Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Relay set up w/postfix

Status
Not open for further replies.

patswof

Technical User
Jun 6, 2013
3
US
First of all I want to make sure I can use the forum. I am an individual using sql-ledger for my business and trying to get post fix to relay my PO's & Invoices through my web host. Is it okay for me to ask questions on this forum.

Thank you
Pat
 
I don't see any reason why your questions regarding professional use of Postfix would pose a problem. Student posting and (spam) advertising are frowned upon and it doesn't look like this is your goal. Ask away.
 
I have been trying for the last week in half to set up post fix as a null/relay only. If I use port 25 I get the following:

Jun 7 10:26:02 pswofford postfix/error[2373]: C1B5EEA0476: to=<patswofford@yahoo.com>, relay=none, delay=337693, delays=337663/30/0/0.07, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to smtp.chaircaningandsupplies.com[207.155.253.25]:25: Connection timed out)

if I use port 587 I get this:

Jun 7 11:25:34 pswofford postfix/qmgr[3202]: E8CF0EA0509: from=< size=67935, nrcpt=1 (queue active)
Jun 7 11:25:34 pswofford postfix/smtp[3204]: E8CF0EA0509: to=<patswofford@yahoo.com>, relay=smtp.chaircaningandsupplies.com[207.155.253.25]:587, delay=383, delays=383/0.01/0.34/0, dsn=4.7.0, status=deferred (SASL authentication failed; server smtp.chaircaningandsupplies.com[207.155.253.25] said: 535 5.7.0 Error: authentication failed: authentication failure)
Jun 7 11:25:52 pswofford postfix/pickup[3201]: 2D0B1EA050F: uid=33 from=<Jun 7 11:25:52 pswofford postfix/cleanup[3224]: 2D0B1EA050F: message-id=<SL-3.0.5-1370622352@"" <>
Jun 7 11:25:52 pswofford postfix/qmgr[3202]: 2D0B1EA050F: from=< size=67935, nrcpt=1 (queue active)
Jun 7 11:25:52 pswofford postfix/smtp[3204]: 2D0B1EA050F: to=<patswofford@yahoo.com>, relay=smtp.chaircaningandsupplies.com[207.155.253.25]:587, delay=0.33, delays=0.08/0/0.24/0, dsn=4.7.0, status=deferred (SASL authentication failed; server smtp.chaircaningandsupplies.com[207.155.253.25] said: 535 5.7.0 Error: authentication failed: authentication failure)

Here is my /etc/psotfix/main.cf
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myorigin = $myhostname
myhostname = pswofford.chaircaningandsupplies.com
mydomain = chaircaningandsupplies.com
alias_maps = hash:/etc/postfix/aliases
alias_database = hash:/etc/postfix/aliases
mydestination =
relayhost = smtp.chaircaningandsupplies.com:25
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =
smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination

I am at a complete loss, I do have sasl_passwd set up, smtp.chaircaningandsupplies.com pswofford.chaircaningandsupplies.com:password, I have done postmap /etc/postfix/sasl_passwd, and reloaded after each change.

Thank you
Pat
 
There are two things I see from your question. One, it looks like your ISP may be blocking port 25. This may present a problem for you in that outgoing mail will be blocked and other public systems will be listening on port 25:
connect to smtp.chaircaningandsupplies.com[207.155.253.25]:25: Connection timed out)

Two, it looks like you are able to submit (i.e. have postfix listen on a different port), but are running into authentication issues. When submitting from your own system, you could choose to accept from "my networks" as well as sasl authenticated. (side note, beware of compromise of user as this is a common source of outbound SPAM) According to the Postfix documentation, Postfix will first check the relay restrictions followed by the smtpd_recipient_restrictions (see and In my system, it is the smtpd_recipient_restrictions where I have the permit sasl authenticated users after my_networks. This may be immaterial to your case, but I mention it because I noticed the difference in your configuration. With respect to performing the SASL authentication, Postfix relies on external utilities for this purpose. The two most common are Cyrus and Dovecot; you didn't specify which your using. If your using Dovecot you can set the verbosity of the logging to include password debug. Given that your having SASl authentication errors, this would be where I would suggest heading. This can be caused by a mismatch between the fields selected for look up, hashing of the passwords, etc. Unfortunately, "authentication failed" doesn't give you much to go on. See this for information on how to do this with Dovecot: and I assume Cyrus has something similar.
 
Thank you I am still working on it. Is there a means to stop postfix from re-queueing non-delivered mail.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top