Re: Question re. IP address block of remote user

Mon, 02 May 2011 19:17:22 -0700 

On May 2011, at 6:58 PM, Sahil Tandon wrote:

> On Mon, 2011-05-02 at 18:09:48 -0700, Des Dougan wrote:
> 
>> On a new postfix/dovecot configuration, email is generally working OK.
>> That said, I'm seeing "Client host rejected: Access denied" messages
>> in the logs for two of the client company principals when they are
>> connecting remotely. 
> 
> Show an exact excerpt from the logs that relates to the problematic
> rejection.
> 
>> I'm pretty certain their mail clients are set up correctly to
>> authenticate (but will confirm this tomorrow) as the owner is pretty
>> tech-savvy. 
> 
> Postfix logs successful SASL authentication; do you see evidence of
> this in the logs?
> 
> -- 
> Sahil Tandon <sa...@freebsd.org>

Sahil,

Thanks for your reply. I see this in the logs:

May  2 17:30:56 enterprise dovecot: imap-login: Login: user=<AAAAA>, 
method=PLAIN, rip=DD.DD.DDD.DDD, lip=192.168.1.5, TLS
May  2 17:30:57 enterprise postfix/smtpd[2142]: connect from 
S01065475d08916e7.AA.AAAAAAAA.net[DD.DD.DDD.DDD]
May  2 17:30:57 enterprise postfix/smtpd[2142]: NOQUEUE: reject: RCPT from 
S01065475d08916e7.AA.AAAAAAAA.net[DD.DD.DDD.DDD]: 554 5.7.1 
<S01065475d08916e7.AA.AAAAAAAA.net[DD.DD.DDD.DDD]>: Client host rejected: 
Access denied; from=<aa...@aaaa.aaa> to=<aa...@aaaaa.aaa> proto=ESMTP 
helo=<[192.168.1.121]>
May  2 17:30:57 enterprise postfix/smtpd[2142]: disconnect from 
S01065475d08916e7.AA.AAAAAAAA.net[DD.DD.DDD.DDD]

So the user is logging in OK on the first line, as I understand it, but the 
message being attempted is not going out; this is the user's laptop and she is 
able to send when in the office, hence my question about the IP block. I am 
able to access remotely and send successfully from my system.


Thanks,

Des
--

Des Dougan
Principal
Dougan Consulting Group Inc.

  http://www.DouganConsulting.tel <-- Get all my contact information here.
  http://www.DouganConsulting.com

Peace of Mind, One Computer at a Time.

                                ---

Imagine anyone on the planet being able to find and then contact you with a 
single click. YourName.tel is all you will give anyone ever again. Want in?

                http://registertel.tel/

Reply via email to