Am 27.07.2012 12:48, schrieb Mikael Bak: > Hi Dominique, > > > On 07/27/2012 11:37 AM, Dominique wrote: >>>> >>>> However when trying to connect through a phone app (Android/email app), >>>> there is no way to send a mail. It gets rejected all the time. >>>> >>>> Jul 27 10:25:03 www postfix/smtpd[10868]: connect from 230.Red-176-83- >>>> 90.dynamicIP.rima-tde.net[176.83.90.230] >>>> Jul 27 10:25:04 www postfix/smtpd[10868]: NOQUEUE: reject: RCPT from >>>> 230.Red-176-83-90.dynamicIP.rima-tde.net[176.83.90.230]: 554 5.7.1 >>>> <230.Red-176-83-90.dynamicIP.rima-tde.net[176.83.90.230]>: Client host >>>> rejected: Access denied; from=<hraboga...@hrabogados.com> >>>> to=<dco...@gmail.com> proto=ESMTP helo=<[10.27.232.189]> Jul 27 >>>> 10:25:05 www postfix/smtpd[10868]: lost connection after RCPT from >>>> 230.Red-176-83-90.dynamicIP.rima-tde.net[176.83.90.230] >>>> Jul 27 10:25:05 www postfix/smtpd[10868]: disconnect from >>>> 230.Red-176-83- >>>> 90.dynamicIP.rima-tde.net[176.83.90.230] >>>> >> >> Here is the output of postconf -n. > [snip] >> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128, 192.168.1.0/24 > [snip] >> smtpd_client_restrictions = permit_mynetworks, >> check_client_access hash:/etc/postfix/access > [snip] >> smtpd_recipient_restrictions = permit_sasl_authenticated, >> permit_mynetworks, reject_unauth_destination, >> reject_invalid_hostname, reject_non_fqdn_hostname, >> reject_non_fqdn_sender, reject_non_fqdn_recipient, >> reject_unknown_sender_domain, >> reject_unknown_recipient_domain, reject_unauth_pipelining >> reject_rbl_client bl.spamcop.net, reject_rbl_client >> zen.spamhaus.org, reject_rbl_client >> blackholes.easynet.nl, reject_rbl_client dnsbl.njabl.org, >> reject_rbl_client dul.dnsbl.sorbs.net, check_policy_service > [snip] > > The phone is connecting from outside mynetworks. It threrefore gets > rejected. You should probably add "permit_sasl_authenticated" to > "smtpd_client_restrictions" to fix this.
jep this is a must have , i missed that entry for short looking, permit_sasl_authenticated should be included right at the beginnig at every restrictions ( here client ) to accept cons outside mynetworks > > HTH, > Mikael > -- Best Regards MfG Robert Schetterer
