On Tue, April 22, 2014 15:14, Wietse Venema wrote: > James B. Byrne: >> usr/lib64/ruby/2.0.0/net/smtp.rb:950:in `check_response': 554 5.7.1 >> <forex.cont...@harte-lyne.ca>: Sender address rejected: Access denied >> (Net::SMTPFatalError). >> >> In master.cf I have this: >> >> submission inet n - n - - smtpd -v >> -o smtpd_tls_security_level=encrypt >> -o smtpd_sasl_auth_enable=yes >> -o smtpd_client_restrictions=permit_sasl_authenticated,reject > > This requires SASL authentication. If the client is local, you may > want to use > > -o > smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject > > Wietse >
I did exactly as you have written above: /etc/postfix/master.cf . . . -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject . . . and received this error: /usr/lib64/ruby/2.0.0/net/smtp.rb:950:in `check_response': 554 5.7.1 <forex.cont...@harte-lyne.ca>: Sender address rejected: Access denied (Net::SMTPFatalError). The sender address is defined as a virtual address on another postfix server. The server I am connecting from simply runs a batch application, at least for the purposes under discussion. That application tries to talk directly to our mail hub which is the system running the postfix instance under discussion. That host, the mail hub, has no local users or mailboxes. The mail hub only acts as a MX host for incoming and outgoing mail traffic. The local delivery machine is yet a different host running postfix and delivering to a cyrus-imap mail store. The mail hub forwards all local delivery addresses to the imap server. All internally generated mail traffic is routed directly to the mail hub for delivery, whether local or external. The issue only arises when I try an use smtp-msa. If I use straight smtp from the application then things work, usually. The impetus for changing to msa is that occasionally our mail hub gets very busy and the application times out waiting for a response. I have another work-around and that is to have the application delivery to localhost via smtp on port 25 and then allow the local MTA handle forwarding the message to the mail hub. Which it does. I am still pursuing this issue so that I can understand how msa is meant to work. No doubt our set up is a little more complex than some but it should still work. -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:byrn...@harte-lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3