Forum.opennet.ru - Хостинги

Google for postfix as a SMTP relay. What to do heavily depends on the email provider.

For my provider (netcup) it for example looks like this:

nano /etc/postfix/main.cf
sender_canonical_maps = regexp:/etc/postfix/sender_canonical
relayhost = [YOURNETCUPSERVER.netcup.net]:465
smtpd_tls_security_level = may
smtp_tls_security_level = encrypt
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_use_tls = yes
smtp_tls_wrappermode = yes
nano /etc/postfix/sasl_passwd
[YOURNETCUPSERVER.netcup.net]:465 YOURRELAY@YOURDOMAIN.TLD:PASSWORT
postmap /etc/postfix/sasl_passwd
chown root:root /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db
chmod 0600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db
nano /etc/postfix/sender_canonical
/.+@YOURFQDN/ YOURRELAY@OYURDOMAIN.TLD
/.+@YOURDOMAIN.TLD/ YOURRELAY@YOURDOMAIN.TLD
postmap /etc/postfix/sender_canonical
nano /etc/aliases
postmaster: root
webmaster: root
root: WHERE@ITSHOULD.GO
newaliases
service postfix restart

Last edited: Jun 26, 2021

Confluence configuration for sending emails is done according to the information: https://confluence.atlassian.com/conf74/configuring-a-server-for-outgoing-mail-1003129449.html

It should be noted that at the beginning Confluence (server version) was installed on a server with a different IP address. Then the IP address was changed. But the mail server was configured with the same IP address of the server, which was originally and with a new IP address.

We set up our own mail server (192.168.Y.XXX) — sending from port 25. Physically, the mail server is located on the same machine as the server with Confluence installed (with the IP address 192.168.Y.ZZZ). The result is an error:

“An error has occurred with sending the test email:

com.atlassian.mail.MailException: javax.mail.SendFailedException: Invalid Addresses;

nested exception is:

There was also an attempt to configure sending mail through the Google service smtp.gmail.com through port 465. But this also produces an error:

“An error has occurred with sending the test email:

com.atlassian.mail.MailException: javax.mail.AuthenticationFailedException: 534-5.7.14 <https://accounts.google.com/signin/continue?sarp=1&scc=1&plt=AKgnsbt

534-5.7.14 Please log in via your web browser and then try again.

534 5.7.14 https://support.google.com/mail/answer/78754 i18sm70145ljj.84 — gsmtp «

Logins and passwords are correct, Google authentication is one-factor (not two-factor). If I register port 587 for Google, then a timeout error is obtained.

I would be glad for any help.

Here is the problem:
From any IP address not belonging to your mail server:

telnet me.myemailserver.com 25
helo me.someserver.com
mail from: <yourusername@mydomain.com>
rcpt to: <yourusername@mydomain.com>
data
This is spam. Buy my stuff.
.

I’m using Postfix. I’m having a problem finding a solution to requiring SMTP-AUTH for email claiming to be from mydomain.com.

Googling around, this guy has identified the same problem (where I cut-n-paste with some modifications) the above example from:
http://www.smartertools.com/forums/t/13182.aspx

In short, I want to reject mail to local domains (mydomain.com) from outside/unauthenticated clients claiming to be from local domains (mydomain.com).

This is what I tried:
I’ve tried both permit and reject as the default. Here is exact excerpt from my main.cf:

smtpd_recipient_restrictions = reject_unauth_pipelining, permit_sasl_authenticated, check_recipient_access pgsql:/etc/postfix/pgsql-recipient.cf, reject_unauthenticated_sender_login_mismatch, reject_unauth_destination, reject_unlisted_recipient, check_sender_access pgsql:/etc/postfix/pgsql-sender.cf, reject_unlisted_sender, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_rbl_client cbl.abuseat.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.njabl.org, reject_rbl_client blackholes.wirehub.net, reject_rbl_client relays.mail-abuse.org, reject_rbl_client dialups.mail-abuse.org, reject_rbl_client blackholes.mail-abuse.org, reject_rhsbl_sender dsn.rfc-ignorant.org, (reject and permit both tried here)

Доброго времени суток.
Настроена связка postfix, cyrus-sasl, courier-imap, mysql
Не могу принять почьту снаружи
postconf -n
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
config_directory = /usr/local/etc/postfix
daemon_directory = /usr/local/libexec/postfix
debug_peer_level = 2
html_directory = no
local_recipient_maps = unix:passwd.byname $alias_maps $virtual_mailbox_maps
mail_owner = postfix
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
mydestination = localhost, $hostname, hostname.my.domain, $config_directory mysql:/usr/local/etc/postfix/mysql-mydestination.cf
mydomain = my.domain
myhostname = hostname.my.domain
mynetworks_style = host
newaliases_path = /usr/local/bin/newaliases
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
smtp_sasl_security_options = noanonymous
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = my.domain
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks
transport_maps = mysql:/usr/local/etc/postfix/mysql-transport.cf
unknown_local_recipient_reject_code = 550
virtual_gid_maps = mysql:/usr/local/etc/postfix/mysql-virtual-gid.cf
virtual_mailbox_base = /
virtual_mailbox_limit_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql-virtual-maps.cf
virtual_maildir_limit_message = Sorry, this user has overdrawn their diskspace quota. Please try again later.
virtual_minimum_uid = 500
virtual_overquota_bounce = yes
virtual_uid_maps = mysql:/usr/local/etc/postfix/mysql-virtual-uid.cf

Содержание

Ошибка Recipient Address Rejected. Access Denied
1) Указать правильного получателя
2) Извлечь из спама
3) Очистить временные данные
4) Настроить папки Exchange
2 answers
1 accepted
Suggest an answer

Ошибка Recipient Address Rejected. Access Denied

Часть постовых сервисов могут выдавать сообщение «Recipient Address Rejected. Access Denied», другие – «Адрес получателя отклонен. Отказано в доступе». Оно появляется в том числе в Outlook. Практически сразу или через короткое время высвечивается событие «Сообщение не доставлено». Данная проблема нередко связана с ошибками 541 и 551.

Причины ошибки
Как исправить ошибку Recipient Address Rejected?

Данный сбой весьма распространен, поэтому информации о нем хватает. Из доступных пользовательских отчетов удалось выделить 4 основных причины проблемы:

Адрес электронной почты не существует. Самая частая причина.
Установлен фильтр с защитой от спама, который блокирует получение сообщений с вашего почтового ящика.
DBEB блокирует внешние электронные письма. После настройки Exclaimer Cloud с помощью Microsoft 365 и отправки письма в общие папки, причиной может стать DBEB.
Проблема с DNS. Решением может стать очистка кэша.

Каждая из перечисленных причин имеет свой способ решения. Исправив первопричину, удастся избавиться и от ошибки.

1) Указать правильного получателя

Это нужно попробовать в первую же очередь. Следует несколько раз проверить, что адрес электронной почты получателя указан верно. Возможно, пользователь удалил свой почтовый ящик. Некоторые почтовые сервисы позволяют изменять адреса, поэтому есть вероятность, что он просто переехал. Конечно же, никто не отменял человеческий фактор, возможно, просто указан неправильный электронный адрес.

Совет! Ошибка особенно часто появляется при попытке создать массовую рассылку. Среди всех пользователей есть те, которые уже переехали или удалили свой почтовый ящик. Один из вариантов исправления – создать почтовый ящик CatchAll для массовых рассылок.

Если удалось установить, что почтовый ящик существует, но продолжает появляться ошибка «Адрес получателя отклонен», следует попробовать другие способы.

2) Извлечь из спама

Часто причиной ошибки становится активная система фильтрации спама, установленная на домене получателя. Из-за каких-то прошлых действий на почте вас могли внести в список спама, поэтому и возвращается ошибка.

Recipient Address Rejected

Всего есть 3 основные причины:

Владелец спам-фильтра уже помечал подобные сообщения в качестве спама. Все письма от этого отправителя автоматически будут получать такую пометку.
Электронная почта помещена в черный список. Политика домена может привести к тому, что каждое письма с такой почты будет помечаться как спам.
Сообщение получено, но разделено системой и не было доставлено правильному почтовому ящику.

Единственное решение во всех случаях – попросить добавить вашу почту в белый список. Для этого нужно связаться с человеком другим способом, возможно, просто с другой почты.

3) Очистить временные данные

Есть большая вероятность, что проблемы с отправкой наблюдаются только при подключении к конкретной сети. В таком случае у вас есть все причины полагать, что причиной стал DNS. Сообщение «Адрес получателя отклонен. Ошибка в доступе» будет следствием проблем протокола или передачи данных. Если откинуть сбой сетевого адаптера (нужно проверить подключение к интернету), то проблема в DNS. Чаще всего все дело во временных данных.

Как выполнить сброс кэша DNS, TCP/IP:

Нажать сочетание клавиш Win + R и в диалоговое окно (должно сразу появиться) нужно ввести cmd.
Щелкнуть по сочетанию клавиш Ctrl + Shift + Enter – это приведет к запуску консоли с правами администратора.
Если появится запрос на подтверждение доступа от UAC, в нем нужно нажать на кнопку «Разрешить».
Ввести команды, после каждой нажимая Enter:

netsh int reset all
netsh int ip reset
netsh winsock reset

Остается только закрыть командную строку и попробовать отправить письмо снова.

4) Настроить папки Exchange

Применимо только для тех, кто пытается отправить письмо после настройки Exclaimer Cloud через Microsoft 365. Скорее всего проблемой является блокировка доступа к каталогам DBEB. Система предусмотрена в Microsoft 365 по умолчанию и автоматически отклоняет все письма с адресами, не предусмотренными в Azure Active Directory. Они даже могут присутствовать, но считаться внешними, ведь хранятся в почтовом ящике общедоступных папок, не синхронизированных с Azure.

Что нужно сделать:

ароверить, что все общедоступные сервера размещены локально;
удостовериться в том, что общедоступные сервера есть в Exchange Online;
отключить блокировку DBEB.

Ошибка Recipient Address Rejected может быть исправлена либо изменением адреса получателя, либо внесением корректив в его настройки фильтрации для приходящих писем. Исключение – Exclaimer Cloud Microsoft 365, но это отдельная история.

Postfix и virtual mailbox table,
Genry, 09:21 , 10-Дек-12, ()

Postfix и virtual mailbox table,
vlb267, 09:29 , 10-Дек-12, ()

Postfix и virtual mailbox table,
Genry, 09:50 , 10-Дек-12, ()

Postfix и virtual mailbox table,
vlb267, 11:47 , 10-Дек-12, ()

Postfix и virtual mailbox table,
vlb267, 11:51 , 10-Дек-12, ()

Postfix и virtual mailbox table,
Genry, 12:22 , 10-Дек-12, ()

Postfix и virtual mailbox table,
vlb267, 12:28 , 10-Дек-12, ()

Postfix и virtual mailbox table,
Genry, 12:36 , 10-Дек-12, ()

Postfix и virtual mailbox table,
vlb267, 12:57 , 10-Дек-12, ()

Postfix и virtual mailbox table,
Genry, 13:03 , 10-Дек-12, ()

Postfix и virtual mailbox table,
vlb267, 13:19 , 10-Дек-12, ()

Postfix и virtual mailbox table,
Genry, 13:28 , 10-Дек-12, ()

Postfix и virtual mailbox table,
vlb267, 13:41 , 10-Дек-12, ()

Postfix и virtual mailbox table,
Genry, 14:11 , 10-Дек-12, ()

I am working on building a secure mail server for the first time using Postfix and Dovecot and I have encountered a problem that I cannot surpass.

Sending from john@example.com to alex@example.com works.
Sending from
john@example.com to alex@gmail.com works.
Sending from john@gmail.com
to alex@example.com fails.

NOQUEUE: reject: RCPT from sonic311-43.consmr.mail.bf2.yahoo.com[74.6.131.217]: 451 4.3.5 <john@example.com>: Recipient address rejected: Server configuration problem;

This is my /etc/postfix/main.cf

# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
#smtpd_use_tls=yes
#smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_cert_file=/etc/letsencrypt/live/mail.example.com/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/mail.example.com/privkey.pem
smtpd_use_tls=yes
smtpd_tls_auth_only = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_policy_service unix:private/policyd-spf
# Milter configuration
milter_default_action = accept
milter_protocol = 6
smtpd_milters = local:/opendkim/opendkim.sock
non_smtpd_milters = $smtpd_milters
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = example.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
# mydestination = $myhostname, localhost.localdomain, localhost
mydestination = localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
home_mailbox = Maildir/
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
policyd-spf_time_limit = 3600

Initially, Outbound mail timed out until I added

permit_sasl_authenticated
reject_unauth_destination

How do I get my server to accept mail?

Edit
This is what I get when using a testing tool:

CLIENT -> SERVER: MAIL FROM:
SERVER -> CLIENT: 250 2.1.0 Ok
CLIENT -> SERVER: RCPT TO:
SERVER -> CLIENT: 451 4.3.5 : Recipient address rejected: Server configuration problem
SMTP ERROR: RCPT TO command failed: 451 4.3.5 : Recipient address rejected: Server configuration problem
CLIENT -> SERVER: QUIT
SERVER -> CLIENT: 221 2.0.0 Bye
Connection: closed
2019-04-10 19:53:53 SMTP Error: The following recipients failed: john@example.com: : Recipient address rejected: Server configuration problem
Message sending failed.

Edit 2
This is the output in /var/log/mail.log

Apr 11 05:24:17 alice postfix/smtpd[22573]: connect from mail-wr1-f42.google.com[209.85.221.42]
Apr 11 05:24:17 alice postfix/smtpd[22573]: warning: connect to private/policyd-spf: No such file or directory
Apr 11 05:24:18 alice postfix/smtpd[22573]: warning: connect to private/policyd-spf: No such file or directory
Apr 11 05:24:18 alice postfix/smtpd[22573]: warning: problem talking to server private/policyd-spf: No such file or directory
Apr 11 05:24:18 alice postfix/smtpd[22573]: NOQUEUE: reject: RCPT from mail-wr1-f42.google.com[209.85.221.42]: 451 4.3.5 <john@example.com>: Recipient address rejected: Server configuration problem; from=<jonbonsilver@gmail.com> to=<john@example.com> proto=ESMTP helo=<mail-wr1-f42.google.com>
Apr 11 05:24:19 alice postfix/smtpd[22573]: disconnect from mail-wr1-f42.google.com[209.85.221.42] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 quit=1 commands=5/7
Apr 11 05:27:39 alice postfix/anvil[22498]: statistics: max connection rate 1/60s for (smtp:185.234.217.223) at Apr 11 05:18:44
Apr 11 05:27:39 alice postfix/anvil[22498]: statistics: max connection count 1 for (smtp:185.234.217.223) at Apr 11 05:18:44
Apr 11 05:27:39 alice postfix/anvil[22498]: statistics: max cache size 2 at Apr 11 05:24:17
Apr 11 05:27:44 alice postfix/smtpd[22676]: connect from unknown[185.234.217.223]

This is my /etc/postfix/master.cf

#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (no) (never) (100)
# ==========================================================================
smtp inet n - y - - smtpd
# -o content_filter=spamassassin
#smtp inet n - y - 1 postscreen
#smtpd pass - - y - - smtpd
#dnsblog unix - - y - 0 dnsblog
#tlsproxy unix - - y - 0 tlsproxy
submission inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no -o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions -o smtpd_recipient_restrictions=permit_sasl_authenticated, reject_unauth_destination
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject -o smtpd_relay_restrictions=permit_sasl_authenticated,reject_unauth_destination
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - y - - smtpd
# -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - y - - qmqpd
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
#qmgr unix n - n 300 1 oqmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
# mailbox_transport = lmtp:inet:localhost
# virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus unix - n n - - pipe
# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix - n n - - pipe
# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}
spamassassin unix - n n - - pipe
user=spamd argv=/usr/bin/spamc -f -e
/usr/sbin/sendmail -oi -f ${sender} ${recipient}
policyd-spf unix - n n - 0 spawn user=policyd-spf argv=/usr/bin/policyd-spf

I am trying to figure what is the problem with my mail server on Google Cloud Platform.

Some background: I had a VM setup on Google Cloud Platform, box running CentoOS7, The box comes with one dedicated IP and one internal IP. «CentOS web panel» is been use to manage couple of different website. All things relating to website work perfectly except for mail delivery outside the box.

I make use of the tutorial available on this link to integrate sendgrid on the said instance.

Currently below is the content of my postfix main.cf

 # Postfix master process configuration file. For details on the format # of the file, see the Postfix master(5) manual page. # # ***** Unused items removed ***** # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd 587 inet n - - - - smtpd 2525 inet n - - - - smtpd # -o content_filter=smtp-amavis:127.0.0.1:10024 # -o receive_override_options=no_address_mappings # ## Enable SMTP on port 587 only for authenticated/TLS clients submission inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject -o smtpd_recipient_restrictions=permit_mynetworks, permit_sasl_authenticated,reject # ## Enable SMTP on port 465 only for authenticated/SSL clients smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject # pickup fifo n - n 60 1 pickup -o content_filter= -o receive_override_options=no_header_body_checks cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - n - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - n - - smtp -o fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - n - - showq error unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # pages of the non-Postfix software to find out what options it wants. # ==================================================================== maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient # # spam/virus section # smtp-amavis unix - - y - 2 smtp -o smtp_data_done_timeout=1200 -o disable_dns_lookups=yes -o smtp_send_xforward_command=yes 127.0.0.1:10025 inet n - y - - smtpd -o content_filter= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o receive_override_options=no_header_body_checks -o smtpd_helo_required=no -o smtpd_client_restrictions= -o smtpd_restriction_classes= -o disable_vrfy_command=no -o strict_rfc821_envelopes=yes # # Dovecot LDA dovecot unix - n n - - pipe flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d ${recipient} # # SPF check spfpolicy unix - n n - - spawn user=nobody argv=/usr/bin/python /usr/libexec/postfix/policyd-spf

and below is my main.cf is as below

 # uncomment for debugging if needed #soft_bounce=yes # postfix main mail_owner = postfix setgid_group = postdrop delay_warning_time = 4 # postfix paths html_directory = no command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix queue_directory = /var/spool/postfix sendmail_path = /usr/sbin/sendmail.postfix newaliases_path = /usr/bin/newaliases.postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man # network settings inet_interfaces = all inet_protocols = ipv4 mydomain = domain.com myhostname = srv1.domain.com mynetworks = 127.0.0.0/8 [::1]/128 30.0.0.0/32 mydestination = $mydomain, localhost.$mydomain, localhost relay_domains = proxy:mysql:/etc/postfix/mysql-relay_domains_maps.cf # mail delivery recipient_delimiter = + # mappings alias_maps = hash:/etc/aliases transport_maps = hash:/etc/postfix/transport #local_recipient_maps = # virtual setup virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_alias_default_maps.cf, proxy:mysql:/etc/postfix/mysq$ virtual_mailbox_base = /var/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/mysql-vi$ virtual_minimum_uid = 101 virtual_uid_maps = static:101 virtual_gid_maps = static:12 virtual_transport = dovecot dovecot_destination_recipient_limit = 1 # debugging debug_peer_level = 3 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5 # authentication smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $mydomain, srv1.domain.com broken_sasl_auth_clients = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_recipient_restrictions =permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sender_restrictions = reject_unknown_sender_domain # tls config smtp_use_tls = yes smtpd_use_tls = yes smtpd_tls_security_level = may smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache # Change mail.example.com.* to your host name smtpd_tls_key_file = /etc/pki/tls/private/hostname.key smtpd_tls_cert_file = /etc/pki/tls/certs/hostname.bundle # rules restrictions smtpd_helo_restrictions = smtpd_sender_restrictions = # uncomment for realtime black list checks # ,reject_rbl_client zen.spamhaus.org # ,reject_rbl_client bl.spamcop.net # ,reject_rbl_client dnsbl.sorbs.net smtpd_helo_required = yes unknown_local_recipient_reject_code = 550 disable_vrfy_command = yes smtpd_data_restrictions = reject_unauth_pipelining # Other options message_size_limit = 204800000 mailbox_size_limit = 2048000000 # Vacation Scripts vacation_destination_recipient_limit = 1 recipient_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_vacation.cf # smtpd_milters setting milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen} {auth_type} smtpd_milters = inet:127.0.0.1:8891 non_smtpd_milters = $smtpd_milters milter_default_action = accept milter_protocol = 6 # specify SMTP relay host default_transport = error relay_transport = error relayhost = [smtp.sendgrid.net]:2525 smtp_tls_security_level = encrypt smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd header_size_limit = 4096000 smtp_sasl_security_options = noanonymous smtp_sasl_mechanism_filter = login smtpd_banner = $myhostname

and the content of >postconf -n is as below:

 alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 3 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $proces s_id & sleep 5 default_transport = error delay_warning_time = 4 disable_vrfy_command = yes dovecot_destination_recipient_limit = 1 header_size_limit = 4096000 html_directory = no inet_interfaces = all inet_protocols = ipv4 mail_owner = postfix mailbox_size_limit = 2048000000 mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 204800000 milter_default_action = accept milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen} {auth_type} milter_protocol = 6 mydestination = $mydomain, localhost.$mydomain, localhost mydomain = domain.com myhostname = srv1.domain.com mynetworks = 127.0.0.0/8 [::1]/128 30.0.0.0/32 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix non_smtpd_milters = $smtpd_milters queue_directory = /var/spool/postfix recipient_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_vacation.cf recipient_delimiter = + relay_domains = proxy:mysql:/etc/postfix/mysql-relay_domains_maps.cf relay_transport = error relayhost = [smtp.sendgrid.net]:2525 sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_auth_enable = yes smtp_sasl_mechanism_filter = login smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_tls_security_level = encrypt smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache smtp_use_tls = yes smtpd_banner = $myhostname smtpd_data_restrictions = reject_unauth_pipelining smtpd_helo_required = yes smtpd_helo_restrictions = smtpd_milters = inet:127.0.0.1:8891 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain, srv1.domain.com smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = smtpd_tls_cert_file = /etc/pki/tls/certs/hostname.bundle smtpd_tls_key_file = /etc/pki/tls/private/hostname.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 vacation_destination_recipient_limit = 1 virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_alias_default_maps.cf, proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, regexp:/etc/postfix/virtual_regexp virtual_gid_maps = static:12 virtual_mailbox_base = /var/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/mysql-virtual_alias_pipe_maps.cf virtual_minimum_uid = 101 virtual_transport = dovecot virtual_uid_maps = static:101

and in the maillog tail -f /var/log/maillog
I got this section of error:

evidence of port 2525 openingin firewalll

2 answers

1 accepted

Suggest an answer

Still have a question?

Get fast answers from people who know.