Need email server aid

Markus Schönhaber ubuntu-users at list-post.mks-mail.de
Thu Apr 22 08:22:07 UTC 2010 

22.04.2010 01:18, Chuck Kuecker:

> Markus Schönhaber wrote:
>> 21.04.2010 18:41, Chuck Kuecker:

>>> The Ubuntu machine relays emails from my Windows machine just fine, but 
>>> when I try to relay an email from an embedded system I am working with, 
>>> that resides on my local network, I get error messages in mail.log - 
>>> 'relay access denied'. Sending email from the embedded system to my 
>>> local email account works fine.

That's to be expected. Unless explicitly configured otherwise, everyone
is able to send mail to the domain the server feels responsible for.

>>> I have the embedded system 'from' email set to my email address - but it 
>>> seems to make no difference if I use 'device at ckent.org' instead of 
>>> 'ckuecker at ckent.org' - I can send to 'ckuecker at ckent.org', but any 
>>> attempt to send out of my local network returns the error.

Which is a very good thing. The thought, that spammer could defeat the
server's restrictions by just using a particular 'from', is what I'd
call a nightmare.

>>> I've enabled the entire local network here in /etc/postfix/main.cf - 
>>> mynetworks = 127.0.0.0/8, 192.168.0.0/16. My Windows machine SMTP is set 
>>> to use TLS, if available, and my user name. I'm thinking that I need to 
>>> send my user name and password somehow, in order to get relaying to 
>>> work. I don't see any SMTP commands that would do this.
>>>
>>> What am I missing here?
>>>     
>>
>> Difficult to tell.
>> Post the output of
>> postconf -n
>> and the lines from the mail.log which show such a failing transaction.
>> That will make it much easier to find the root of the problem.
>>
>>   
> Here's the data:
> 
> postconf -n:
> 
> lias_database = hash:/etc/aliases

Copy and paste error?

[...]
> mynetworks = 127.0.0.0/8, 192.168.0.0/16
[...]
> smtpd_recipient_restrictions = reject_unknown_sender_domain,
> reject_unknown_recipient_domain,	reject_unauth_pipelining,
> permit_mynetworks,	permit_sasl_authenticated,	reject_unauth_destination
[...]
Looks good.

> mail.log:
> 
> Apr 21 17:01:40 ckenterprises postfix/smtpd[24088]: NOQUEUE: reject:
> RCPT from mail.ckent.org[66.254.194.29]: 554 5.7.1
> <addr at dest.com>: Relay access denied; from=<device at ckent.org>
> to=<addr at dest.com> proto=SMTP helo=<ckent.org>
> Apr 21 17:01:40 ckenterprises postfix/smtpd[24088]: disconnect from

> mail.ckent.org[66.254.194.29]

Above, you said that the embedded system is in your local network. But
this log excerpt shows a client connecting from 66.254.194.29, i. e. an
IP that is neither in 127.0.0.0/8 nor 192.168.0.0/16. Therefore it's not
contained in the IP ranges you configured as mynetworks and
permit_mynetworks doesn't apply.

-- 
Regards
  mks

More information about the ubuntu-users mailing list