Marcel Hartmann wrote:
Hi all,
[EMAIL PROTECTED] wrote:
Hello,
554 <[EMAIL PROTECTED]>: Relay access denied;
from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]>
You have in your main.cf:
smtpd_recipient_restrictions = reject_unauth_destination,[..]
From postfix documentation:
reject_unauth_destination
Reject the request unless one of the following is true:
* the resolved destination address matches $relay_domains or a
subdomain thereof, and the address contains no sender-specified routing
([EMAIL PROTECTED]@domain),
* Postfix is the final destination: any destination that matches
$mydestination, $inet_interfaces, $virtual_alias_domains, or
$virtual_mailbox_domains.
The relay_domains_reject_code parameter specifies the response code for
rejected requests (default: 554).
First condition isn't true because you have no relay_domains in main.cf
Second condition isn't true because you your postfix isn't MX for
hotmail.com domain i gues.
Please read this http://www.postfix.org/uce.html
rgds,
Lukasz
Should be the permit_sasl_autenticated at the top of the list?
Then if he is authenticated whithin pam_mysql he can relay mails.
Good point :-)
Here is example from one of my servers:
smtpd_recipient_restrictions =
reject_invalid_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_sender_login_mismatch,
permit_sasl_authenticated,
reject_unauth_destination,
check_recipient_access regexp:/etc/mail/recipient_checks,
check_policy_service unix:private/policy,
check_sender_access hash:/etc/mail/sender_ok,
check_helo_access hash:/etc/mail/helo_checks,
check_client_access regexp:/etc/mail/client_ip_checks_regexp,
check_client_access hash:/etc/mail/client_ip_checks,
check_client_access hash:/etc/mail/client_ip_unknown,
check_client_access hash:/etc/mail/client_checks,
check_sender_access hash:/etc/mail/sender_checks,
permit
And also any-spoof (one user can't write email with source email adrress
of other user):
smtpd_sender_login_maps = mysql:/etc/mail/mysql-owner.cf
in mysql-owner.cf:
select_field = username
where_field = alias
additional_conditions = and status > '0'
rgds,
Lukasz
_______________________________________________
This mailing list is hosted and supported
by bit-heads GmbH | http://www.bit-heads.ch
_______________________________________________
Web-cyradm mailing list
[email protected]
http://www.web-cyradm.org/mailman/listinfo/web-cyradm