[BlueOnyx:26379] Re: The Postfix learning curve continues

[Chad Bersche]

Hi Michael.

I'd tried setting the relay configuration previously, and it seems to 
not be honored for some reason.  I went with the widest scope of my 
network to start with, and also explicitly listed hostnames and IP 
address of a specific system.  I set the following via the GUI, which 
set /etc/postfix/access to show:

# cat access
photos.bersche.com RELAY
172.18.170.206  RELAY
172.18  RELAY
bersche.com     RELAY

After this, I connected via telnet from a server to Blueonyx port 25:

$ telnet mail.bersche.com 25
Trying 172.18.170.213...
Connected to mail.bersche.com.
Escape character is '^]'.
220 mail ESMTP Postfix
ehlo photos.bersche.com
250-mail
250-PIPELINING
250-SIZE 102400000
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING
mail from: <notifications at bersche.com>
250 2.1.0 Ok
rcpt to: <chad at bersche.com>
250 2.1.5 Ok
rcpt to: <emailstatus at domain.com>
554 5.7.1 <emailstatus at domain.com>: Relay access denied


When I try the same by connecting from my BlueOnyx server itself:

# telnet mail.bersche.com 25
Trying 172.18.170.212...
Connected to mail.bersche.com.
Escape character is '^]'.
220 mail ESMTP Postfix
ehlo mail.bersche.com
250-mail
250-PIPELINING
250-SIZE 102400000
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING
mail from: <notifications at bersche.com>
250 2.1.0 Ok
rcpt to: <chad at bersche.com>
250 2.1.5 Ok
rcpt to: <emailstatus at domain.com>
250 2.1.5 Ok


I looked into the Postfix configuration, which seems to list the hashed 
access file:

# postconf -p | grep -i access
access_map_defer_code = 450
access_map_reject_code = 554
parent_domain_matches_subdomains = 
debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps
postscreen_access_list = permit_mynetworks
smtpd_log_access_permit_actions =
smtpd_null_access_lookup_key = <>
smtpd_recipient_restrictions = check_sender_access 
hash:/etc/postfix/suspended_vsites, check_recipient_access 
hash:/etc/postfix/suspended_vsites, check_sender_access 
hash:/etc/postfix/suspended_users, check_recipient_access 
hash:/etc/postfix/suspended_users, 
permit_sasl_authenticated,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_sender_domain,reject_unknown_recipient_domain,permit_mynetworks,reject_unauth_destination,reject_unauth_pipelining,reject_invalid_hostname,reject_non_fqdn_hostname,check_sender_access 
hash:/etc/postfix/access,permit
smtpd_sender_restrictions = permit_mynetworks, 
reject_unknown_sender_domain, check_sender_access hash:/etc/postfix/access


Should I start playing around with mynetworks entries next?  I feel like 
I'm just missing something obvious here....