Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Relay access denied 454 not 544
91 views
Skip to first unread message
Rodrigo Monteiro
May 27, 2014, 11:20:08 AM5/27/14
to
Hi.
I wanna know why Postfix is reject mail with temp error (4xx) and not 5xx for Relay access denied.
Here is the log:
May 27 12:11:34 XXXX postfix/smtpd[31197]: NOQUEUE: reject: RCPT from mx2.mydomain.com.br[XXX.XXX.XXX.37]: 454 4.7.1 <return-583...@otherdomain.com.br>: Relay access denied; from=<> to=<return-583...@otherdomain.com.br> proto=ESMTP helo=<mx2.mydomain.com.br>
Here is the conf:
smtpd_recipient_restrictions =
reject_multi_recipient_bounce,
permit_mynetworks,
reject_unauth_destination,
permit
# postconf relay_domains_reject_code
relay_domains_reject_code = 554
This server is a content filter only. It recieves mail from 2 MXs (mx1 and mx2.mydomain.com), verify virus and spam, and relay to the destination.
I wanna know why Postfix is reject mail with temp error (4xx) and not 5xx for Relay access denied.
Here is the log:
May 27 12:11:34 XXXX postfix/smtpd[31197]: NOQUEUE: reject: RCPT from mx2.mydomain.com.br[XXX.XXX.XXX.37]: 454 4.7.1 <return-583...@otherdomain.com.br>: Relay access denied; from=<> to=<return-583...@otherdomain.com.br> proto=ESMTP helo=<mx2.mydomain.com.br>
Here is the conf:
smtpd_recipient_restrictions =
reject_multi_recipient_bounce,
permit_mynetworks,
reject_unauth_destination,
permit
# postconf relay_domains_reject_code
relay_domains_reject_code = 554
This server is a content filter only. It recieves mail from 2 MXs (mx1 and mx2.mydomain.com), verify virus and spam, and relay to the destination.
M. Rodrigo Monteiro
May 27, 2014, 3:38:31 PM5/27/14
to
"Free as in Freedom, not free as in free beer"
"As we are liberated from our own fear, our presence automatically liberates others"
Linux User # 403730
Pense antes de imprimir. Think before printing.AVISO LEGAL
Esta mensagem é destinada exclusivamente para a(s) pessoa(s) a quem é dirigida, podendo conter informação confidencial e/ou legalmente privilegiada. Se você não for destinatário desta mensagem, desde já fica notificado de abster-se a divulgar, copiar, distribuir, examinar ou, de qualquer forma, utilizar a informação contida nesta mensagem, por ser ilegal. Caso você tenha recebido esta mensagem por engano, pedimos que nos retorne este E-Mail, promovendo, desde logo, a eliminação do seu conteúdo em sua base de dados, registros ou sistema de controle. Fica desprovida de eficácia e validade a mensagem que contiver vínculos obrigacionais, expedida por quem não detenha poderes de representação.
LEGAL ADVICE
This message is exclusively destined for the people to whom it is directed, and it can bear private and/or legally exceptional information. If you are not addressee of this message, since now you are advised to not release, copy, distribute, check or, otherwise, use the information contained in this message, because it is illegal. If you received this message by mistake, we ask you to return this email, making possible, as soon as possible, the elimination of its contents of your database, registrations or controls system. The message that bears any mandatory links, issued by someone who has no representation powers, shall be null or void.
Wietse Venema
May 27, 2014, 3:43:39 PM5/27/14
to
M. Rodrigo Monteiro:
Maybe the server has logged a DNS temporary lookup error prior to
this reject.
Wietse
> Hi.
> I wanna know why Postfix is reject mail with temp error (4xx) and not 5xx
> for Relay access denied.
>
> Here is the log:
>
> May 27 12:11:34 XXXX postfix/smtpd[31197]: NOQUEUE: reject: RCPT from
> mx2.mydomain.com.br[XXX.XXX.XXX.37]: 454 4.7.1 <
Maybe the SMTP server has soft_bounce turned on.
> I wanna know why Postfix is reject mail with temp error (4xx) and not 5xx
> for Relay access denied.
>
> Here is the log:
>
> May 27 12:11:34 XXXX postfix/smtpd[31197]: NOQUEUE: reject: RCPT from
> mx2.mydomain.com.br[XXX.XXX.XXX.37]: 454 4.7.1 <
Maybe the server has logged a DNS temporary lookup error prior to
this reject.
Wietse
M. Rodrigo Monteiro
May 27, 2014, 3:49:58 PM5/27/14
to
2014-05-27 16:43 GMT-03:00 Wietse Venema <wie...@porcupine.org>:
Maybe the SMTP server has soft_bounce turned on.
# postconf soft_bounce
soft_bounce = no
Maybe the server has logged a DNS temporary lookup error prior to
this reject.
No.
Wietse
Viktor Dukhovni
May 27, 2014, 3:54:17 PM5/27/14
to
On Tue, May 27, 2014 at 04:38:31PM -0300, M. Rodrigo Monteiro wrote:
> Hi.
> I wanna know why Postfix is reject mail with temp error (4xx) and not 5xx
> for Relay access denied.
What version of Postfix is this?
> Hi.
> I wanna know why Postfix is reject mail with temp error (4xx) and not 5xx
> for Relay access denied.
> Here is the conf:
Generally, you should post the output of "postconf -n" rather than
just what you think is relevant.
> smtpd_recipient_restrictions =
> reject_multi_recipient_bounce,
> permit_mynetworks,
> reject_unauth_destination,
> permit
>
> # postconf relay_domains_reject_code
> relay_domains_reject_code = 554
--
Viktor.
M. Rodrigo Monteiro
May 28, 2014, 7:54:23 AM5/28/14
to
2014-05-27 16:54 GMT-03:00 Viktor Dukhovni <postfi...@dukhovni.org>:
On Tue, May 27, 2014 at 04:38:31PM -0300, M. Rodrigo Monteiro wrote:What version of Postfix is this?
> Hi.
> I wanna know why Postfix is reject mail with temp error (4xx) and not 5xx
> for Relay access denied.
# postconf | grep mail_v
mail_version = 2.11.1
> Here is the conf:
Generally, you should post the output of "postconf -n" rather than
just what you think is relevant.
Ok.
> smtpd_recipient_restrictions =With 2.10 or later, relay control is via smtpd_relay_restrictions.
> reject_multi_recipient_bounce,
> permit_mynetworks,
> reject_unauth_destination,
> permit
>
> # postconf relay_domains_reject_code
> relay_domains_reject_code = 554
# postconf | grep smtpd_relay_restrictions
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination
It's it. Thanks. I didn't know that was changed. Thanks!
In my scenario, should I use relay in transport_maps? Whats the diference between relay and smtp?
MX -> Content Filter (this) -> Mailbox (Zimbra, Postfix or qmail)
--
Viktor.
Wietse Venema
May 28, 2014, 8:22:42 AM5/28/14
to
M. Rodrigo Monteiro:
default_transport = smtp
relay_transport = relay
The purpose of this separation is (roughly) to give relayed mail
the same priority as outbound mail.
Without this separation, one inbound destination would get the same
priority as one outbound destination. On a busy mail server, inbound
mail would suffer delays when there are more outbound destinations
than inbound.
Wietse
> In my scenario, should I use relay in transport_maps? Whats the diference
> between relay and smtp?
Because:
> between relay and smtp?
default_transport = smtp
relay_transport = relay
The purpose of this separation is (roughly) to give relayed mail
the same priority as outbound mail.
Without this separation, one inbound destination would get the same
priority as one outbound destination. On a busy mail server, inbound
mail would suffer delays when there are more outbound destinations
than inbound.
Wietse
Viktor Dukhovni
May 28, 2014, 11:44:48 AM5/28/14
to
On Wed, May 28, 2014 at 08:54:23AM -0300, M. Rodrigo Monteiro wrote:
> > With 2.10 or later, relay control is via smtpd_relay_restrictions.
> >
> # postconf | grep smtpd_relay_restrictions
> smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,
> defer_unauth_destination
>
> It's it. Thanks. I didn't know that was changed. Thanks!
That was the most plausible explanation, most of the time that
> > With 2.10 or later, relay control is via smtpd_relay_restrictions.
> >
> # postconf | grep smtpd_relay_restrictions
> smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,
> defer_unauth_destination
>
> It's it. Thanks. I didn't know that was changed. Thanks!
yields the right answer.
> In my scenario, should I use relay in transport_maps? Whats the diference
> between relay and smtp?
>
> MX -> Content Filter (this) -> Mailbox (Zimbra, Postfix or qmail)
A completely unrelated and all too concisely stated question, you
sure like to keep people guessing. If the parenthetical (this)
means that the MTA in question is handling content filtering between
the inbound MX host and the downstream message stores, so that all
mail flow is one direction, then it makes little difference which
transport handles all the mail.
The smtp/relay transport split is for bi-directional MTAs, where
at peak loads you get lower latency for inbound mail when the outbound
mail direction is congested.
One should also generally use a separate transport for the advanced smtp
content_filter than for post-filter delivery, don't want one competing
with the other.
If you still have a question along these lines, start a new thread,
and ask it properly. My reply should not be significantly longer
than your question.
--
Viktor.
0 new messages