POSTFIX: cannot send mail to external addresses - FIXED

Hello,

I'm having some problems with my POSTFIX installation. I'm able to receive emails on my local accounts from either external address or local addresses. I am also able to send email to local addresses. However I am unable to send any email to any external addresses.

I'm running POSTFIX with virtual domains and Anomy Sanitizer and Spamassassin.

I've tried #'ing out the changes I made with Anomy and SA but that doesn't seem to make a difference.

I'd scrap everything and start from scratch but I'm thinking this is something easy that I'm just missing.

Here's what I'm getting in my /var/log/maillog:

Mar 23 11:28:09 li15-133 sendmail[8738]: l2NFS4kP008738: from=address@int_domain.net, size=485, class=0, nrcpts=1, msgid=<1174663684.8734@li15-133.members.linode.com>, relay=root@localhost
Mar 23 11:28:09 li15-133 postfix/smtpd[8743]: connect from localhost.localdomain[127.0.0.1]
Mar 23 11:28:09 li15-133 postfix/smtpd[8743]: NOQUEUE: reject: RCPT from localhost.localdomain[127.0.0.1]: 554 5.7.1 <address@ext_domain.net>: Relay access denied; from= <address@int_domain.net>to= <address@ext_domain.net>proto=ESMTP helo= <li15-133.members.linode.com>Mar 23 11:28:09 li15-133 sendmail[8738]: l2NFS4kP008738: to=address@ext_domain.net, ctladdr=address@int_domain.net (0/0), delay=00:00:05, xdelay=00:00:00, mailer=relay, pri=30485, relay=[127.0.0.1] [127.0.0.1], dsn=5.7.1, stat=Service unavailable
Mar 23 11:28:09 li15-133 sendmail[8738]: l2NFS4kP008738: l2NFS4kQ008738: DSN: Service unavailable
Mar 23 11:28:09 li15-133 postfix/smtpd[8743]: 203EF1E2DF: client=localhost.localdomain[127.0.0.1]
Mar 23 11:28:09 li15-133 postfix/cleanup[8747]: 203EF1E2DF: message-id=<200703231528.l2NFS4kQ008738@liXX-XXX.members.linode.com></li15-133.members.linode.com></address@ext_domain.net></address@int_domain.net></address@ext_domain.net> 

Here's my /etc/postfix/main.cf:

soft_bounce = no
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
smtpd_recipient_restrictions =
        check_recipient_access hash:/etc/postfix/filtered_domains
        reject_unauth_destination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
virtual_alias_maps = hash:/etc/postfix/virtual
myhostname = myhost.net
mydomain = myhost.net
mynetworks = myhost2.net,myhost3.com

and my /etc/postfix/master.cf:

smtp      inet  n       -       n       -       -       smtpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
        -o fallback_relay=
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
old-cyrus unix  -       n       n       -       -       pipe
  flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
cyrus     unix  -       n       n       -       -       pipe
  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
filter    unix  -   n   n   -   -   pipe
    flags=Rq user=filter argv=/usr/local/anomy/filter.sh -f ${sender} -- ${recipient}

and my /usr/local/anomy/filter.sh:

INSPECT_DIR=/home/filter
SENDMAIL="/usr/sbin/sendmail.postfix -i"
ANOMY=/usr/local/anomy
SANITIZER=/usr/local/anomy/bin/sanitizer.pl
ANOMY_CONF=/usr/local/anomy/anomy.conf
ANOMY_LOG=/dev/null
SPAMASSASSIN=/usr/bin/spamassassin
SPAMC=/usr/bin/spamc

export ANOMY

# Exit codes from <sysexits.h>EX_TEMPFAIL=75
EX_UNAVAILABLE=69

cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit $EX_TEMPFAIL; }

# Clean up when done or when aborting.
trap "rm -f out.$" 0 1 2 3 15

cat | $SPAMC -f -u filter 2>/dev/null \
        | $ANOMY/bin/sanitizer.pl $ANOMY_CONF 2>>$ANOMY_LOG \
        | $SENDMAIL "$@" || \
        { echo Message content rejected; exit $EX_UNAVAILABLE; }

exit $?</sysexits.h> 

and /etc/postfix/filtered_domains:

# Filter only mail addressed to local domains:
myhost.net    FILTER filter:dummy
myhost2.net  FILTER filter:dummy
myhost3.net    FILTER filter:dummy

Thanks for any help!

2 Replies

Looks like your mynetworks is wrong. You have mynetworks = myhost2.net,myhost3.com

@Postfix Configuration - Basics:

Alternatively, you can specify the mynetworks list by hand, in which case Postfix ignores the mynetworks_style setting. To specify the list of trusted networks by hand, specify network blocks in CIDR (network/mask) notation, for example:

mynetworks = 168.100.189.0/28, 127.0.0.0/8

@pclissold:

Looks like your mynetworks is wrong. You have mynetworks = myhost2.net,myhost3.com

Made the changes but was still having some problems. What ended up fixing it for me was changing the smtpdrecipientrestrictions to the following:

smtpd_recipient_restrictions = permit_mynetworks
        reject_non_fqdn_hostname
        reject_non_fqdn_sender
        reject_non_fqdn_recipient
        check_recipient_access hash:/etc/postfix/filtered_domains
        check_sender_access hash:/etc/postfix/access
        reject_unknown_sender_domain
        reject_unknown_recipient_domain
        reject_unauth_destination

The only part I think was really needed to be added was the "checksenderaccess hash:/etc/postfix/access" portion. With /etc/postfix/access containing a list of IP addresses authorized to relay through my smtp:

ex:

127.0.0.1 OK

99.99.99 OK

126.99 OK

Thanks for the help!

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct