On Fri, Jun 24, 2011 at 11:14:31PM +0800, Jon Miller wrote:
> When I see mail trying to come in I get an error such as:
>
> Jun 24 23:01:08 mmtlnx postfix/smtpd[27237]: NOQUEUE: reject: RCPT from
> mail.domain3.com.au[203.161.81.22]: 554
> <mail.domain3.com.au[203.161.81.22]>: Client host rejected: Access denied;
> from=<jlmil...@domain3.com.au> to=<jlmil...@domain1.com.au> proto=ESMTP
> helo=<mail.domain3.com.au>
Your access rules don't allow 203.161.81.22 to send email to
jlmil...@domain1.com.au. With munged log domain names, it may be difficult
to correlate this to your configuration.
> mydestination = $myhostname $mydomain jlorenzo.com.au
> mydomain = mmtnetworks.com.au
> myhostname = mail.mmtnetworks.com.au
How is this related to the domains in the log entry?
> mynetworks = 192.168.2.0/24, 127.0.0.0/8
The sending machine is NOT in mynetworks.
> relay_domains = $mydestination
Generally, not a good idea. If you want all sub-domains of your
domain to be relay domains, do this explicitly:
# Empty
parent_domain_matches_subdomains =
# Relay domains and sub-domain suffixes:
relay_domains = example.org, .example.com, .example.net
> sender_canonical_maps = hash:/etc/postfix/sender_canonical
Better to use smtp_generic_maps.
> smtpd_client_restrictions = permit_mynetworks, reject
This rejects all traffic from machines not listed in mynetworks, and is
the reason for the reported reject.
> smtpd_recipient_restrictions = reject_unknown_sender_domain,
> permit_mynetworks, reject_unauth_destination, permit
This won't help, the traffic is already rejected.
--
Viktor.
