On April 2011, at 3:11 PM, Noel Jones wrote: > On 4/30/2011 4:26 PM, Des Dougan wrote: >> Hi, >> >> I'm fairly new to postfix and have recently set up an instance on a site >> with a newly-allocated static IP address. Mail was generally flowing in and >> out after I configured the postfix and dovecot; however, some messages were >> not being sent, showing "Client host rejected: Access denied" messages in >> the logs. >> >> As I analyzed this, it seemed to be caused by the static IP not having a >> good reputation with some sites' RBL policies. I therefore set the system up >> to relay via the ISP's mail servers, which is working OK. That said, I'm >> still seeing sending attempts (in /var/log/maillog) by what appear to be >> previous messages that didn't go out. These are not going via the relay; >> neither, though, do they show in the mail queue (via "postqueue -p"). >> >> Is there a way to re-inject these messages via the updated configuration so >> that they go out via the ISP as new messages are doing? I've done a fair bit >> of Googling but can't see how this might be achieved. >> >> Thanks, >> >> Des > > > To requeue mail, use "postsuper -r QUEUEID" or "postsuper -r ALL" > http://www.postfix.org/postsuper.1.html > > but if the mail doesn't show up in "postqueue -p" then the mail isn't in > postfix. Maybe you still have sendmail installed? > > If you need more help, please provide more evidence. > http://www.postfix.org/DEBUG_README.html#mail > > > > -- Noel Jones
Noel, Thanks for your reply. From this log example, it does seem to be a postfix-related message (and there are no sendmail daemons active): Apr 30 15:14:55 enterprise postfix/smtpd[29644]: NOQUEUE: reject: RCPT from AAA-AA-AAA.AAAAAAAA.AAAAA.AAA[DDD.DDD.DDD.DDD]: 554 5.7.1 <AAA-AA-AAA.AAAAAAAA.AAAAA.AAA[DDD.DDD.DDD.DDD]>: Client host rejected: Access denied; from=<a...@aaaa.ca> to=<aaaaa...@aaaaa.com> proto=ESMTP helo=<[DD.DDD.DDD.DDD]> I notice that the above is from a remote location. The client settings have been configured to authenticate (or were, at any rate). If they had been reset, is this the message that would show in authentication was not in place? postconf -n is as follows: [root@enterprise ~]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 home_mailbox = Maildir/ html_directory = no inet_interfaces = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mynetworks = 127.0.0.0/8 newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES relayhost = [AAAA.AAAAA.net] sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_tls_security_level = may smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/pki/tls/certs/mail.iprc.ca.cert smtpd_tls_key_file = /etc/pki/tls/private/mail.iprc.ca.key smtpd_tls_security_level = may tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 Regards, Des -- Des Dougan Principal Dougan Consulting Group Inc. http://www.DouganConsulting.tel <-- Get all my contact information here. http://www.DouganConsulting.com Peace of Mind, One Computer at a Time. --- Imagine anyone on the planet being able to find and then contact you with a single click. YourName.tel is all you will give anyone ever again. Want in? http://registertel.tel/
