Relay access denied on submission?

Mon, 26 Aug 2013 15:48:53 -0700 

postfix/smtpd[4289]: Anonymous TLS connection established from 
mobile-166-147-083-103.mycingular.net[166.147.83.103]: TLSv1 with cipher 
ECDHE-RSA-AES256-SHA (256/256 bits)

mail postfix/smtpd[4289]: NOQUEUE: reject: RCPT from 
mobile-166-147-083-103.mycingular.net[166.147.83.103]: 454 4.7.1 
<*munged*@mac.com>: Relay access denied; from=<krem...@kreme.com> 
to=<*munged*@mac.com> proto=ESMTP helo=<[10.33.25.94]>

postfix/smtpd[4289]: disconnect from 
mobile-166-147-083-103.mycingular.net[166.147.83.103]


$ postconf -M | grep submission
submission inet  n       -       n       -       -       smtpd -o 
smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o 
smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o 
smtpd_sasl_security_options=noanonymous -o smtpd_sasl_local_domain=$myhostname 
-o smtpd_client_restrictions=permit_sasl_authenticated,reject -o 
syslog_name=submit-tls


$ postconf -n
alias_database = hash:$config_directory/aliases
alias_maps = hash:$config_directory/aliases, 
hash:/usr/local/mailman/data/aliases
allow_percent_hack = no
body_checks = pcre:$config_directory/body_checks.pcre
bounce_size_limit = 10240
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
config_directory = /etc/postfix
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb 
$daemon_directory/$process_name $process_id & sleep 5
disable_vrfy_command = yes
header_checks = pcre:$config_directory/header_checks.pcre
header_size_limit = 10240
home_mailbox = Maildir/
html_directory = /usr/local/share/doc/postfix
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mailbox_command = /usr/local/bin/procmail -t -a $EXTENSION
mailbox_size_limit = 52428800
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
maps_rbl_reject_code = 521
message_size_limit = 26214400
mime_header_checks = pcre:$config_directory/mime_headers.pcre
mydestination = $myhostname, localhost.$mydomain, $mydomain, localhost, 
ns1.$mydomain, ns2.$mydomain, mail.$mydomain, www.$mydomain, webmail.$mydomain
mydomain = covisp.net
myhostname = mail.covisp.net
mynetworks = 75.148.117.88/29, 127.0.0.0/8, 23.24.150.141
myorigin = $mydomain
newaliases_path = /usr/local/bin/newaliases
postscreen_access_list = permit_mynetworks, 
cidr:$config_directory/postscreen_access.cidr
postscreen_dnsbl_action = enforce
postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..9]*3 
list.dnswl.org=127.0.0.1*-1 list.dnswl.org=127.0.0.2*-3 
list.dnswl.org=127.0.0.3*-9 dwl.spamhaus.org=127.0.2.[2;3]*-4 
swl.spamhaus.org=127.0.2.[12;13]*-4
postscreen_dnsbl_ttl = 1d
postscreen_greet_action = enforce
postscreen_greet_banner = mail.covisp.net ESTMP -- Please wait
postscreen_greet_ttl = 1d
postscreen_greet_wait = 4s
queue_directory = /var/spool/postfix
readme_directory = /usr/local/share/doc/postfix
recipient_delimiter = +
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
show_user_unknown_table_name = no
smtp_tls_security_level = may
smtpd_banner = $myhostname ESMTP $mail_name $mail_version
smtpd_data_restrictions = reject_unauth_pipelining, 
reject_multi_recipient_bounce, permit
smtpd_error_sleep_time = 28
smtpd_hard_error_limit = 8
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname, 
reject_non_fqdn_helo_hostname, permit
smtpd_recipient_limit = 100
smtpd_recipient_restrictions = reject_non_fqdn_sender, 
reject_non_fqdn_recipient, reject_unknown_sender_domain, 
reject_invalid_hostname, permit_mynetworks, permit_sasl_authenticated, 
reject_unauth_destination, reject_unlisted_recipient, reject_unlisted_sender, 
reject_unknown_reverse_client_hostname, warn_if_reject 
reject_unknown_client_hostname, check_sender_access 
pcre:$config_directory/sender_access.pcre, check_client_access 
pcre:$config_directory/check_client_fqdn.pcre, check_recipient_access 
pcre:$config_directory/recipient_checks.pcre, check_client_access 
hash:$config_directory/access, permit
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated 
defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_soft_error_limit = 4
smtpd_starttls_timeout = 40s
smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem
smtpd_tls_key_file = /etc/ssl/private/postfix.pem
smtpd_tls_loglevel = 2
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:$data_directory/smtpd_sessions
smtpd_tls_session_cache_timeout = 1800s
soft_bounce = no
swap_bangpath = no
transport_maps = hash:/etc/postfix/transport
undisclosed_recipients_header = To: List of Bcc addresses:;
unknown_local_recipient_reject_code = 550
virtual_alias_domains = kreme.com
virtual_alias_maps = hash:$config_directory/virtual 
pcre:$config_directory/virtual.pcre, pcre:$config_directory/virtual_sql.pcre, 
proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:89
virtual_mailbox_base = /usr/local/virtual
virtual_mailbox_domains = 
proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = 
proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 89
virtual_transport = virtual
virtual_uid_maps = static:89

-- 
Oh, no!  Not *ANOTHER* learning experience!

Reply via email to