Hello,
I am using Virtualmin version 6.02-3 on Ubuntu Linux 16.04.2. I have a problem on postfix mail server when I tried to receive an email from my gmail account on the mail server. My gmail show this reply:
Message not delivered
Your message couldn't be delivered to user@domain because the remote server is misconfigured. See technical details below for more information.
The response from the remote server was:
554 5.7.1 <user@domain>: Relay access denied
Final-Recipient: rfc822; user@domain
Action: failed
Status: 5.7.1
Remote-MTA: dns; mx2.bgdns.net. (193.xxx.xxx.xxx, the server for the domain pethome.bg.)
Diagnostic-Code: smtp; 554 5.7.1 <user@domain>: Relay access denied
Last-Attempt-Date: Fri, 11 May 2018 01:11:56 -0700 (PDT)
Here is the log in /var/log/mail.log:
May 11 05:32:02 server postfix/smtpd[22782]: disconnect from unknown[185.xxx.xxx.xxx] ehlo=1 auth=0/1 commands=1/2
May 11 05:33:04 server postfix/smtpd[22782]: connect from unknown[181.xxx.xxx.xxx]
May 11 05:33:06 server postfix/smtpd[22782]: warning: unknown[181.xxx.xxx.xxx]: SASL LOGIN authentication failed: authentication failure
May 11 05:33:06 server postfix/smtpd[22782]: disconnect from unknown[181.xxx.xxx.xxx] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
May 11 05:36:17 server postfix/smtpd[22997]: connect from unknown[5.xxx.xxx.xxx]
May 11 05:36:19 server postfix/smtpd[22997]: warning: unknown[5.xxx.xxx.xxx]: SASL LOGIN authentication failed: authentication failure
May 11 05:36:19 server postfix/smtpd[22997]: disconnect from unknown[5.xxx.xxx.xxx] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
May 11 05:36:58 server postfix[23059]: Postfix is running with backwards-compatible default settings
May 11 05:36:58 server postfix[23059]: See http://www.postfix.org/COMPATIBILITY_README.html for details
May 11 05:36:58 server postfix[23059]: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload"
May 11 05:36:59 server postfix/postfix-script[23115]: warning: group or other writable: /usr/lib/postfix/./libpostfix-util.so.1
May 11 05:36:59 server postfix/postfix-script[23116]: warning: group or other writable: /usr/lib/postfix/./libpostfix-dns.so.1
May 11 05:36:59 server postfix/postfix-script[23117]: warning: group or other writable: /usr/lib/postfix/./libpostfix-tls.so.1
May 11 05:36:59 server postfix/postfix-script[23118]: warning: group or other writable: /usr/lib/postfix/./libpostfix-master.so.1
May 11 05:36:59 server postfix/postfix-script[23119]: warning: group or other writable: /usr/lib/postfix/./sbin/lmtp
May 11 05:36:59 server postfix/postfix-script[23120]: warning: group or other writable: /usr/lib/postfix/./libpostfix-global.so.1
May 11 05:36:59 server postfix/postfix-script[23121]: warning: group or other writable: /usr/lib/postfix/sbin/./lmtp
May 11 05:36:59 server postfix/smtpd[22997]: connect from unknown[181.xxx.xxx.xxx]
May 11 05:37:01 server postfix/smtpd[22997]: warning: unknown[181.xxx.xxx.xxx]: SASL LOGIN authentication failed: authentication failure
May 11 05:37:01 server postfix/smtpd[22997]: disconnect from unknown[181.xxx.xxx.xxx] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Here are some more info:
root@server:~# ps auxw | grep saslauth
root 307 0.0 0.1 100336 1636 ? Ss Mar13 0:30 /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 2
root 308 0.0 0.1 100336 1644 ? S Mar13 0:35 /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 2
root 24657 0.0 0.0 11228 1024 pts/0 S+ 05:53 0:00 grep --color=auto saslauth
root@server:~# ls -la /var/spool/postfix/var/run/saslauthd
total 976
drwx--x--- 2 root sasl 4096 Mar 13 05:29 .
drwxr-xr-x 3 root root 4096 Mar 13 03:46 ..
-rw------- 1 root root 0 Mar 13 05:29 cache.flock
-rw------- 1 root root 986112 May 11 05:53 cache.mmap
srwxrwxrwx 1 root root 0 Mar 13 05:29 mux
-rw------- 1 root root 0 Mar 13 05:29 mux.accept
-rw------- 1 root root 4 Mar 13 05:29 saslauthd.pid
Here is /etc/postfix/main.cf:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = localhost.localdomain
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, localhost.$mydomain, $mydomain
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
recipient_delimiter = +
inet_protocols = all
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtp_tls_security_level = may
allow_percent_hack = no
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
mynetworks_style = subnet
myorigin = $mydomain
How to fix this problem? Is there any more info needed?
SASL failed is probably random bots trying to guess passwords. And probably not related to your issue.
Its shows your server tried relaying the mail. It shouldn't relay at all. Issue is why did it try to relay. Your mail server will only receive mail for users@domain.com. If postfix on domain.com receives a mail from users@notmydomain.com, it wont relay it to notmydomain.com.
So, mail or DNS is not configured right, or you're sending mail to a domain thats not on that mail server.
ping domain.com and all mail related dns names to be sure they're pointing to right IPs.