On Fri, Jun 24, 2011 at 11:14:31PM +0800, Jon Miller wrote: > When I see mail trying to come in I get an error such as: > > Jun 24 23:01:08 mmtlnx postfix/smtpd[27237]: NOQUEUE: reject: RCPT from > mail.domain3.com.au[203.161.81.22]: 554 > <mail.domain3.com.au[203.161.81.22]>: Client host rejected: Access denied; > from=<jlmil...@domain3.com.au> to=<jlmil...@domain1.com.au> proto=ESMTP > helo=<mail.domain3.com.au>
Your access rules don't allow 203.161.81.22 to send email to jlmil...@domain1.com.au. With munged log domain names, it may be difficult to correlate this to your configuration. > mydestination = $myhostname $mydomain jlorenzo.com.au > mydomain = mmtnetworks.com.au > myhostname = mail.mmtnetworks.com.au How is this related to the domains in the log entry? > mynetworks = 192.168.2.0/24, 127.0.0.0/8 The sending machine is NOT in mynetworks. > relay_domains = $mydestination Generally, not a good idea. If you want all sub-domains of your domain to be relay domains, do this explicitly: # Empty parent_domain_matches_subdomains = # Relay domains and sub-domain suffixes: relay_domains = example.org, .example.com, .example.net > sender_canonical_maps = hash:/etc/postfix/sender_canonical Better to use smtp_generic_maps. > smtpd_client_restrictions = permit_mynetworks, reject This rejects all traffic from machines not listed in mynetworks, and is the reason for the reported reject. > smtpd_recipient_restrictions = reject_unknown_sender_domain, > permit_mynetworks, reject_unauth_destination, permit This won't help, the traffic is already rejected. -- Viktor.