ispCP - Board - Support
[Solved] 554 5.7.1 Relay access denied - Printable Version

+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Support Area (/forum-30.html)
+--- Forum: System Setup & Installation (/forum-32.html)
+--- Thread: [Solved] 554 5.7.1 Relay access denied (/thread-1544.html)

Pages: 1 2 3 4

RE: 554 5.7.1 Relay access denied - measaura - 10-19-2007 06:55 PM

this is the recent log:
Code:
Oct 19 16:41:48 localhost postfix/smtpd[5513]: connect from unknown[219.93.67.74]
Oct 19 16:42:15 localhost postfix/smtpd[5513]: 56D17105BF2D: client=unknown[219.93.67.74]
Oct 19 16:42:24 localhost postfix/smtpd[5513]: 56D17105BF2D: reject: RCPT from unknown[219.93.67.74]: 554 5.7.1 <dinas@eskyglobal.com>: Relay access denied; f
rom=<dinas@eskynation.com> to=<dinas@eskyglobal.com> proto=ESMTP helo=<eskynation.com>
Oct 19 16:42:36 localhost postfix/cleanup[5517]: 56D17105BF2D: message-id=<20071019084215.56D17105BF2D@enum.skywalker.jjlab.com>
Oct 19 16:42:36 localhost postfix/qmgr[5481]: 56D17105BF2D: from=<dinas@eskynation.com>, size=389, nrcpt=1 (queue active)
Oct 19 16:42:36 localhost dovecot: auth-worker(default): mysql: Connected to localhost (ispcp)
Oct 19 16:42:36 localhost dovecot: auth-worker(default): mysql: Connected to localhost (ispcp)
Oct 19 16:42:36 localhost deliver(dinas@eskynation.com): msgid=<20071019084215.56D17105BF2D@enum.skywalker.jjlab.com>: saved mail to INBOX
Oct 19 16:42:36 localhost postfix/pipe[5519]: 56D17105BF2D: to=<dinas@eskynation.com>, relay=dovecot, delay=30, delays=30/0/0/0.03, dsn=2.0.0, status=sent (de
livered via dovecot service)
Oct 19 16:42:36 localhost postfix/qmgr[5481]: 56D17105BF2D: removed
Oct 19 16:43:41 localhost postfix/smtpd[5513]: disconnect from unknown[219.93.67.74]
Oct 19 16:43:52 localhost dovecot: pop3-login: Login: user=<dinas@eskynation.com>, method=PLAIN, rip=218.111.174.86, lip=202.46.116.136
Oct 19 16:43:57 localhost dovecot: POP3(dinas@eskynation.com): Disconnected: Logged out top=0/0, retr=2/960, del=2/2, size=928
Oct 19 16:45:01 localhost postfix/pickup[5480]: 66468105BF2E: uid=0 from=<root>
Oct 19 16:45:01 localhost postfix/cleanup[5691]: 66468105BF2E: message-id=<20071019084501.66468105BF2E@enum.skywalker.jjlab.com>
Oct 19 16:45:01 localhost postfix/qmgr[5481]: 66468105BF2E: from=<root@jjlab.com>, size=699, nrcpt=1 (queue active)
Oct 19 16:45:17 localhost procmail[5694]: Couldn't rename bogus "/var/mail/nobody" into "/var/mail/BOGUS.nobody.peU_"
Oct 19 16:45:17 localhost postfix/local[5693]: 66468105BF2E: to=<root@jjlab.com>, orig_to=<root>, relay=local, delay=16, delays=0.03/0/0/16, dsn=5.2.0, status
=bounced (can't create user output file. Command output: procmail: Renaming bogus mailbox "/var/mail/nobody" info "/var/mail/BOGUS.nobody.peU_" procmail: Coul
dn't create "/var/mail/nobody" )
Oct 19 16:45:17 localhost postfix/cleanup[5691]: 6EDBB105BF2F: message-id=<20071019084517.6EDBB105BF2F@enum.skywalker.jjlab.com>
Oct 19 16:45:17 localhost postfix/bounce[5698]: 66468105BF2E: sender non-delivery notification: 6EDBB105BF2F
Oct 19 16:45:17 localhost postfix/qmgr[5481]: 6EDBB105BF2F: from=<>, size=2788, nrcpt=1 (queue active)
Oct 19 16:45:17 localhost postfix/qmgr[5481]: 66468105BF2E: removed

this is the latest postconf -n
Code:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_at_myorigin = yes
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
local_destination_recipient_limit = 1
local_recipient_maps = unix:passwd.byname $alias_database
local_transport = local
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, $mydomain
mydomain = jjlab.com
myhostname = enum.skywalker.jjlab.com
mynetworks_style = host
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_banner = $myhostname ISPCP 1.0 Priamos Managed ESMTP 1.0.0 RC2 OMEGA
smtpd_recipient_restrictions = permit_mynetworks,                               permit_sasl_authenticated,                               reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_mynetworks,                               permit_sasl_authenticated,                               reject_unauth_destination
transport_maps = hash:/etc/postfix/ispcp/transport
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/ispcp/aliases
virtual_gid_maps = static:12
virtual_mailbox_base = /var/mail/virtual
virtual_mailbox_domains = hash:/etc/postfix/ispcp/domains
virtual_mailbox_limit = 0
virtual_mailbox_maps = hash:/etc/postfix/ispcp/mailboxes
virtual_minimum_uid = 12004
virtual_transport = dovecot
virtual_uid_maps = static:12004
able to login from remote, send to virtual domain in the same server but not external domain.

RE: 554 5.7.1 Relay access denied - rbtux - 10-19-2007 07:07 PM

whithin this log:
Quote:Oct 19 16:41:48 localhost postfix/smtpd[5513]: connect from unknown[219.93.67.74]
Oct 19 16:42:15 localhost postfix/smtpd[5513]: 56D17105BF2D: client=unknown[219.93.67.74]
Oct 19 16:42:24 localhost postfix/smtpd[5513]: 56D17105BF2D: reject: RCPT from unknown[219.93.67.74]: 554 5.7.1 <dinas@eskyglobal.com>: Relay access denied; f
rom=<dinas@eskynation.com> to=<dinas@eskyglobal.com> proto=ESMTP helo=<eskynation.com>
Oct 19 16:42:36 localhost postfix/cleanup[5517]: 56D17105BF2D:

you are not sasl authentificated.... Did you turn on the authentification für smtp server in your client?

RE: 554 5.7.1 Relay access denied - measaura - 10-19-2007 07:08 PM

i'm using telnet, is it possible to sasl auth from telnet?

RE: 554 5.7.1 Relay access denied - rbtux - 10-19-2007 07:08 PM

you can enable the debugging of dovecot auth via the dovecot config...

RE: 554 5.7.1 Relay access denied - rbtux - 10-19-2007 07:10 PM

yeah you can use telnet with smtp auth:

check point 12.4 in the following doc:
http://postfix.state-of-mind.de/patrick.koetter/smtpauth/smtp_auth_mailclients.html

RE: 554 5.7.1 Relay access denied - measaura - 10-19-2007 07:30 PM

i got error 535 5.7.0 authentication failed when telnet remotely and test AUTH PLAIN. I'm going to check the SASL AUTH problem later at home.

RE: 554 5.7.1 Relay access denied - rbtux - 10-19-2007 07:33 PM

the according logs of the dovecot authentication (debug mode must be activated: http://wiki.dovecot.org/Debugging/Authentication)

would be helpful...

RE: 554 5.7.1 Relay access denied - measaura - 10-20-2007 03:56 PM

today I finally manage to make things tick. I would like to share my settings here.

dovecot.conf
Code:
base_dir = /var/run/dovecot/
protocols = imap pop3
disable_plaintext_auth = no
listen = *
syslog_facility = mail
log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log
auth_debug=yes
auth_debug_passwords=yes
login_greeting = Dovecot ready.
mail_location = maildir:/var/mail/virtual/%d/%n
mail_extra_groups = mail
protocol imap {
}
namespace private {
prefix = INBOX.
inbox = yes
}
protocol pop3 {
pop3_uidl_format = %u-%v
}
protocol lda {
postmaster_address = postmaster@(hidden).com
auth_socket_path = /var/run/dovecot/auth-master
}
auth default {
  mechanisms = plain login
  passdb sql {
    args = /etc/dovecot-sql-domain.conf
  }
  userdb sql {
    args = /etc/dovecot-sql-domain.conf
  }
  passdb sql {
  args = /etc/dovecot-sql-subdomain.conf
}
userdb sql {
  args = /etc/dovecot-sql-subdomain.conf
}
socket listen {
  client {
   path = /var/spool/postfix/private/auth
   mode = 0660
   user = postfix
   group = postfix
  }
  master {
   path = /var/run/dovecot/auth-master
   mode = 0660
   user = vmail
   group = mail
  }
}
user = vmail
}
plugin {
}

postconf -n

Code:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_at_myorigin = yes
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
local_destination_recipient_limit = 1
local_recipient_maps = unix:passwd.byname $alias_database
local_transport = local
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, $mydomain
mydomain = (hidden).com
myhostname = localhost.(hidden).com
mynetworks_style = host
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_banner = $myhostname ISPCP 1.0 Priamos Managed ESMTP 1.0.0 RC2 OMEGA
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated,  reject_unauth_destination
transport_maps = hash:/etc/postfix/ispcp/transport
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/ispcp/aliases
virtual_gid_maps = static:12
virtual_mailbox_base = /var/mail/virtual
virtual_mailbox_domains = hash:/etc/postfix/ispcp/domains
virtual_mailbox_limit = 0
virtual_mailbox_maps = hash:/etc/postfix/ispcp/mailboxes
virtual_minimum_uid = 12004
virtual_transport = dovecot
virtual_uid_maps = static:12004

*note: gid & uid has been changed to the vmail uid & mail gid. Please update uid & gid in your dovecot-sql-domain.conf and dovecot-sql-subdomain.conf too if it's different.

for Fedora Core 6 (that I use), please change the given code in HowTo to the code below. It solves your unknown transport error.
Code:
dovecot unix - n n - - pipe
  flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d ${recipient}
*note: argv=/usr/lib/dovecot/deliver changed to argv=/usr/libexec/dovecot/deliver

and on the client (Outlook etc.) please tick on "My outgoing server (SMTP) requires authentication" under Outgoing Server in advanced setting. Please refer to your version on setting this.

The rest of the setting on Postfix is the default setting upon installation. I manage to solve this by uninstalling Postfix & re-install Postfix and edit the default /etc/postfix/main.cf based on values given in /etc/ispcp/postfix/main.cf. If you have installed ispCP then uninstall the Postfix, your main.cf & master.cf will be backed up with main.cf.rpmsave & master.cf.rpmsave.

Now, i'm going to solve the webmail issue Smile
Quote:Error opening ../data/default_pref
Could not create initial preference file!
../data/ should be writable by user apache
Please contact your system administrator and report this error.

gonna check Squrrelmail FAQ for this.

RE: 554 5.7.1 Relay access denied - joximu - 10-20-2007 06:24 PM

Could you change the title to "[solved] ..."

and for the other issue make a new thread...

/Joxi

[solved] RE: 554 5.7.1 Relay access denied - measaura - 10-20-2007 10:15 PM

Thanks for your guidance.

This case is closed. webmail issue on other thread.