554 5.7.1 Client host rejected: Access denied
554 5.7.1 Client host rejected: Access denied
I am trying to send an email from unauthenticated host because this software does not support it. I am getting Client host rejected messages. I've added public IP of this machine to "mynetworks", but based on default settings in main.cf, it is first looking at permit_sasl_authenticated line before it reaches permit_mynetworks.
smtpd_relay_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
I've tried postconf -e and zmlocalconfig -e to change postfix settings, however they're not sticking after postfix reload. I looked, but for some reason could not find zimbra command to change smtpd_relay_restrictions order (given that's even the problem).
Thanks again, and I hate to bother for stuff like that.
smtpd_relay_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
I've tried postconf -e and zmlocalconfig -e to change postfix settings, however they're not sticking after postfix reload. I looked, but for some reason could not find zimbra command to change smtpd_relay_restrictions order (given that's even the problem).
Thanks again, and I hate to bother for stuff like that.
- DualBoot
- Elite member
- Posts: 1326
- Joined: Mon Apr 18, 2016 8:18 pm
- Location: France - Earth
- ZCS/ZD Version: ZCS FLOSS - 8.8.15 Mutli servers
- Contact:
Re: 554 5.7.1 Client host rejected: Access denied
Hello,
you can add your IP into zimbraMtaMyNetworks, be careful with it if your host use source NAT.
Regards,
you can add your IP into zimbraMtaMyNetworks, be careful with it if your host use source NAT.
Regards,
Re: 554 5.7.1 Client host rejected: Access denied
Hi,
I already have it in this format WW.XX.YY.ZZ/32
That's what makes me think it's looking at other restrictions first and then rejecting it before allowing it in "mynetworks"
I already have it in this format WW.XX.YY.ZZ/32
That's what makes me think it's looking at other restrictions first and then rejecting it before allowing it in "mynetworks"
- DualBoot
- Elite member
- Posts: 1326
- Joined: Mon Apr 18, 2016 8:18 pm
- Location: France - Earth
- ZCS/ZD Version: ZCS FLOSS - 8.8.15 Mutli servers
- Contact:
Re: 554 5.7.1 Client host rejected: Access denied
I should ask you if you have investigate into the log.
Maybe you can make telnet session from your server to the target MTA on port 25.
Maybe you can make telnet session from your server to the target MTA on port 25.
Re: 554 5.7.1 Client host rejected: Access denied
25 no, but 587 worked. That's what I am using with my IRST software.
- DualBoot
- Elite member
- Posts: 1326
- Joined: Mon Apr 18, 2016 8:18 pm
- Location: France - Earth
- ZCS/ZD Version: ZCS FLOSS - 8.8.15 Mutli servers
- Contact:
Re: 554 5.7.1 Client host rejected: Access denied
Maybe you can change the behaviour in master.cf.in by adding permit_mynetworks in the first bold line or the second one :
ubmission inet n - n - - smtpd
%%uncomment SERVICE:opendkim%% -o content_filter=scan:[%%zimbraLocalBindAddress%%]:10030
-o smtpd_etrn_restrictions=reject
-o smtpd_sasl_auth_enable=%%zimbraMtaSaslAuthEnable%%
-o smtpd_tls_security_level=%%zimbraMtaTlsSecurityLevel%%
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_data_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_recipient_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o syslog_name=postfix/submission
-o milter_macro_daemon_name=ORIGINATING
%%uncomment LOCAL:postjournal_enabled%% -o smtpd_proxy_filter=[%%zimbraLocalBindAddress%%]:10027
%%uncomment LOCAL:postjournal_enabled%% -o smtpd_proxy_options=speed_adjust
ubmission inet n - n - - smtpd
%%uncomment SERVICE:opendkim%% -o content_filter=scan:[%%zimbraLocalBindAddress%%]:10030
-o smtpd_etrn_restrictions=reject
-o smtpd_sasl_auth_enable=%%zimbraMtaSaslAuthEnable%%
-o smtpd_tls_security_level=%%zimbraMtaTlsSecurityLevel%%
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_data_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_recipient_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o syslog_name=postfix/submission
-o milter_macro_daemon_name=ORIGINATING
%%uncomment LOCAL:postjournal_enabled%% -o smtpd_proxy_filter=[%%zimbraLocalBindAddress%%]:10027
%%uncomment LOCAL:postjournal_enabled%% -o smtpd_proxy_options=speed_adjust
Re: 554 5.7.1 Client host rejected: Access denied
I edited master.cf using text editor , but after zmcontrol restart, all my changes go away.
- DualBoot
- Elite member
- Posts: 1326
- Joined: Mon Apr 18, 2016 8:18 pm
- Location: France - Earth
- ZCS/ZD Version: ZCS FLOSS - 8.8.15 Mutli servers
- Contact:
Re: 554 5.7.1 Client host rejected: Access denied
you need to modify master.cf.in , the file with "in" extension.
Re: 554 5.7.1 Client host rejected: Access denied
Hi,
Ok, this worked. Thank you.
Had to make changes to both
smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
Ok, this worked. Thank you.
Had to make changes to both
smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
Re: 554 5.7.1 Client host rejected: Access denied
evaldas wrote:Hi,
Ok, this worked. Thank you.
Had to make changes to both
smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
May I know the specific changes you've done? also encountering same error