Join Log in
Score:0
Tsetsi avatar Server

Postfix: Can't send mails from another network

uy flag
Tsetsi

I recently set a postfix (+dovecot) mail server (on a VPS) and when I am in my own home network, which I put in mynetworks, I can both send and receive mails.

However when I am outside home I can only receive emails, which is not a behaviour I expect, as I probably need to send emails then. Here you have my settings, if you can help me out:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2

#Mail filter

#milter_default_action = accept
#milter_protocol = 6
#smtpd_milters = unix:/var/run/clamav/clamav-milter
#non_smtpd_milters = unix:/var/run/clamav/clamav-milter

# TLS parameters
smtpd_tls_cert_file=/etc/letsencrypt/live/mail.myserver.dev/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/mail.myserver.dev/privkey.pem
smtpd_tls_security_level=encrypt
smtpd_use_tls = yes
smtpd_tls_auth_only = yes

smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level=encrypt
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_relay_restrictions = permit_sasl_authenticated, reject_unauth_destination
smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_unauth_destination

mydomain = myserver.dev
myhostname = $mydomain
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost.localdomain localhost
relayhost = 
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 123.456.789.159/32
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all

virtual_mailbox_domains = myserver.dev
virtual_mailbox_maps = hash:/etc/postfix/vmailbox
virtual_mailbox_base = /var/vmail

virtual_uid_maps = hash:/etc/postfix/virtual_uid
virtual_gid_maps = hash:/etc/postfix/virtual_gid

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth

smtpd_client_connection_count_limit = 10
smtpd_client_connection_rate_limit = 30
smtpd_error_sleep_time = 1s
smtpd_soft_error_limit = 10
smtpd_hard_error_limit = 20

Here you have the master.cf as well

smtp      inet  n       -       y       -       -       smtpd
#smtp      inet  n       -       y       -       1       postscreen
#smtpd     pass  -       -       y       -       -       smtpd
#dnsblog   unix  -       -       y       -       0       dnsblog
#tlsproxy  unix  -       -       y       -       0       tlsproxy
submission inet n - n - - smtpd
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_sasl_type=dovecot
  -o smtpd_sasl_path=private/auth
  -o smtpd_sasl_security_options=noanonymous
  -o smtpd_sasl_local_domain=$myhostname
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o smtpd_sender_login_maps=hash:/etc/postfix/virtual
  -o smtpd_sender_restrictions=reject_sender_login_mismatch
  -o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject
#submission inet n       -       y       -       -       smtpd

I don't really know what setting I changed but I get a different error now. The first one I got before was:

May 26 11:57:36 vmi1240278 postfix/smtpd[1164363]: connect from unknown[XX.XXX.XX.XX]
May 26 11:57:37 vmi1240278 postfix/smtpd[1164363]: NOQUEUE: reject: RCPT from unknown[XX.XXX.XX.XX]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<smtpclient.apple>
May 26 11:57:37 vmi1240278 postfix/smtpd[1164363]: disconnect from unknown[XX.XXX.XX.XX] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6

Now I get:

May 26 16:28:33 vmi1240278 postfix/smtpd[1177893]: connect from unknown[XX.XXX.XX.XX]
May 26 16:28:33 vmi1240278 postfix/smtpd[1177893]: NOQUEUE: reject: RCPT from unknown[XX.XXX.XX.XX]: 554 5.7.1 <unknown[XX.XXX.XX.XX]>: Client host rejected: Access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<smtpclient.apple>
May 26 16:28:33 vmi1240278 postfix/smtpd[1177893]: disconnect from unknown[XX.XXX.XX.XX] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6

Additional info that might be useful is that when I use the Connection Inspector in the mail app I get for SMTP (translated): Connected, didn't need to authenticate And for IMAP I get (translated): Connected and authenticated

For Gmail I get the same as for my server's IMAP for both SMTP and IMAP.

Thanks.

76
1 + 2
anx avatar
fr flag
anx
What is "didn't need to authenticate" even supposed to mean? Try a client that gives reasonable error messages to verify your server side work, its probably easier to diagnose the rest once that is established.
0
Reply
Tsetsi avatar
uy flag
Tsetsi
It's funny, I didn't even think about trying a different client since the apple mail has always worked well for me. With thunderbird I could send it without a problem. So now the problem is more related to apple mail...
0
Reply
Score:1
Tsetsi avatar Server
uy flag
Tsetsi

Alright it might sound dumb.

The problem is related to Apple Mail managing automatically the SMTP connection, I unchecked it and put the authentication option from "None" to "Password". Fixed.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.