POSTFIX: cannot send mail to external addresses - FIXED
I'm having some problems with my POSTFIX installation. I'm able to receive emails on my local accounts from either external address or local addresses. I am also able to send email to local addresses. However I am unable to send any email to any external addresses.
I'm running POSTFIX with virtual domains and Anomy Sanitizer and Spamassassin.
I've tried #'ing out the changes I made with Anomy and SA but that doesn't seem to make a difference.
I'd scrap everything and start from scratch but I'm thinking this is something easy that I'm just missing.
Here's what I'm getting in my /var/log/maillog:
Mar 23 11:28:09 li15-133 sendmail[8738]: l2NFS4kP008738: from=address@int_domain.net, size=485, class=0, nrcpts=1, msgid=<1174663684.8734@li15-133.members.linode.com>, relay=root@localhost
Mar 23 11:28:09 li15-133 postfix/smtpd[8743]: connect from localhost.localdomain[127.0.0.1]
Mar 23 11:28:09 li15-133 postfix/smtpd[8743]: NOQUEUE: reject: RCPT from localhost.localdomain[127.0.0.1]: 554 5.7.1 <address@ext_domain.net>: Relay access denied; from= <address@int_domain.net>to= <address@ext_domain.net>proto=ESMTP helo= <li15-133.members.linode.com>Mar 23 11:28:09 li15-133 sendmail[8738]: l2NFS4kP008738: to=address@ext_domain.net, ctladdr=address@int_domain.net (0/0), delay=00:00:05, xdelay=00:00:00, mailer=relay, pri=30485, relay=[127.0.0.1] [127.0.0.1], dsn=5.7.1, stat=Service unavailable
Mar 23 11:28:09 li15-133 sendmail[8738]: l2NFS4kP008738: l2NFS4kQ008738: DSN: Service unavailable
Mar 23 11:28:09 li15-133 postfix/smtpd[8743]: 203EF1E2DF: client=localhost.localdomain[127.0.0.1]
Mar 23 11:28:09 li15-133 postfix/cleanup[8747]: 203EF1E2DF: message-id=<200703231528.l2NFS4kQ008738@liXX-XXX.members.linode.com></li15-133.members.linode.com></address@ext_domain.net></address@int_domain.net></address@ext_domain.net>
Here's my /etc/postfix/main.cf:
soft_bounce = no
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
smtpd_recipient_restrictions =
check_recipient_access hash:/etc/postfix/filtered_domains
reject_unauth_destination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
virtual_alias_maps = hash:/etc/postfix/virtual
myhostname = myhost.net
mydomain = myhost.net
mynetworks = myhost2.net,myhost3.com
and my /etc/postfix/master.cf:
smtp inet n - n - - smtpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
filter unix - n n - - pipe
flags=Rq user=filter argv=/usr/local/anomy/filter.sh -f ${sender} -- ${recipient}
and my /usr/local/anomy/filter.sh:
INSPECT_DIR=/home/filter
SENDMAIL="/usr/sbin/sendmail.postfix -i"
ANOMY=/usr/local/anomy
SANITIZER=/usr/local/anomy/bin/sanitizer.pl
ANOMY_CONF=/usr/local/anomy/anomy.conf
ANOMY_LOG=/dev/null
SPAMASSASSIN=/usr/bin/spamassassin
SPAMC=/usr/bin/spamc
export ANOMY
# Exit codes from <sysexits.h>EX_TEMPFAIL=75
EX_UNAVAILABLE=69
cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit $EX_TEMPFAIL; }
# Clean up when done or when aborting.
trap "rm -f out.$" 0 1 2 3 15
cat | $SPAMC -f -u filter 2>/dev/null \
| $ANOMY/bin/sanitizer.pl $ANOMY_CONF 2>>$ANOMY_LOG \
| $SENDMAIL "$@" || \
{ echo Message content rejected; exit $EX_UNAVAILABLE; }
exit $?</sysexits.h>
and /etc/postfix/filtered_domains:
# Filter only mail addressed to local domains:
myhost.net FILTER filter:dummy
myhost2.net FILTER filter:dummy
myhost3.net FILTER filter:dummy
Thanks for any help!
2 Replies
mynetworks = myhost2.net,myhost3.com
@Postfix Configuration - Basics:
Alternatively, you can specify the mynetworks list by hand, in which case Postfix ignores the mynetworks_style setting. To specify the list of trusted networks by hand, specify network blocks in CIDR (network/mask) notation, for example:
mynetworks = 168.100.189.0/28, 127.0.0.0/8
@pclissold:
Looks like your mynetworks is wrong. You have
mynetworks = myhost2.net,myhost3.com
Made the changes but was still having some problems. What ended up fixing it for me was changing the smtpdrecipientrestrictions to the following:
smtpd_recipient_restrictions = permit_mynetworks
reject_non_fqdn_hostname
reject_non_fqdn_sender
reject_non_fqdn_recipient
check_recipient_access hash:/etc/postfix/filtered_domains
check_sender_access hash:/etc/postfix/access
reject_unknown_sender_domain
reject_unknown_recipient_domain
reject_unauth_destination
The only part I think was really needed to be added was the "checksenderaccess hash:/etc/postfix/access" portion. With /etc/postfix/access containing a list of IP addresses authorized to relay through my smtp:
ex:
127.0.0.1 OK
99.99.99 OK
126.99 OK
Thanks for the help!