On 10/24/2010 8:13 PM, t...@diogunix.com wrote:
I have a mail user with obviously a mixed up MUA setup (Thunderbird). This
mail user cannot send out Email to any Email address belonging to foreign
mail servers. He only succeeds to send Email to users on the same mailserver
(mine).
The principal problem (wrong MUA settings) is clear but I just would like to
fully understand the related postfix logline 100% right (to be able to give
more DETAILED advice to this MUA user.
My Email user is myu...@homedomain.tld (my mailservers)
He wants to send an Email to sil...@foreigndomain.tld (foreign mail server)
Here's the logline in question:
Oct 24 22:38:36 mail postfix/smtpd[91510]: NOQUEUE: reject: RCPT from
ANice-123-1-16-136.w82-144.abo.wanadoo.fr[123.123.123.123]: 554 5.7.1
<sil...@foreigndomain.tld>: Relay access denied;
from=<myu...@homedomain.tld> to=<sil...@foreigndomain.tld> proto=ESMTP
helo=<[192.168.0.4]>
So three times an Email address is mentioned in this logline. The meaning of
the second occuremce ("... from=<myu...@homedomain.tld> ...") and third
occurence (".... to=<sil...@foreigndomain.tld> ...")is clear. I just don't
get the exact meaning of the first occurence of an Email address.
Now the actual question:
Does the FIRST occurence of an Email address ( "... 554 5.7.1
<sil...@foreigndomain.tld>: Relay access denied ...") mean, that my client
tried to smtp auth himself as mailbox user sil...@foreign.tld ?
Does this then mean that wrongfully this MUA setup has sil...@foreign.tld in
the mail accounts configuration instead of myu...@homedomain.tld ?
The log line tells you nothing about AUTH, other than implying
that the client didn't. A breakdown of the log entry:
> Oct 24 22:38:36 mail postfix/smtpd[91510]: NOQUEUE:
NOQUEUE: there was no queue file created.
> reject: RCPT
Request was rejected during the RCPT stage of the SMTP
conversation.
> from
> ANice-123-1-16-136.w82-144.abo.wanadoo.fr[123.123.123.123]:
The remote client's verified hostname and IP.
> 554 5.7.1
> <sil...@foreigndomain.tld>: Relay access denied;
This is the response postfix sent to the remote client. The
SMTP response is 554 (a permanent error) with an extended code
of 5.7.1, and a text description of what was rejected (the
recipient address) and why (relay access denied).
> from=<myu...@homedomain.tld> to=<sil...@foreigndomain.tld>
proto=ESMTP
> helo=<[192.168.0.4]>
Postfix records the sender, recipient, protocol, and the HELO
hostname log analysis.
For SASL errors, look for log entries with the client IP and
"authentication failed", and logging provided by your SASL
subsystem (cyrus or dovecot).
-- Noel Jones
In this case, I had an approval on the wromg MUA setup. My postfix
configuration does exactly what it has to do: reject foreign users to avoid
being an open relay.
Many thanks in advance !
Tom
