[SOLVED] Postfix relay access denied

I've set up postfix to be a mail server on my linode VPS. My intent is to have an account for [email protected] for each user account on the server. These email accounts should be able to both send and recieve.

Currently, I can send email when ssh'ed into my server. I can do this either via local telet or from mutt.

I can also recieve external emails successfully, but only if they are from a remote telnet. For example, if from my home computer I use 'telnet mail.mydomain.org 25' I can create and send an email that arrives in my user account's Maildir on the server. However, when I send an email from mutt on my home computer to [email protected] it doesn't arrive. I get the following lines in my systemctl -l status postfix output for which I've currently obscurred some actual URLs/emails, but this was for an email sent from my university email account (here [email protected]) to my user on my linode vps (here [email protected]).

Jul 21 07:47:39 astro postfix/smtpd[5739]: connect from mailserver03.university.edu[146.189.144.106]
Jul 21 07:47:39 astro postfix/smtpd[5739]: NOQUEUE: reject: RCPT from mailserver03.university.edu[146.189.144.106]: 454 4.7.1 <[email protected]>: Relay access denied; from= <[email protected]>to= <[email protected]>proto=ESMTP helo= <mailserver04.university.edu>Jul 21 07:47:40 astro postfix/smtpd[5739]: disconnect from mailserver03.university.edu[146.189.144.106] ehlo=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=4/6</mailserver04.university.edu></[email protected]></[email protected]></[email protected]>

Despite having a valid reverse DNS and MX entry - which has been confirmed by countless online tools and by successful telnet to mydomain.org, the entry on the second line shows the "to" address as [email protected] (where the X's are numbers). Where is this address coming from? I understand why my postfix smtp server is rejecting these incoming emails as liXXXX-XXX.membsers.linode.com is not one of the entries for $mydestination. But where, why, and how is the to address getting changed from [email protected] to [email protected]?

2 Replies

I once had the same error. This solved it for me.

The relaying denied message occurs because the smtpdrecipientrestrictions rules was not matched. One of those conditions must be fulfilled to allow the message to go through:

smtpd_recipient_restrictions =
    permit_sasl_authenticated
    check_recipient_access hash:/etc/postfix/filtered_domains
    permit_mynetworks
    reject_unauth_destination

Thanks for the reponse. I had tried that in one of my many attempts. However, I think I just found the problem. I am now actually at the above mentioned "univiersity.edu" and it seems from our network I cannot telnet or ping "mydomain.org" - when I try to the output shows an incorrect IP address that it is attempting to ping/connect to. It would seem our universities domain name servers are lagging behind the rest of the world. This should not really suprise me.

I'll try sending from other sources (maybe hotmail/gmail) and report back soon.

edit: I also just confirmed that dig MX mydomain.org) does not resolve the right address from within our university network - even though it does everywhere else.

edit 2: I just confirmed it works fine when I send from a different webmail account. Geesh, I've been trying to learn about all this stuff and kept figuring I was screwing something up, but no, it's this crappy university network's fault. Sorry for the noise - but perhaps if anyone else faces the same error this might be informative.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct