You're welcome, the manual for the "mynetworks" configuration item is at
https://www.postfix.org/postconf.5.html#mynetworks
..and in your case it's read in / referenced by:
smtpd_recipient_restrictions =
permit_mynetworks,reject_unauth_destination
It reads from left to right.. so if it's waved through an earlier item
it doesn't reach the end rejection.. as in your case localhost isn't in
"mynetworks", it's not permitted by "permit_mynetworks" and so falls
back on "reject_unauth_destination"
Kind Regards,
Matthew
On 28/08/2025 10:14, Stefano Gatto via Postfix-users wrote:
Thank you very much Matthew, I dind't realize localhost addresses were
missing...
I cannot test it now but i will let you know if it solves it
best regards
Stefano
Il 28/08/2025 11:03, Matthew via Postfix-users ha scritto:
I can answer that one I think:
mynetworks =
172.16.1.0/24,172.16.3.0/24,172.16.0.0/24,172.16.2.0/24,10.11.1.2
You're missing any allowing of localhost (IPv4 127.0.0.1).
So add:
127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
Kind Regards,
Matthew
On 28/08/2025 09:55, Stefano Gatto via Postfix-users wrote:
Hello everyone,
I have a strange behaviour in my postfix server:
it is working as a simple smtp relay forwarding everything to an
external one with auth on port 587 with tls.
the emails coming from others machine are correctly relayed, the
ones originating from inside itself doesn't use auth and bounce back
with 554 error.
What should i configure to correct this?
Here's my main.cf:
alias_maps = lmdb:/etc/aliases
biff = no
canonical_maps = lmdb:/etc/postfix/canonical
command_directory = /usr/sbin
compatibility_level = 2
content_filter =
daemon_directory = /usr/lib/postfix/bin/
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
defer_transports =
delay_warning_time = 1h
disable_dns_lookups = no
disable_mime_output_conversion = no
disable_vrfy_command = yes
html_directory = /usr/share/doc/packages/postfix-doc/html
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_command =
mailbox_size_limit = 0
mailbox_transport =
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains =
masquerade_exceptions = root
message_size_limit = 0
message_strip_characters = \0
mydestination = $myhostname, localhost.$mydomain, localhost
myhostname = myhost.mydomain.com
mynetworks =
172.16.1.0/24,172.16.3.0/24,172.16.0.0/24,172.16.2.0/24,10.11.1.2
mynetworks_style = subnet
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/packages/postfix-doc/README_FILES
relay_clientcerts =
relay_domains = $mydestination lmdb:/etc/postfix/relay
relayhost = [x.x.x.x]:587
relocated_maps = lmdb:/etc/postfix/relocated
sample_directory = /usr/share/doc/packages/postfix-doc/samples
sender_canonical_classes = envelope_sender
sender_canonical_maps = regexp:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtp_enforce_tls = no
smtp_generic_maps = lmdb:/etc/postfix/generic
smtp_sasl_auth_enable = yes
smtp_sasl_mechanism_filter = AUTH LOGIN
smtp_sasl_password_maps = lmdb:/etc/postfix/smtp_sasl_passwd_maps
smtp_sasl_security_options =
smtp_sasl_tls_security_options =
smtp_tls_CAfile = /etc/postfix/tls/smtpd.pem
smtp_tls_CApath =
smtp_tls_cert_file = /etc/postfix/tls/smtpd.pem
smtp_tls_key_file = /etc/postfix/tls/smtpd.pem
smtp_tls_loglevel = 1
smtp_tls_security_level = encrypt
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions =
smtpd_delay_reject = yes
smtpd_helo_required = no
smtpd_helo_restrictions =
smtpd_recipient_restrictions =
permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = no
smtpd_sasl_path = smtpd
smtpd_sasl_type = cyrus
smtpd_sender_restrictions = lmdb:/etc/postfix/access
smtpd_tls_CAfile = /etc/postfix/tls/smtpd.pem
smtpd_tls_CApath =
smtpd_tls_ask_ccert = yes
smtpd_tls_cert_file = /etc/postfix/tls/smtpd.pem
smtpd_tls_exclude_ciphers = RC4
smtpd_tls_key_file = /etc/postfix/tls/smtpd.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_use_tls = yes
strict_8bitmime = no
strict_rfc821_envelopes = no
tls_random_source = dev:/dev/urandom
transport_maps = lmdb:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_maps = lmdb:/etc/postfix/virtual
1,1 Top
TYA
Stefano
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
_______________________________________________
Postfix-users mailing list [email protected]
To unsubscribe send an email [email protected]
_______________________________________________
Postfix-users mailing list [email protected]
To unsubscribe send an email [email protected]
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
