On May 2011, at 7:26 PM, Sahil Tandon wrote: > On Mon, 2011-05-02 at 19:16:42 -0700, Des Dougan wrote: > >> On May 2011, at 6:58 PM, Sahil Tandon wrote: >> >>> On Mon, 2011-05-02 at 18:09:48 -0700, Des Dougan wrote: >>> >>>> On a new postfix/dovecot configuration, email is generally working OK. >>>> That said, I'm seeing "Client host rejected: Access denied" messages >>>> in the logs for two of the client company principals when they are >>>> connecting remotely. >>> >>> Show an exact excerpt from the logs that relates to the problematic >>> rejection. >>> >>>> I'm pretty certain their mail clients are set up correctly to >>>> authenticate (but will confirm this tomorrow) as the owner is pretty >>>> tech-savvy. >>> >>> Postfix logs successful SASL authentication; do you see evidence of >>> this in the logs? >> >> Thanks for your reply. I see this in the logs: >> >> May 2 17:30:56 enterprise dovecot: imap-login: Login: user=<AAAAA>, >> method=PLAIN, rip=DD.DD.DDD.DDD, lip=192.168.1.5, TLS > > This is DOVECOT. > >> May 2 17:30:57 enterprise postfix/smtpd[2142]: connect from >> S01065475d08916e7.AA.AAAAAAAA.net[DD.DD.DDD.DDD] >> May 2 17:30:57 enterprise postfix/smtpd[2142]: NOQUEUE: reject: RCPT from >> S01065475d08916e7.AA.AAAAAAAA.net[DD.DD.DDD.DDD]: 554 5.7.1 >> <S01065475d08916e7.AA.AAAAAAAA.net[DD.DD.DDD.DDD]>: Client host rejected: >> Access denied; from=<aa...@aaaa.aaa> to=<aa...@aaaaa.aaa> proto=ESMTP >> helo=<[192.168.1.121]> >> May 2 17:30:57 enterprise postfix/smtpd[2142]: disconnect from >> S01065475d08916e7.AA.AAAAAAAA.net[DD.DD.DDD.DDD] > > Do you have POSTFIX logs that show successful authentication? > > -- > Sahil Tandon <sa...@freebsd.org>
Like this?: May 2 17:30:53 enterprise postfix/smtpd[2142]: connect from S01065475d08916e7.AA.AAAAAAAA.net[DD.DD.DDD.DDD] Sorry I missed it previously. Des -- Des Dougan Principal Dougan Consulting Group Inc. http://www.DouganConsulting.tel <-- Get all my contact information here. http://www.DouganConsulting.com Peace of Mind, One Computer at a Time. --- Imagine anyone on the planet being able to find and then contact you with a single click. YourName.tel is all you will give anyone ever again. Want in? http://registertel.tel/