On Sat, 28 Feb 2009, Big Pizzle wrote: > Hi all, > > I've just set up Postfix 2.3.3 to authenticate against a MySQL database to > support Virtual Domains, and I'm able to send mail to any domain which > Postfix knows about, but when I send an e-mail to an outside address such as > hotmail, yahoo, etc. I get the following error message in the logs: > > Feb 27 22:09:52 juter1 postfix/smtpd[27104]: NOQUEUE: reject: RCPT from > h-68-167-178-13.snid.cod.net[xx.xxx.xxx.xx]: 554 5.7.1 <[email protected]>: > Relay access denied; from=<[email protected]> to=<[email protected]> > proto=SMTP helo=<homebase>
If you're going to obfuscate the IP, at least take care to similarly cloak your client's hostname! % host h-68-167-178-13.snid.cod.net h-68-167-178-13.snid.cod.net has address 82.98.86.161 > Here are my main.cf configs: Instead, follow the directions in the DBEUG_README, and paste the output of 'postconf -n'. > When telnetting to port 25, and issuing the EHLO command, I get the > following: > > 250-jupiter1.national.com > 250-PIPELINING > 250-SIZE 10240000 > 250-ETRN > 250-ENHANCEDSTATUSCODES > 250-8BITMIME > 250 DSN > > I don't see anywhere where it shows what authentication mechanism I am > using. Could this be the issue? I want people to be required to > authenticate if they are going to be sending mail from this server to > external addresses. 'My Server Requires Authentication' is checked in my > mail client. Your server appears configured to support SASL but not TLS (following EHLO, it does not announce STARTTLS support to the SMTP client). You need to show your postconf output, specifically the smtpd_mumble_restrictions, which is where you can require SASL authentication to relay mail externally. From your question, I suspect you are conflating SASL and TLS. See: http://www.postfix.org/TLS_README.html http://www.postfix.org/SASL_README.html -- Sahil Tandon <[email protected]>
