|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: 554 error
From: Matt Morgan (minxmertzmomo
gmail.com)
Date: Thu Jan 12 2006 - 10:37:41 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 1/11/06, Noel Jones <njonesmegan.vbhcs.org> wrote:
> At 03:10 PM 1/11/2006, Matt Morgan wrote:
> >I have postfix installed on Mac OS X 10.3.9. I'm trying to
> >configure
> >postfix so that it
> >
> >1) accepts smtp delivery only from a certain domain (which is a
> >spam-checking service, set up as the public MX for my domain)
>
> #main.cf
> smtpd_client_restrictions =
> permit_mynetworks
> permit_sasl_authenticated
> check_client_access hash:/etc/postfix/allowed_clients
> reject
>
> # allowed_clients
> smtproutes.com OK
> ip.of.auth.client OK
>
> Better to use the IPs in the above map so you don't depend
> on DNS lookups.
Thanks. That's exactly what I need.
>
>
>
> >2) accepts mail for non-existent local users, and just delivers
> >according to what's in /etc/aliases or the other alias files.
> >
> >The server should not accept mail from any other domain,
> >but it must
> >send directly to the addresses found in /etc/aliases.
>
> Decide which address class works best for you, define the
> domain and users appropriately. Sounds as if the domain
> should be added to virtual_alias_domains (and removed from
> mydestination if it's there) and the recipients and their
> real destinations listed in virtual_alias_maps.
> http://www.postfix.org/ADDRESS_CLASS_README.html
>
>
> >I have delivery working correctly from the host itself,
> >but it won't
> >accept mail from the spam-checking service. I get a 554
> >error, which
> >is my relay_domains_reject_code, so I guess I don't know
> >how to set up
> >the relays_domain parameter correctly.
>
> Look in your logs to see why the mail was rejected, there
> are many reasons for a 554 reject.
Thanks. I see nothing in the logs. Perhaps I have a firewall problem
(I'm not in charge of the firewall), so nothing is even getting to
postfix.
>
>
> >It's fine with me (in fact, probably better) to accept
> >mail from any
> >machine on that domain, so I have tried two different
> >settings for
> >relay_domains:
> >
> >relay_domains = $mydestination, smtproutes.com
> >and
> >relay_domains = $mydestination,
> >steve.museum.pri-mx.smtproutes.com,
> > steve.museum.bak-mx.smtproutes.com
> >
> >both result in a 554 error when I try to mail to any address
> >steve.museum. What am I doing wrong?
>
> No, don't add that domain to relay_domains, that is for
> destinations you accept and relay elsewhere. You probably want
> relay_domains =
> ie. an empty setting.
Right, thanks.
>
> >By the way, I've taken over for someone else here, and
> >there are
> >probably parameters set that are not doing what I want, like
> >
> >smtpd_recipient_restrictions = permit_sasl_authenticated,
> >permit_mynetworks,
> > reject_unauth_destination,permit
> >
> >Since the addresses are all aliases to addresses on other
> >domains,
> >could reject_unauth_destination have something to do with
> >it? I don't
> >want to just keep removing restrictions and end up with an
> >open relay.
>
> Sounds as if you misunderstand...
> http://www.postfix.org/BASIC_CONFIGURATION_README.html
> http://www.postfix.org/STANDARD_CONFIGURATION_README.html
> http://www.postfix.org/VIRTUAL_README.html
Those were very helpful, thanks. I vastly simplified my main.cf, based
on that info. I'm still not getting it to accept messages, even with
no specific client restrictions, and I get no errors in the logs, so I
do suspect a firewall problem.
Thanks,
Matt
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]