<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hi,<br>
<br>
same here on ubuntu 14.04 with kolab winterfell, temporary
workaround is to disable sender policy:<br>
comment line <br>
-o smtpd_data_restrictions=$submission_data_restrictions<br>
<br>
under submissions section in /etc/postfix/master.cf<br>
but that allows to send any user with any email which might be a
security concern.<br>
<br>
Best Regards<br>
Paul<br>
<br>
<div class="moz-cite-prefix">On 05/07/16 07:20, Roland Kolb (IBU)
wrote:<br>
</div>
<blockquote
cite="mid:7FA697D5-6A36-4346-84C8-AADF51914E39@ib-ulherr.de"
type="cite">
<meta http-equiv="content-type" content="text/html;
charset=windows-1252">
<div><span></span></div>
<div>
<div><br>
</div>
<blockquote type="cite">
<div>
<meta http-equiv="content-type" content="text/html;
charset=windows-1252">
<p> </p>
<div class="moz-text-flowed" style="font-family: -moz-fixed;
font-size: 14px;" lang="x-unicode">Hello, <br>
<br>
since the last update (4 Jul 2016) I can't send any mails
from my Kolab-Server (Kolab 16 on Centos 7). My
postfix-Version is: postfix.x86_64 2:2.10.1-6.el7 <br>
<br>
When I try to send a mail from the web client I found the
following message in maillog: reject: DATA from
localhost[::1]: 554 5.7.1 <DATA>: Data command
rejected: Sender access denied; <br>
<br>
When I try to send a mail from the client (i.e.
Thunderbird) I found the following message in maillog:
NOQUEUE: reject: RCPT from <a moz-do-not-send="true"
href="http://business-176-094-009-211.static.arcor-ip.net">business-176-094-009-211.static.arcor-ip.net</a>[xxx.xxx.xxx.xxx]:
554 5.7.1 <a moz-do-not-send="true"
class="moz-txt-link-rfc2396E"
href="mailto:Roland.Kolb@xxxx.xxxx"><Roland.Kolb@xxxx.xxxx></a>:
Relay access denied; from=<a moz-do-not-send="true"
class="moz-txt-link-rfc2396E"
href="mailto:roland.kolb@yyy.yyy"><roland.kolb@yyy.yyy></a>
to=<a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
href="mailto:Roland.Kolb@xxxx.xxxx"><Roland.Kolb@xxxx.xxxx></a>
proto=ESMTP helo=<[192.168.2.102]> <br>
<br>
For a testing purpose to solve the problem I changed the
parameters smtpd_recipient_restrictions,
submission_sender_restrictions and
smtpd_sender_restrictions to permit_mynetworks. No success<br>
<br>
My configuration is: <br>
<br>
smtpd_tls_auth_only = yes <br>
transport_maps = <a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="ldap:/etc/postfix/ldap/transport_maps.cf">ldap:/etc/postfix/ldap/transport_maps.cf</a>,
hash:/etc/postfix/transport <br>
content_filter = smtp-amavis:[127.0.0.1]:10024 <br>
recipient_delimiter = + <br>
smtpd_tls_key_file = /etc/pki/tls/private/localhost.pem <br>
smtpd_sender_login_maps = $local_recipient_maps<br>
local_recipient_maps = <a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="ldap:/etc/postfix/ldap/local_recipient_maps.cf">ldap:/etc/postfix/ldap/local_recipient_maps.cf</a><br>
virtual_alias_maps = $alias_maps, <a
moz-do-not-send="true" class="moz-txt-link-freetext"
href="ldap:/etc/postfix/ldap/virtual_alias_maps.cf"><a class="moz-txt-link-freetext" href="ldap:/etc/postfix/ldap/virtual_alias_maps.cf">ldap:/etc/postfix/ldap/virtual_alias_maps.cf</a></a>,
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="ldap:/etc/postfix/ldap/virtual_alias_maps_mailforwarding.cf">ldap:/etc/postfix/ldap/virtual_alias_maps_mailforwarding.cf</a>,
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="ldap:/etc/postfix">ldap:/etc/postfix</a>
/ldap/virtual_alias_maps_sharedfolders.cf, <a
moz-do-not-send="true" class="moz-txt-link-freetext"
href="ldap:/etc/postfix/ldap/mailenabled_distgroups.cf"><a class="moz-txt-link-freetext" href="ldap:/etc/postfix/ldap/mailenabled_distgroups.cf">ldap:/etc/postfix/ldap/mailenabled_distgroups.cf</a></a>,
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="ldap:/etc/postfix/ldap/mailenabled_dynamic_distgroups.cf">ldap:/etc/postfix/ldap/mailenabled_dynamic_distgroups.cf</a><br>
submission_sender_restrictions = reject_non_fqdn_sender,
check_policy_service unix:private/submission_policy,
permit_sasl_authenticated, reject<br>
submission_recipient_restrictions = check_policy_service
unix:private/submission_policy, permit_sasl_authenticated,
reject <br>
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_pipelining,
reject_rbl_client <a moz-do-not-send="true"
href="http://zen.spamhaus.org">zen.spamhaus.org</a>,
reject_non_fqdn_recipient, reject_invalid_helo_hostname,
reject_unknown_recipient_domain,
reject_unauth_destination, check_policy_service
unix:private/recipient_policy_incoming, permit<br>
<br>
smtp_tls_security_level = may <br>
submission_data_restrictions = check_policy_service
unix:private/submission_policy <br>
smtpd_tls_cert_file = /etc/pki/tls/private/localhost.pem <br>
smtpd_tls_security_level = may <br>
smtpd_sasl_auth_enable = yes <br>
smtpd_sender_restrictions = permit_mynetworks,
check_policy_service unix:private/sender_policy_incoming <br>
<br>
Has somebody any idea?<br>
<br>
Thanks in advance<br>
<br>
Roland<br>
<br>
<br>
<br>
Roland <br>
<br>
</div>
</div>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:users@lists.kolab.org">users@lists.kolab.org</a>
<a class="moz-txt-link-freetext" href="https://lists.kolab.org/mailman/listinfo/users">https://lists.kolab.org/mailman/listinfo/users</a></pre>
</blockquote>
<br>
</body>
</html>