I have a batch process that uses ActionMailer-4.0.1 to send email messages. I am attempting to configure it to use the submission port rather than simple smtp. However, when I specify port 587 then I get this error:
usr/lib64/ruby/2.0.0/net/smtp.rb:950:in `check_response': 554 5.7.1 <forex.cont...@harte-lyne.ca>: Sender address rejected: Access denied (Net::SMTPFatalError). I added this address to the /etc/postfix/sender_access file and rebuilt the hash with postmap and restart postfix. Now I get this: /usr/lib64/ruby/2.0.0/net/smtp.rb:950:in `check_response': 554 5.7.1 <inet05.hamilton.harte-lyne.ca[216.185.71.25]>: Client host rejected: Access denied (Net::SMTPFatalError) I have enabled debugging for the host and set the the level to 32 however the results do not reveal to me where I must configure the host to permit message submission. Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: connection established Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: master_notify: status 0 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: name_mask: resource Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: name_mask: software Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: connect from inet05.hamilton.harte-lyne.ca[216.185.71.25] Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_list_match: inet05.hamilton.harte-lyne.ca: no match Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_list_match: 216.185.71.25: no match Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_list_match: inet05.hamilton.harte-lyne.ca: no match Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_list_match: 216.185.71.25: no match Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_hostname: inet05.hamilton.harte-lyne.ca ~? 216.185.71.25 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_hostaddr: 216.185.71.25 ~? 216.185.71.25 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_hostname: inet05.hamilton.harte-lyne.ca ~? 127.0.0.0/8 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_hostaddr: 216.185.71.25 ~? 127.0.0.0/8 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_hostname: inet05.hamilton.harte-lyne.ca ~? 216.185.71.0/24 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_hostaddr: 216.185.71.25 ~? 216.185.71.0/24 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 220 inet08.hamilton.harte-lyne.ca ESMTP Postfix Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: watchdog_pat: 0x7f2982e2dac0 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: vstream_fflush_some: fd 11 flush 49 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: vstream_buf_get_ready: fd 11 got 36 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: < inet05.hamilton.harte-lyne.ca[216.185.71.25]: EHLO inet05.hamilton.harte-lyne.ca Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250-inet08.hamilton.harte-lyne.ca Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250-PIPELINING Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250-SIZE 20480000 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250-ETRN Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_list_match: inet05.hamilton.harte-lyne.ca: no match Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_list_match: 216.185.71.25: no match Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250-STARTTLS Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250-ENHANCEDSTATUSCODES Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250-8BITMIME Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250 DSN Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: watchdog_pat: 0x7f2982e2dac0 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: vstream_fflush_some: fd 11 flush 142 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: vstream_buf_get_ready: fd 11 got 10 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: < inet05.hamilton.harte-lyne.ca[216.185.71.25]: STARTTLS Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 220 2.0.0 Ready to start TLS Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: vstream_fflush_some: fd 11 flush 30 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: auto_clnt_open: connected to private/tlsmgr Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: event_enable_read: fd 17 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: event_request_timer: set 0x7f2982650dc0 0x7f2982d5bdf0 5 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: event_request_timer: set 0x7f2982650df0 0x7f2982d5bdf0 1000 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: send attr request = seed Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: send attr size = 32 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: vstream_fflush_some: fd 17 flush 22 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: vstream_buf_get_ready: fd 17 got 60 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: private/tlsmgr: wanted attribute: status Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: input attribute name: status Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: input attribute value: 0 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: private/tlsmgr: wanted attribute: seed Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: input attribute name: seed Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: input attribute value: ehwFTULuLdsD+Qb0LFwavW8VVFIUEdPjyGdJeJW9GCM= Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: private/tlsmgr: wanted attribute: (list terminator) Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: input attribute name: (end) Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: xsasl_cyrus_server_create: SASL service=smtp, realm=(null) Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: name_mask: noanonymous Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: watchdog_pat: 0x7f2982e2dac0 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: vstream_buf_get_ready: fd 11 got 36 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: < inet05.hamilton.harte-lyne.ca[216.185.71.25]: EHLO inet05.hamilton.harte-lyne.ca Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250-inet08.hamilton.harte-lyne.ca Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250-PIPELINING Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250-SIZE 20480000 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250-ETRN Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250-AUTH LOGIN PLAIN Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_list_match: inet05.hamilton.harte-lyne.ca: no match Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_list_match: 216.185.71.25: no match Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250-AUTH=LOGIN PLAIN Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250-ENHANCEDSTATUSCODES Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250-8BITMIME Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250 DSN Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: watchdog_pat: 0x7f2982e2dac0 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: vstream_fflush_some: fd 11 flush 172 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: vstream_buf_get_ready: fd 11 got 41 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: < inet05.hamilton.harte-lyne.ca[216.185.71.25]: MAIL FROM:<forex.cont...@harte-lyne.ca> Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: extract_addr: input: <forex.cont...@harte-lyne.ca> Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: smtpd_check_addr: addr=forex.cont...@harte-lyne.ca Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: ctable_locate: move existing entry key forex.cont...@harte-lyne.ca Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: extract_addr: in: <forex.cont...@harte-lyne.ca>, result: forex.cont...@harte-lyne.ca Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: fsspace: .: block size 4096, blocks free 2222355 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: smtpd_check_queue: blocks 4096 avail 2222355 min_free 40960000 msg_size_limit 20480000 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 250 2.1.0 Ok Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: watchdog_pat: 0x7f2982e2dac0 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: vstream_fflush_some: fd 11 flush 14 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: vstream_buf_get_ready: fd 11 got 33 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: < inet05.hamilton.harte-lyne.ca[216.185.71.25]: RCPT TO:<supp...@harte-lyne.ca> Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: extract_addr: input: <supp...@harte-lyne.ca> Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: smtpd_check_addr: addr=supp...@harte-lyne.ca Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: ctable_locate: move existing entry key supp...@harte-lyne.ca Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: extract_addr: in: <supp...@harte-lyne.ca>, result: supp...@harte-lyne.ca Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: >>> START Client host RESTRICTIONS <<< Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: generic_checks: name=permit_sasl_authenticated Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: generic_checks: name=permit_sasl_authenticated status=0 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: generic_checks: name=reject Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: NOQUEUE: reject: RCPT from inet05.hamilton.harte-lyne.ca[216.185.71.25]: 554 5.7.1 <inet05.hamilton.harte-lyne.ca[216.185.71.25]>: Client host rejected: Access denied; from=<forex.cont...@harte-lyne.ca> to=<supp...@harte-lyne.ca> proto=ESMTP helo=<inet05.hamilton.harte-lyne.ca> Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: generic_checks: name=reject status=2 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 554 5.7.1 <inet05.hamilton.harte-lyne.ca[216.185.71.25]>: Client host rejected: Access denied Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: watchdog_pat: 0x7f2982e2dac0 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: vstream_fflush_some: fd 11 flush 95 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: vstream_buf_get_ready: fd 11 got 6 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: < inet05.hamilton.harte-lyne.ca[216.185.71.25]: QUIT Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: > inet05.hamilton.harte-lyne.ca[216.185.71.25]: 221 2.0.0 Bye Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_hostname: inet05.hamilton.harte-lyne.ca ~? 127.0.0.0/8 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_hostaddr: 216.185.71.25 ~? 127.0.0.0/8 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_hostname: inet05.hamilton.harte-lyne.ca ~? 216.185.71.0/24 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: match_hostaddr: 216.185.71.25 ~? 216.185.71.0/24 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: vstream_fflush_some: fd 11 flush 15 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: disconnect from inet05.hamilton.harte-lyne.ca[216.185.71.25] Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: master_notify: status 1 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: connection closed In master.cf I have this: submission inet n - n - - smtpd -v -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_recipient_restrictions=permit_sasl_authenticated,permit_tls_clientcerts,reject_unauth_destination -o smtpd_sender_restrictions=permit_sasl_authenticated,permit_tls_clientcerts,reject -o milter_macro_daemon_name=ORIGINATING -o syslog_name=postfix-p587 And in main.cf I have this: smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_sender_domain, check_sender_access hash:/etc/postfix/sender_access, permit I infer that from these lines in the log: Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: >>> START Client host RESTRICTIONS <<< Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: generic_checks: name=permit_sasl_authenticated Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: generic_checks: name=permit_sasl_authenticated status=0 Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: generic_checks: name=reject Apr 22 14:25:44 inet08 postfix-p587/smtpd[19209]: NOQUEUE: reject: RCPT from inet05.hamilton.harte-lyne.ca[216.185.71.25]: 554 5.7.1 <inet05.hamilton.harte-lyne.ca[216.185.71.25]>: Client host rejected: Access denied; from=<forex.cont...@harte-lyne.ca> to=<supp...@harte-lyne.ca> proto=ESMTP helo=<inet05.hamilton.harte-lyne.ca> That this is the ling in master.cf I have to alter: -o smtpd_client_restrictions=permit_sasl_authenticated,reject But my question is: alter it to what? If I alter it to this: -o smtpd_client_restrictions=permit_sasl_authenticated,check_sender_access,reject Then I get this error: /usr/lib64/ruby/2.0.0/net/smtp.rb:950:in `check_response': 451 4.3.5 Server configuration error (Net::SMTPServerBusy) And this email message is generated: RFC822 Message body Return-Path: <double-bou...@inet08.hamilton.harte-lyne.ca> Received: from inet07.hamilton.harte-lyne.ca ([unix socket]) by inet07.hamilton.harte-lyne.ca (Cyrus v2.3.16-Fedora-RPM-2.3.16-6.el6_2.5) with LMTPA; Tue, 22 Apr 2014 14:36:24 -0400 X-Sieve: CMU Sieve 2.3 Received: from inet08.hamilton.harte-lyne.ca (inet08.hamilton.harte-lyne.ca [216.185.71.28]) by inet07.hamilton.harte-lyne.ca (Postfix) with ESMTP id E399E8AE4E for <postmas...@inet08.hamilton.harte-lyne.ca>; Tue, 22 Apr 2014 14:36:23 -0400 (EDT) Received: by inet08.hamilton.harte-lyne.ca (Postfix) id C75016094A; Tue, 22 Apr 2014 14:36:23 -0400 (EDT) Date: Tue, 22 Apr 2014 14:36:23 -0400 (EDT) From: mailer-dae...@inet08.hamilton.harte-lyne.ca (Mail Delivery System) To: postmas...@inet08.hamilton.harte-lyne.ca (Postmaster) Subject: Postfix SMTP server: errors from inet05.hamilton.harte-lyne.ca[216.185.71.25] Message-Id: <20140422183623.c750160...@inet08.hamilton.harte-lyne.ca> Transcript of session follows. Out: 220 inet08.hamilton.harte-lyne.ca ESMTP Postfix In: EHLO inet05.hamilton.harte-lyne.ca Out: 250-inet08.hamilton.harte-lyne.ca Out: 250-PIPELINING Out: 250-SIZE 20480000 Out: 250-ETRN Out: 250-STARTTLS Out: 250-ENHANCEDSTATUSCODES Out: 250-8BITMIME Out: 250 DSN In: STARTTLS Out: 220 2.0.0 Ready to start TLS In: EHLO inet05.hamilton.harte-lyne.ca Out: 250-inet08.hamilton.harte-lyne.ca Out: 250-PIPELINING Out: 250-SIZE 20480000 Out: 250-ETRN Out: 250-AUTH LOGIN PLAIN Out: 250-AUTH=LOGIN PLAIN Out: 250-ENHANCEDSTATUSCODES Out: 250-8BITMIME Out: 250 DSN In: MAIL FROM:<forex.cont...@harte-lyne.ca> Out: 250 2.1.0 Ok In: RCPT TO:<supp...@harte-lyne.ca> Out: 451 4.3.5 Server configuration error In: QUIT Out: 221 2.0.0 Bye For other details, see the local mail logfile which reveals this: Apr 22 14:52:56 inet08 postfix-p587/smtpd[20013]: generic_checks: name=check_sender_access Apr 22 14:52:56 inet08 postfix-p587/smtpd[20013]: warning: restriction check_sender_access: bad argument "reject": need maptype:mapname I therefore altered master.cf to this: -o smtpd_client_restrictions=permit_sasl_authenticated,check_sender_access hash:/etc/postfix/sender_access,reject and restarted postfix. The error is now this: /usr/lib64/ruby/2.0.0/net/protocol.rb:153:in `read_nonblock': end of file reached (EOFError) And all I can see in the log that appears pertinent is this: Apr 22 14:59:06 inet08 postfix/master[20152]: warning: process /usr/libexec/postfix/smtpd pid 20235 exit status 1 Apr 22 14:59:06 inet08 postfix/master[20152]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling I have no idea on how to proceed from here or even where to look. Is there something obvious that I am missing? Sincerely, -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:byrn...@harte-lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3