Allowing authenticated users to relay via kolab postfix
Munson, Eric
emunson at mgebm.net
Thu Jun 19 04:15:25 CEST 2014
On 2014-06-18 03:13, hede wrote:
> Am Tue, 17 Jun 2014 17:59:25 -0400 schrieb "Munson, Eric"
> <emunson at mgebm.net>:
>
>> All,
>>
>> I am attempting to use a postfix configuration on my local desktop to
>> relay via my Kolab 3.2 install. I have setup my sasl authentication
>> on
>> my desktop properly (I think) but I keep getting rejected by the kolab
>> server with the message:
>>
>> Client host rejected: Access denied (in reply to RCPT TO command)
>>
>> On the server I see:
>>
>> NOQUEUE: reject: RCPT from my.external.domain.net[X.X.X.X]: 554 5.7.1
>> <my.external.domain.net[X.X.X.X]>: Client host rejected: Access
>> denied;
>> from=<me at mydomain.net> to=<me at mydomain.net> proto=ESMTP
>> helo=<desktopname>
>>
>> What am I doing wrong?
>
> With "to=<me at mydomain.net>" it seems not even related to relaying.
> The error would be "Relay access denied".
>
> Do you use Blacklists? Maybe the blacklist kicks in before accepting
> authorised connections? (see submission_sender_restrictions or
> smtpd_sender_restrictions)
>
> Btw: Do you use the submission (587) port or smtp (25) for client
> connections? AFAIK relaying via port 25 is prohibited by default.
>
> I would try to test if it's a client or server side configuration
> problem via telnet/openssl. But I don't know how to do this
> from Windows, in case it's a Windows client...
>
> regards
> hede
>
>
> (((( Testing smtp connections via command line:
>
> perl -MMIME::Base64 -e 'print
> encode_base64("\000[username]\000[password]")'
> openssl s_client -starttls smtp -crlf -connect [mailserverdomain]:587
>
> """"
> EHLO testing
> AUTH PLAIN [perl-output-here]
> MAIL FROM: [authorized_user at domain]
> RCPT TO: [someothermail]
> DATA
> From: [authorized_user at domain]
> To: [someothermail]
> Subject: testing
>
> testing
> .
> """"
>
> ))))
>
I must be doing something wrong when trying to test:
250 DSN
EHLO testing
250-mail.mydomain.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN sometextoutputfromperl
235 2.7.0 Authentication successful
MAIL FROM: me at mydomain.net
250 2.1.0 Ok
RCPT TO: admin at mydomain.net
RENEGOTIATING
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN
= AddTrust External CA Root
verify error:num=19:self signed certificate in certificate chain
verify return:0
DATA
554 5.5.1 Error: no valid recipients
I am not sure what all that means. I am especially confused about the
verify error:num=19:self signed certificate in certificate chain bit as
I have a certificate singe by a CA and I think it is all setup properly.
Eric
More information about the users
mailing list