Relay access denied (in reply to RCPT TO command) Postfix Issue
I am trying to configure my server for email taking reference form this link: SMTP Relaying Outgoing Mail in Postfix - using Webmin. I used Mandrill smtp server in my case. I have also configured a vagrent instance before configuring the main server. But when I try to send email from the server (both vagrant and main) using:
sendemail -f [email protected] -t <myemail>@gmail.com -m "Message Body" -u "Message Subject"
The messages get queued in postfix and never reach the destination.
/var/log/mail.log
file shows:
precise64 postfix/smtpd[16542]: connect from localhost[127.0.0.1]
precise64 postfix/smtpd[16542]: 116033A4253: client=localhost[127.0.0.1]
precise64 postfix/cleanup[16545]: 116033A4253: message-id=<621108.689435886-sendEmail@precise64>
precise64 postfix/qmgr[12672]: 116033A4253: from=<[email protected]>, size=916, nrcpt=1 (queue active)
precise64 postfix/smtpd[16542]: disconnect from localhost[127.0.0.1]
precise64 postfix/smtp[16546]: Untrusted TLS connection established to smtp.mandrillapp.com[54.195.231.78]:587: TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)
precise64 postfix/smtp[16546]: 116033A4253: host smtp.mandrillapp.com[54.195.231.78] said: 454 4.7.1 <[email protected]>: Relay access denied (in reply to RCPT TO command)
precise64 postfix/smtp[16546]: Untrusted TLS connection established to smtp.mandrillapp.com[54.247.27.189]:587: TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)
precise64 postfix/smtp[16546]: 116033A4253: to=<[email protected]>, relay=smtp.mandrillapp.com[54.247.27.189]:587, delay=4.3, delays=0.06/0.01/4/0.28, dsn=4.7.1, status=deferred (host smtp.mandrillapp.com[54.247.27.189] said: 454 4.7.1 <[email protected]>: Relay access denied (in reply to RCPT TO command))
And the /etc/postfix/main.cf
file:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = precise64
# myhostname = example.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = precise64, localhost.localdomain, , localhost
relayhost = smtp.mandrillapp.com:587
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
# mynetworks = example.com
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination
virtual_alias_maps = hash:/etc/postfix/generic
smtp_tls_loglevel = 1
smtp_tls_security_level = encrypt
smtp_sasl_security_options = noanonymous
smtp_generic_maps = hash:/etc/postfix/generic
Need some suggestion. Whats going wrong here? I am very new in mail server configuration. Please pardon me if there are silly mistakes.
The problem here is that you configured your server so that it should relay any outbound email to a server, namely smtp.mandrillapp.com
. That server, in turn, is not accepting to relay your mail.
I don't know this company, but my guess is that they only relay mails from authenticated customers, and your are not logging-in.
You should probably have something like the following line somewhere in your main.cf
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/remote_passwords
smtp_sasl_security_options = noplaintext,noanonymous
smtp_sasl_tls_security_options = noanonymous
The file /etc/postfix/remote_passwords
should look like
smtp.mandrillapp.com:587 login:password
with your login/password from mandrillapp.
Also, I see in your config file a smtpd_sasl_auth_enable
(note the 'd' at the end of smtp) that is only relevant if you expect client to log in into your server, and I don't see quite enough configuration for that. You should make sure it is necessary.
Where are you defining the Mandrill API key?
I think you are missing smtp_sasl_password_maps
directive in main.cf
. Please see the following:
Can I configure Postfix to send through Mandrill?
Turns out the port is actually super important in this case, where you specify the username/password combo for your relay. My mail server was hung up for ages because I failed to append :588 to the end of the servername I was using. What a PITA.