[Cialug] Postfix relay_domains

Zachary Kotlarek zach at kotlarek.com
Fri Feb 22 13:20:30 CST 2013


On Feb 22, 2013, at 9:11 AM, L. V. Lammert <lvl at omnitec.net> wrote:

> Setting up a new smarthost, .. it is working properly, however it is not
> relay to any outside domains - "550 No such domain at this location".
> 
> There is no value set for relay_domains, and all of the docs seem to
> indicate that without a value, no filtering occurs.
> 
> In the past, configuring a relayhost forwarded all domains, but not this
> time. Is the something simple I missed?



Without a value for relay_domains only mail for the local domains (specifically $mydestination) is accepted. Which I think is what you're describing. If you are only intended to accept mail bound for particular destination domains, you can use relay_domains to allow such forwarding, though that's not the common usage. relay_domains is intended primarily to allow authoritative listing of backup-MX domains (rather than relying on DNS, which is not under your control).

relayhost acts independently; all non-local mail is forwarded through $relayhost instead of doing the normal MX/A lookups (but can still be overridden with specific transport records). The setting of relayhost does not influence whether or not mail for external domains is accepted; it only affects how mail is delivered after acceptance.

On what basis are you expecting mail to be accepted? Typical smtpd_client_restrictions to allow relaying include:
	permit_sasl_authenticated
	permit_tls_all_clientcerts
	permit_mynetworks
which allow relaying of mail from password or certificate authenticated clients, or from the networks listed in $mynetworks respectively. So to allow locally-generated mail to be forwarded without authentication you'd use something like:
	mynetworks = 127.0.0.0/8 [::1]/128
	smtpd_recipient_restrictions = permit_mynetworks…

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2746 bytes
Desc: not available
URL: <http://cialug.org/pipermail/cialug/attachments/20130222/adc1ec8d/attachment.bin>


More information about the Cialug mailing list