic_checks: name=reject_unauth_destination status=2

Jan 27 18:47:20 steward postfix/smtpd[13974]: > domain-name-inside-my-isp[my-ip-address]: 554 <test@test.com>: Relay access denied

Jan 27 18:47:22 steward postfix/smtpd[13974]: < domain-name-inside-my-isp[my-ip-address]: quit

Jan 27 18:47:22 steward postfix/smtpd[13974]: > domain-name-inside-my-isp[my-ip-address]: 221 Bye

Jan 27 18:47:22 steward postfix/smtpd[13974]: match_hostname: domain-name-inside-my-isp ~? 127.0.0.0/8

Jan 27 18:47:22 steward postfix/smtpd[13974]: match_hostaddr: my-ip-address ~? 127.0.0.0/8

Jan 27 18:47:22 steward postfix/smtpd[13974]: match_list_match: domain-name-inside-my-isp: no match

Jan 27 18:47:22 steward postfix/smtpd[13974]: match_list_match: my-ip-address: no match

Jan 27 18:47:22 steward postfix/smtpd[13974]: send attr request = disconnect

Jan 27 18:47:22 steward postfix/smtpd[13974]: send attr ident = smtp:my-ip-address

Jan 27 18:47:22 steward postfix/smtpd[13974]: private/anvil: wanted attribute: status

Jan 27 18:47:22 steward postfix/smtpd[13974]: input attribute name: status

Jan 27 18:47:22 steward postfix/smtpd[13974]: input attribute value: 0

Jan 27 18:47:22 steward postfix/smtpd[13974]: private/anvil: wanted attribute: (list terminator)

Jan 27 18:47:22 steward postfix/smtpd[13974]: input attribute name: (end)

Jan 27 18:47:22 steward postfix/smtpd[13974]: disconnect from domain-name-inside-my-isp[my-ip-address]

Jan 27 18:47:22 steward postfix/smtpd[13974]: master_notify: status 1

Jan 27 18:47:22 steward postfix/smtpd[13974]: connection closed

Jan 27 18:48:20 steward postfix/smtpd[13974]: proxymap stream disconnect

Jan 27 18:48:20 steward postfix/smtpd[13974]: private/tlsmgr stream disconnect

Jan 27 18:49:00 steward postfix/smtpd[13974]: rewrite stream disconnect

Jan 27 18:49:02 steward postfix/smtpd[13974]: idle timeout -- exiting
```

 postfix smtpd configuration: 

```
# postconf -n | grep smtpd

smtpd_client_restrictions = permit_sasl_authenticated

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain =

smtpd_sasl_security_options = noanonymous

smtpd_tls_CAfile = /etc/postfix/cacert.pem

smtpd_tls_cert_file = /etc/postfix/newcert.pem

smtpd_tls_key_file = /etc/postfix/newreq.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

smtpd_use_tls = yes
```

 sasl configuration: 

```
# cat /etc/sasl2/smtpd.conf

# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.sasl,v 1.2 2004/07/18 03:26:56 dragonheart Exp $

pwcheck_method:saslauthd

mech_list: LOGIN PLAIN
```

 Any idea why permit_sasl_authenticated isn't being honored?

----------

## Chris W

It is still rejecting your relay attempt on the basis of your sending IP address.  You probably need to look at the smtpd_recipient_restrictions, which defaults to:

```
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
```

and add permit_sasl_authenticated: 

```
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

```

See man 5 postconf for details.

I suspect that setting smtpd_client_restrictions as you have may also adversely affect non-authenticated users such as other mail servers.

----------

## Corona688

 *Chris W wrote:*   

> It is still rejecting your relay attempt on the basis of your sending IP address.  You probably need to look at the smtpd_recipient_restrictions, which defaults to:
> 
> ```
> smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
> ```
> ...

  I found it!  In my conf file, I had smtp_recipient_restrictions, not smtpd_recipient_restrictions.  What a bothersome typo.

It works now.  Thanks for the help!

----------

## Corona688

I have managed to turn an email account that can't send into an email account that can't recieve! 

```
Jan 29 11:27:25 steward postfix/smtpd[3114]: initializing the server-side TLS engine

Jan 29 11:27:25 steward postfix/smtpd[3114]: connect from mailout1.accesscomm.ca[204.83.142.27]

Jan 29 11:27:26 steward postfix/smtpd[3114]: NOQUEUE: reject: RCPT from mailout1.accesscomm.ca[204.83.142.27]: 554 <username@mymailserver.org>: Recipient address rejected: Access denied; from=<someone@somewhere.ca> to=<username@mymailserver.org> proto=ESMTP helo=<mailout1.accesscomm.ca>

Jan 29 11:27:26 steward postfix/smtpd[3114]: disconnect from mailout1.accesscomm.ca[204.83.142.27]
```

 What gives?

----------

## Corona688

bump

----------

## Corona688

Final bump.  Come on now.  There must be a reason!  If there's not enough information, tell me what I need to post and I will.

----------

## magic919

Postfix is incorrectly configured I suspect and that generally means main.cf.  Why don't you post that for starters.

----------

## Chris W

I'm sure there is a reason  :Wink:   Your new issue and its two bumps came in at 03:41, 05:24 and 10:47 this morning.  At these times I am  Asleep, or

 At work with problems of my own Now, on to the issue.  What are your mydestination and relay_domain variables set to?  The former should list all the mail domains you consider local, and the latter should list $mydestination plus any other domains you wish to allow relay for (e.g. anything you are backup MX for).  For a simple site the defaults are probably good.  Have a look at those and see if there is a problem   Failing that you might need to post the non-comment lines of main.cf: 

```
$ egrep -v '^(#.*)?$' /etc/postfix/main.cf

```

----------

## Corona688

 *Chris W wrote:*   

> I'm sure there is a reason   Your new issue and its two bumps came in at 03:41, 05:24 and 10:47 this morning.  At these times I am  Asleep, or
> 
>  At work with problems of my own Now, on to the issue.

  Stupid time zones.   :Wink:   Why can't the other half of the world live in total darkness. *Quote:*   

> What are your mydestination and relay_domain variables set to?

 

```
# for VAR in myhostname mydomain mydestination relay_domain 

# do

#        grep "^${VAR}" /etc/postfix/main.cf

# done

myhostname=burningsmell.org

mydomain=burningsmell.org

mydestination = $myhostname, localhost.$mydomain, localhost

relay_domains=hash:/etc/mail/relay-domains

# cat /etc/mail/relay-domains

burningsmell.org = OK
```

 *Quote:*   

> The former should list all the mail domains you consider local, and the latter should list $mydestination plus any other domains you wish to allow relay for (e.g. anything you are backup MX for).  For a simple site the defaults are probably good.  Have a look at those and see if there is a problem.
> 
>  Failing that you might need to post the non-comment lines of main.cf: 
> 
> ```
> ...

 

```
queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/lib/postfix

mail_owner = postfix

myhostname=burningsmell.org

mydomain=burningsmell.org

mydestination = $myhostname, localhost.$mydomain, localhost

unknown_local_recipient_reject_code = 550

mynetworks = 127.0.0.0/8

relay_domains=hash:/etc/mail/relay-domains

relayhost = smtp.accesscomm.ca

alias_maps = hash:/etc/mail/aliases

mail_spool_directory = /var/spool/mail

debug_peer_level = 2

debugger_command =

   PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont;

   echo where) | gdb $daemon_directory/$process_name $process_id 2>&1

   >$config_directory/$process_name.$process_id.log & sleep 5

sendmail_path = /usr/sbin/sendmail

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

setgid_group = postdrop

html_directory = /usr/share/doc/postfix-2.2.5/html

manpage_directory = /usr/share/man

sample_directory = /etc/postfix

readme_directory = /usr/share/doc/postfix-2.2.5/readme

home_mailbox = .maildir/

virtual_maps = hash:/etc/mail/virtual

smtpd_sasl_auth_enable = yes

smtpd_sasl_security_options = noanonymous

smtpd_sasl_local_domain =

broken_sasl_auth_clients = yes

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject

smtpd_use_tls = yes

smtpd_tls_auth_only = yes

smtpd_tls_key_file = /etc/postfix/newreq.pem

smtpd_tls_cert_file = /etc/postfix/newcert.pem

smtpd_tls_CAfile = /etc/postfix/cacert.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

tls_random_source = dev:/dev/urandom
```

----------

## Chris W

I'd be inclined to try this configuration without specifying relay_domains at all because it defaults to sane behaviour for a single domain.

If you need to contuinue with a hash as relay_domains you should ensure:that the map file is in the form 

```
$ cat /etc/mail/relay_domains

domain value
```

AFAICT the value cn be anything.

 that the map file has been turned into the DB Postfix will be expecting thus:

```
# postmap hash:/etc/mail/relay_domains
```

----------

## Corona688

 *Chris W wrote:*   

> I'd be inclined to try this configuration without specifying relay_domains at all because it defaults to sane behaviour for a single domain.

  No dice.

----------

## langthang

you have:

```
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject
```

postfix will reject if the mail is not from:

1) your network.

2) sasl authenticated user.

remove reject in that line.

----------

## Corona688

Postfix refuses to even RUN without "reject" in there:

```
Feb 1 18:48:29 steward postfix/smtpd[21061]: fatal: parameter "smtpd_recipient_restrictions": specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit
```

----------

## langthang

it's time to post your `postconf -n`

----------

## Corona688

```
alias_maps = hash:/etc/mail/aliases

broken_sasl_auth_clients = yes

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/lib/postfix

debug_peer_level = 2

home_mailbox = .maildir/

html_directory = /usr/share/doc/postfix-2.2.5/html

mail_owner = postfix

mail_spool_directory = /var/spool/mail

mailq_path = /usr/bin/mailq

manpage_directory = /usr/share/man

mydestination = $myhostname, localhost.$mydomain, localhost

mydomain = burningsmell.org

myhostname = burningsmell.org

mynetworks = 127.0.0.0/8

newaliases_path = /usr/bin/newaliases

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix-2.2.5/readme

relayhost = smtp.accesscomm.ca

sample_directory = /etc/postfix

sendmail_path = /usr/sbin/sendmail

setgid_group = postdrop

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated reject

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain =

smtpd_sasl_security_options = noanonymous

smtpd_tls_CAfile = /etc/postfix/cacert.pem

smtpd_tls_auth_only = yes

smtpd_tls_cert_file = /etc/postfix/newcert.pem

smtpd_tls_key_file = /etc/postfix/newreq.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

smtpd_use_tls = yes

tls_random_source = dev:/dev/urandom

unknown_local_recipient_reject_code = 550
```

----------

## langthang

try this:

```
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
```

----------

## Corona688

Yes! That did it!  Thank you very much  :Smile: 

----------

