|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Rejected email: Relay access denied
From: /dev/rob0 (rob0
gmx.co.uk)
Date: Thu Nov 24 2005 - 23:53:30 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thursday 2005-November-24 17:18, José Zapata wrote:
> When I try to send mail to an address who's not part of my server, I
> get a "554 Relay access denied" error message. I don't know what
> should I change in the configuration for postfix to accept sending
> mail to an outside address.
Normally relaying is controlled by $mynetworks and related settings,
although there are other ways to do it, and from the sound of it you
might need to go the SASL AUTH route. Just follow the SASL_README and
perhaps use whatever packages have been provided by/for your OS. In
case of difficulty, saslfinger (and Prick) are your friends.
This:
> mynetworks_style = class
is not normally a good idea, unless the entire class (A, B or C as the
case may be) is under your control. It might be useful if you're using
10/8 for a group of interconnected LAN's.
The rest of this reply pertains to your postconf output, and not to the
question you were asking.
> readme_directory = /usr/share/doc/postfix-2.0.11/README_FILES
2.0.11 is a bit old.
> unknown_address_reject_code = 554
> unknown_client_reject_code = 554
> unknown_hostname_reject_code = 554
See:
http://www.postfix.org/postconf.5.html#unknown_address_reject_code
and the following two parameters therein. Each has the warning: "Do not
change this unless you have a complete understanding of RFC 821."
I do not, myself, but I can tell you why 554 is wrong for these. Each
could be triggered by temporary failures in DNS resolution. A compliant
MTA (even a marginally-compliant one like various proprietary MTA's)
will get your 554 and give their sender a bounce. The right thing to do
is for the sending MTA to retry, hence the defaults of 450. If the
situation doesn't clear up before the end of sending queue lifetime
(typically 4-5 days) the sender will get a bounce at that time.
Also per RFC 821, x50 is more appropriate than x54, regardless of
whether x=4 or x=5.
> unknown_local_recipient_reject_code = 550
This parameter looks similar to the foregoing ones, but it is not. 550
is the default. Since your server is the final destination for local(8)
recipients, it can give a permanent failure with confidence.
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]