Relay access denied ==> Postfix + Confixx + qpopper

D

dragonknight

New Member
So,
hab folgendes Maximales Problem bei dem ich fest stecke:

Autorisation und versenden der Emails von einem localen Account zu einem andere geht.
Sobald die Mail aber an einen anderen Server (extern) geht, bekomme ich folgende Mitteilung:


Ihre Nachricht hat einige oder alle Empfänger nicht erreicht.

Betreff: test
Gesendet am: 02.01.2008 20:55

Folgende(r) Empfänger kann/können nicht erreicht werden:

'xxxxxxxxxxxxxx.xxxxx@gmx.de' am 02.01.2008 20:55
554 5.7.1 <xxxxxxxxxxxxxx.xxxxx@gmx.de>: Relay access denied


So nun die main.cf:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

inet_interfaces = all
mynetworks_style = host

myhostname = xxxx.xxxx.de
mydomain = xxxx.de
myorigin = $mydomain

smtpd_banner = banner

biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = xxxx.de, localhost.xxxx.de, localhost
relayhost =
mynetworks = all
mailbox_size_limit = 0
recipient_delimiter = +

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination



### CONFIXX POSTFIX ENTRY ###

virtual_maps = hash:/etc/postfix/confixx_virtualUsers, hash:/etc/postfix/confixx_localDomains

### /CONFIXX POSTFIX ENTRY ###

Ich bin schier am verzweifeln, weil mich die Kunden zu müllen mit beschwerden!
(Pro Tag 50 Anrufe, nervt total)

MFG
Chris
 
Kommentier doch mal die leeren Parameter aus. Die sind so nicht gültig. Ins besonders

relayhost =

(sieht so aus, als würde er ein Relay versuchen, anstatt auszuliefern.

und

smtpd_sasl_local_domain =
 
hab postfix neu installiert.
main.conf

Code: 
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = xxxxx.xxxx.de
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = xxxxx.xxxx.de, hxxxx.serverkompetenz.net, localhost.serverkompetenz.net, localhost
#relayhost = 
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
#smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

### CONFIXX POSTFIX ENTRY ###

virtual_maps = hash:/etc/postfix/confixx_virtualUsers, hash:/etc/postfix/confixx_localDomains

### /CONFIXX POSTFIX ENTRY ###

mail.log:
Code: 
Jan  2 22:50:33 hxxxx in.qpopper[12396]: (v4.0.5) POP login by user "kundexpx" at (xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.net) xx.xx.xx.xxx [pop_log.c:244]
Jan  2 22:50:33 hxxxx postfix/smtpd[12373]: connect from dslb-084-057-058-225.pools.arcor-ipxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.net[xx.xx.xx.xxx]
Jan  2 22:50:33 hxxxx postfix/smtpd[12373]: NOQUEUE: reject: RCPT from xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.net[xx.xx.xx.xxx]: 554 5.7.1 <xxxxxxxxxxxxxxxxxxxxxxxx@gmx.de>: Relay access denied; from=<xxxx@xxxx.de> to=<xxxxxxxxxxxxxxxxxxxx@gmx.de> proto=ESMTP helo=<xxxxx>
Jan  2 22:50:35 hxxxx in.qpopper[12397]: (v4.0.5) POP login by user "kundexxpx" at (xxxxxxxxxxxxxxxxxxxx.at) 81.217.16.50 [pop_log.c:244]
Jan  2 22:50:36 hxxxx postfix/smtpd[12373]: disconnect from xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.net[xx.xx.xx.xxx]
So, jetzt kann ich wenigstens wieder email empfangen
Installierte Packete:
qpopper, postfix, postfix-tls, sasl2 (und diverse module)
Die User sind in der Datei /etc/passwords eingetragen (soweit ich weiß)

MFG
chris
 
master.cf:
Code: 
#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
#submission inet n       -       -       -       -       smtpd
#  -o smtpd_enforce_tls=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps     inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628      inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
	-o fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache	  unix	-	-	-	-	1	scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix	-	n	n	-	2	pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
 
so,
ein kleines Update:

Anmeldung per SMTP funktioniert nicht richtig.

Hier die
/etc/postfix/sasl/smtp.conf
Code: 
pwcheck_method:saslauthd
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
#pwcheck_method: saslauthd
#mech_list: PLAIN LOGIN
#saslauthd_path: /var/run/saslauthd/mux
#autotransition:true
 
In der master.cf die erste unkommentierte Zeile austauschen in

smtp inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes
 
Viel einfacher:

smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination

in

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

ändern.
dann läuft die kiste

:( frustrierend
 
You must log in or register to reply here.
Back
Top