Hello want to put this setup into operation and it failed. I have a Postfix server with this setup and Spamassassin.
in the background there is an HCL Domino server. I was able to E-Mail from (LAN) to myself (WORLD), but E-mail that sending (WORLD) to (LAN INSIDE), never arrive. also didnt see the mechanisms from incomming mail that will send to HCL Domino Server? try to put this over submission so also will blocking may Spamers. thanks for help - mail_version = 3.4.14 log May 27 22:17:57 srvcar010 postfix/smtpd[9596]: connect from unknown[117.92.203.30] May 27 22:17:58 srvcar010 postfix/smtpd[9596]: NOQUEUE: reject: RCPT from unknown[117.92.203.30]: 450 4.7.25 Client host rejected: cannot find your hostname, [117.92.203.30]; from= <mailto:[email protected]> [email protected] to= <mailto:[email protected]> [email protected] proto=ESMTP helo=<wcbc.com> May 27 22:17:58 srvcar010 postfix/smtpd[9596]: disconnect from unknown[117.92.203.30] ehlo=1 mail=1 rcpt=0/1 quit=1 commands=3/4 May 27 22:18:01 srvcar010 postfix/postscreen[9582]: CONNECT from [45.148.10.190]:41226 to [192.168.201.87]:25 -- ay 27 22:18:11 srvcar010 postfix/postscreen[9582]: CONNECT from [ipaddress]:55328 to [192.168.201.87]:25 May 27 22:18:11 srvcar010 postfix/postscreen[9582]: PASS OLD [ipaddress]:55328 May 27 22:18:11 srvcar010 postfix/smtpd[9596]: connect from smtp.mailer.ch [ipaddress] May 27 22:18:11 srvcar010 postfix/smtpd[9596]: Anonymous TLS connection established from smtp.mailer.ch[ipaddress]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) May 27 22:18:11 srvcar010 postfix/smtpd[9596]: NOQUEUE: reject: RCPT from smtp.mailer.ch[ipaddress]: 554 5.7.1 <mailto:[email protected]> [email protected]: Relay access denied; from= <mailto:[email protected]> [email protected] to= <mailto:[email protected]> [email protected] proto=ESMTP helo=<smtp.mailer.ch> May 27 22:18:11 srvcar010 postfix/smtpd[9596]: disconnect from smtp.mailer.ch [ipaddress] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=6/8 May 27 22:18:14 srvcar010 postfix/postscreen[9582]: CONNECT from [45.148.10.190]:39942 to [192.168.201.87]:25 -- root@s:/etc/postfix# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes command_directory = /usr/sbin compatibility_level = 2 daemon_directory = /usr/lib/postfix/sbin data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 disable_vrfy_command = yes html_directory = no inet_interfaces = all inet_protocols = all mailbox_size_limit = 0 mailq_path = /usr/bin/mailq message_size_limit = 25428800 milter_connect_macros = "i j {daemon_name} v {if_name} _" milter_default_action = accept milter_mail_macros = i {auth_type} {auth_authen} {auth_author} {mail_addr} {mail_host} {mail_mailer} milter_protocol = 6 myhostname = mail.carag.com mynetworks = 80.254.176.41/32, 192.168.201.0/24, 192.168.202.0/24, 127.0.0.0/8 newaliases_path = /usr/bin/newaliases non_smtpd_milters = $smtpd_milters postscreen_access_list = permit_mynetworks, postscreen_bare_newline_action = ignore postscreen_bare_newline_enable = yes postscreen_blacklist_action = drop postscreen_cache_cleanup_interval = 24h postscreen_cache_map = btree:/var/lib/postfix/postscreen_cache postscreen_dnsbl_action = enforce postscreen_dnsbl_reply_map = pcre:/etc/postfix/dnsbl_reply_map.pcre postscreen_dnsbl_sites = zen.spamhaus.org*3 postscreen_dnsbl_threshold = 3 postscreen_dnsbl_whitelist_threshold = -1 postscreen_greet_action = enforce postscreen_greet_wait = 4s postscreen_non_smtp_command_action = drop postscreen_non_smtp_command_enable = yes postscreen_pipelining_action = enforce postscreen_pipelining_enable = yes postscreen_whitelist_interfaces = 80.254.176.41 static:all queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix relayhost = 192.168.201.117 sample_directory = /usr/share/doc/postfix sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtp_address_preference = any smtp_dns_support_level = dnssec smtp_header_checks = regexp:/etc/postfix/header_checks smtp_host_lookup = dns smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtp_tls_cert_file = /etc/letsencrypt/live/mail.carag.com/fullchain.pem smtp_tls_exclude_ciphers = aNULL, MD5 smtp_tls_key_file = /etc/letsencrypt/live/mail.carag.com/privkey.pem smtp_tls_loglevel = 1 smtp_tls_mandatory_ciphers = high smtp_tls_mandatory_exclude_ciphers = aNULL, MD5 smtp_tls_mandatory_protocols = !SSLv2, !TLSv1, !TLSv1.1 smtp_tls_note_starttls_offer = yes smtp_tls_protocols = !SSLv2, !TLSv1, !TLSv1.1 smtp_tls_security_level = may smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtp_use_tls = yes smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_client_hostname smtpd_data_restrictions = reject_unauth_pipelining smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname smtpd_milters = unix:opendkim/opendkim.sock, unix:opendmarc/opendmarc.sock, unix:private/clamav/clamav-milter.ctl smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_rbl_client sbl.spamhaus.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client dul.dnsbl.sorbs.net, permit smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_sender_domain, permit smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/letsencrypt/live/mail.carag.com/fullchain.pem smtpd_tls_exclude_ciphers = aNULL, MD5 smtpd_tls_key_file = /etc/letsencrypt/live/mail.carag.com/privkey.pem smtpd_tls_loglevel = 1 smtpd_tls_mandatory_ciphers = high smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5 smtpd_tls_mandatory_protocols = !SSLv2, !TLSv1, !TLSv1.1 smtpd_tls_protocols = !SSLv2, !TLSv1, !TLSv1.1 smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache smtpd_use_tls = yes submission_sender_checks = check_sender_access hash:/etc/postfix/reject_null_sender virtual_mailbox_limit = 0
