I am hoping that this is something fairly simple that I am missing.... I have a few lists on a mailman server that I run. Until recently, only authenticated users (those who have actual accounts on my IMAP/Virtual mailboxes server and can authenticate via SASL). Now I want to allow certain users who are not authenticated (i. e. they are outside my server and domains) to send mail to those lists.
as far as I can tell, mailman would allow this (I've made them list owners). But when they try, I'm getting this in my mail log: Jan 25 15:18:18 s postfix/smtpd[46331]: NOQUEUE: reject: RCPT from ns1.siteground235.com[75.125.60.15]: 554 5.7.1 < myl...@lists.mylistserver.com>: Relay access denied; from=< otheru...@otherdomain.com> to=<myl...@lists.mylistserver.com> proto=ESMTP helo=<serv01.siteground235.com> (names changed to protect the innocent, no data changes of relevance) I've tried a few changes (I'd log them here, if I had documented them, sorry) that I thought would have taken away the authentication requirement, to no avail. this might also me an issue of the HELO domain and the FROM domain being different (which is OK, in this case, but not sure how I have prohibited it, so don't know what to change. The goal is to allow outside users without opening up the mailserver (or the mailman server) to spam, etc... FYI: the transport for everything to lists.mylistserver.com is mailman: and lists.mylistserver.com is in $relay_domains Here are snips from my master.cf that show the path of the message (in smtp, into amavisd content filter, out of amavisd on 10026 and to mailman) smtp inet n - n - - smtpd -o recipient_bcc_maps=mysql:/etc/postfix/mysql_recipient_bcc_maps.cf -o receive_override_options=no_address_mappings -o content_filter=amavisfeedl:[127.0.0.1]:10027 amavisfeedl unix - - n - 2 lmtp -o lmtp_data_done_timeout=1200 -o lmtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 localhost:10026 inet n - n - - smtpd -o content_filter= -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_helo_restrictions= -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,permit_auth_destinations,reject -o mynetworks=127.0.0.0/8 -o smtpd_authorized_xforward_hosts=127.0.0.0/8 -o smtpd_delay_reject=no -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o smtpd_restriction_classes= -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters -o local_header_rewrite_clients= mailman unix - n n - 10 pipe flags=FR user=_mailman argv=/usr/local/mailman/postfix-to-mailman.py ${nexthop} ${user} and my `postconf -n` output is below. I'm running Postfix 2.6.5 on Mac OS/X (client) 10.5.8 Any help is appreciated and I will do my best to answer any questions. Thank you! --Jeff -----`postconf -n` output---- alias_database = mysql:/etc/postfix/mysql_alias_maps.cf alias_maps = mysql:/etc/postfix/mysql_alias_maps.cf broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_verp_delimiters = += disable_vrfy_command = yes header_checks = pcre:/etc/postfix/header_checks.pcre html_directory = /etc/postfix/html inet_interfaces = all local_recipient_maps = luser_relay = ot...@jeffweinberger.com mail_owner = _postfix mailbox_size_limit = 0 mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man message_size_limit = 0 mydestination = mysql:/etc/postfix/mysql_mydestination_maps.cf mydomain = jweinberger.homeip.net myhostname = jweinberger.homeip.net mynetworks = 127.0.0.0/8, !10.0.1.1, !10.0.1.210, 10.0.1.0/28 newaliases_path = /usr/bin/newaliases queue_directory = /private/var/spool/postfix readme_directory = /usr/share/doc/postfix recipient_delimiter = + relay_domains = $mydestination, mysql:/etc/postfix/ mysql_relay_domain_maps.cf relay_recipient_maps = relayhost = outbound.mailhop.org sample_directory = /usr/share/doc/postfix/examples sender_canonical_maps = mysql:/etc/postfix/mysql_sender_canonical_maps.cf sendmail_path = /usr/sbin/sendmail setgid_group = _postdrop smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtp_tls_CAfile = /etc/postfix/certs/demoCA/cacert.pem smtp_tls_cert_file = /etc/postfix/certs/postfix-cert.pem smtp_tls_key_file = /etc/postfix/certs/postfix-key.pem smtp_tls_loglevel = 1 smtp_tls_security_level = may smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtp_use_tls = yes smtpd_data_restrictions = reject_unauth_pipelining smtpd_etrn_restrictions = permit_mynetworks, reject smtpd_helo_required = yes smtpd_recipient_restrictions = check_recipient_access mysql:/etc/postfix/ mysql_check_recipient_access_maps.cf, permit_mynetworks, reject_unauth_destination, reject_unauth_pipelining, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_rbl_client list.dsbl.org, reject_rbl_client sbl-xbl.spamhaus.org, check_policy_service inet: 127.0.0.1:2501, permit smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_security_options = noanonymous smtpd_sender_login_maps = mysql:/etc/postfix/ mysql_smtpd_sender_login_maps.cf smtpd_sender_restrictions = check_sender_access pcre:/etc/postfix/smtpd_sender_restrictions.pcre smtpd_tls_CAfile = /etc/postfix/certs/demoCA/cacert.pem smtpd_tls_cert_file = /etc/postfix/certs/postfix-cert.pem smtpd_tls_key_file = /etc/postfix/certs/postfix-key.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache smtpd_use_tls = yes tls_random_source = dev:/dev/urandom transport_maps = mysql:/etc/postfix/mysql_peraddress_transport_maps.cf, mysql:/etc/postfix/mysql_virtual_transport_maps.cf unknown_local_recipient_reject_code = 550 verp_delimiter_filter = -=+ virtual_alias_domains = mysql:/etc/postfix/mysql_virtual_alias_domains.cf virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_gid_maps = static:102 virtual_mailbox_base = /usr/local/virtual/ virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_limit = 0 virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 102 virtual_uid_maps = static:102