I tried to upgrade debian from 10 to 11 and the everything got messed up. Im trying to fix postfix. I can receive emails but cant send. I get the error "554 5.7.1 Relay access denied"
My postfix configuration:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
inet_interfaces = all
inet_protocols = all
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = my.host.name.com, localhost
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
recipient_delimiter = +
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtpd_relay_restrictions = permit_sasl_authenticated
allow_percent_hack = no
smtpd_sasl_authenticated_header = yes
Dovecot configuration:
# Enable installed protocols
!include_try /usr/share/dovecot/protocols.d/*.protocol
dict {
#quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
#expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}
# Most of the actual configuration gets included below. The filenames are
# first sorted by their ASCII value and parsed in that order. The 00-prefixes
# in filenames are intended to make it easier to understand the ordering.
!include conf.d/*.conf
# A config file can also tried to be included without giving an error if
# it's not found:
!include_try local.conf
auth_mechanisms = plain login
disable_plaintext_auth = no
mail_location = maildir:~/Maildir
mail_privileged_group = mail
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
driver = pam
}
protocols = " imap pop3"
ssl_cert = </etc/dovecot/private/dovecot.pem
ssl_client_ca_dir = /etc/ssl/certs
ssl_dh = </usr/share/dovecot/dh.pem
ssl_key = </etc/dovecot/private/dovecot.key
userdb {
driver = passwd
}
/var/log/mail.log
May 12 01:05:52 ns3777770 postfix/smtpd[33135]: disconnect from unknown[45.129.14.128] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
May 12 01:05:58 ns3777770 postfix/smtpd[33174]: connect from unknown[45.129.14.128]
May 12 01:06:00 ns3777770 postfix/smtpd[32936]: connect from unknown[45.129.14.173]
May 12 01:06:05 ns3777770 postfix/smtpd[33174]: warning: unknown[45.129.14.128]: SASL LOGIN authentication failed: authentication failure, [email protected]
May 12 01:06:05 ns3777770 postfix/smtpd[33174]: disconnect from unknown[45.129.14.128] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
May 12 01:06:07 ns3777770 postfix/smtpd[32936]: warning: unknown[45.129.14.173]: SASL LOGIN authentication failed: authentication failure, [email protected]
May 12 01:06:07 ns3777770 postfix/smtpd[32936]: disconnect from unknown[45.129.14.173] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
May 12 01:06:08 ns3777770 postfix/qmgr[996]: EC1FBE0428: from=<[email protected]>, size=1827, nrcpt=1 (queue active)
May 12 01:06:09 ns3777770 postfix/smtp[33224]: EC1FBE0428: host mx00.mail.com[74.208.5.20] refused to talk to me: 554-mail.com (mxgmxus010) Nemesis ESMTP Service not available 554-No SMTP service 554-Bad DNS PTR resource record. 554 For>
May 12 01:06:09 ns3777770 postfix/smtp[33224]: EC1FBE0428: to=<[email protected]>, relay=mx01.mail.com[74.208.5.22]:25, delay=258426, delays=258425/0.04/1/0, dsn=4.0.0, status=deferred (host mx01.mail.com[74.208.5.22] refused to t>
May 12 01:06:13 ns3777770 postfix/smtpd[33135]: connect from unknown[45.129.14.128]
May 12 01:06:16 ns3777770 postfix/anvil[1120]: statistics: max connection rate 5/60s for (smtp:45.129.14.128) at May 12 00:56:49
May 12 01:06:16 ns3777770 postfix/anvil[1120]: statistics: max connection count 1 for (smtp:45.129.14.128) at May 12 00:56:19
May 12 01:06:16 ns3777770 postfix/anvil[1120]: statistics: max cache size 3 at May 12 00:59:02
--------
May 13 05:50:57 ns3777770 postfix/smtpd[12345]: connect from unknown[138.135.223.27]
May 13 05:50:57 ns3777770 postfix/smtpd[12345]: NOQUEUE: reject: RCPT from unknown[138.135.223.27]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<DESKTOP7>
May 13 05:50:58 ns3777770 postfix/smtpd[45467]: lost connection after AUTH from unknown[149.41.235.50]
Im getting the 554 error in outlook, right after sending the mail, it comes back to me, we couldnt deliver your message to the following mails.. 554 relay access denied... This could be seen at May 13 logs, I put May 12 logs as well, maybe it can help... Mails with "random" are not on my server, I guess hackers are trying to login as well...
ldd /usr/sbin/postfix output:
linux-vdso.so.1 (0x00006asd0)
libpostfix-global.so => /usr/lib/postfix/libpostfix-global.so (0x00006asd4000)
libpostfix-util.so => /usr/lib/postfix/libpostfix-util.so (0x000068asda8b000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x000068asd5d000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x0000685d5asd000)
libdb-5.3.so => /usr/lib/x86_64-linux-gnu/libdb-5.3.so (0x000asdd516c9000)
libnsl.so.2 => /usr/lib/x86_64-linux-gnu/libnsl.so.2 (0x00006asde000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x000068asd6a6000)
libicuuc.so.67 => /usr/lib/x86_64-linux-gnu/libicuuc.so.67 (0x00asdd514bd000)
/lib64/ld-linux-x86-64.so.2 (0x0000685dasd00)
libtirpc.so.3 => /lib/x86_64-linux-gnu/libtirpc.so.3 (0x0000685dasd000)
libicudata.so.67 => /usr/lib/x86_64-linux-gnu/libicudata.so.67 (0x000asdf974000)
libstdc++.so.6 => /usr/lib/x86_64-linux-gnu/libstdc++.so.6 (0x000068asd000)
libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x0000685d4asd)
libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x0000685dasd00)
libgssapi_krb5.so.2 => /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2 (0x000asd5f4000)
libkrb5.so.3 => /usr/lib/x86_64-linux-gnu/libkrb5.so.3 (0x000068asd000)
libk5crypto.so.3 => /usr/lib/x86_64-linux-gnu/libk5crypto.so.3 (0x00006asd4ea000)
libcom_err.so.2 => /lib/x86_64-linux-gnu/libcom_err.so.2 (0x000068asde4000)
libkrb5support.so.0 => /usr/lib/x86_64-linux-gnu/libkrb5support.so.0 (0xasdf4d3000)
libkeyutils.so.1 => /lib/x86_64-linux-gnu/libkeyutils.so.1 (0x00006asdc000)
libresolv.so.2 => /lib/x86_64-linux-gnu/libresolv.so.2 (0x0000685asd2000)
I dont see any sasl on the output does this mean postfix is running without sasl?
EHLO output from telnet to port 25:
EHLO mydomain.com
250-ns3132324.ip-34-45-43.eu
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING
I appreciate any help!