Hallo liebe Liste, ich habe ein Konfigurationsproblem mit dem postfix-Server. Ich kann zwar von Clients, die sich authentifizieren (SMTPAUTH) Mails versenden, nicht aber vom Webmail-Client, auch die mit fetchmail abgeholten Mails werden zurückgewiesen. Fehler: "relay access denied". Für mich sieht es so aus, als würde postfix generell keine Mails ohne Authentifizierung akzeptieren, auch nicht von localhost. Ich weiss allerdings nicht, was ich ändern muss. Die Fehlermeldung des Webmail-Clients: Your message could not be sent! The mail server returned: Array ( [code] => 554 [msg] => : Relay access denied [desc] => [server_chat] => c->s: fsockopen(localhost,25,0,,5) ; returned: Resource id #32 s->c: 220 admin.oes.gympeg.de ESMTP Postfix c->s: EHLO schulserver.oes.gympeg.de s->c: 250-admin.oes.gympeg.de s->c: 250-PIPELINING s->c: 250-SIZE 30000000 s->c: 250-VRFY s->c: 250-ETRN s->c: 250-XVERP s->c: 250 8BITMIME c->s: MAIL FROM:<steier@oes.gympeg.de> s->c: 250 Ok c->s: RCPT TO:<csteier@its-steier.de> s->c: 554 <csteier@its-steier.de>: Relay access denied ) Meine Postfix-Konfiguration: sendmail_path= /usr/sbin/sendmail # newaliases_path: The full pathname of the Postfix newaliases command. # This is the Sendmail-compatible command to build alias databases. # newaliases_path= /usr/sbin/sendmail # mailq_path: The full pathname of the Postfix mailq command. This # is the Sendmail-compatible mail queue listing command. # mailq_path= /usr/bin/mailq # setgid_group: The group for mail submission and queue management # commands. This must be a group name with a numerical group ID that # is not shared with other accounts, not even with the Postfix account. # setgid_group= maildrop # manpage_directory: The location of the Postfix on-line manual pages. # manpage_directory= /usr/share/man # sample_directory: The location of the Postfix sample configuration files. # sample_directory= /usr/share/doc/packages/postfix/samples # readme_directory: The location of the Postfix README files. # readme_directory= /usr/share/doc/packages/postfix/README_FILES mail_spool_directory= /var/mail canonical_maps= hash:/etc/postfix/canonical virtual_maps= ldap:ldapvuser,hash:/etc/postfix/virtual relocated_maps= hash:/etc/postfix/relocated transport_maps= hash:/etc/postfix/transport sender_canonical_maps= hash:/etc/postfix/sender_canonical masquerade_exceptions= root masquerade_classes= envelope_sender, header_sender, header_recipient myhostname= admin.oes.gympeg.de inet_interfaces= mailserver, localhost masquerade_domains= $mydomain mydestination= myhostname, localhost.$mydomain, ldap:ldapvdom defer_transports= disable_dns_lookups= no relayhost= ssl.its-steier.de content_filter= mailbox_command= mailbox_transport= lmtp:unix:public/lmtp smtpd_sender_restrictions= hash:/etc/postfix/access smtpd_client_restrictions= permit_sasl_authenticated smtpd_helo_required= no smtpd_helo_restrictions= strict_rfc821_envelopes= no smtpd_recipient_restrictions= check_sender_access ldap:ldaprestricted,permit_tls_clientcerts,permit_sasl_authenticated,reject_ unauth_destination, reject alias_maps= hash:/etc/aliases,hash:/etc/aliases.d/slss,ldap:ldapaliases alias_database= hash:/etc/aliases,hash:/etc/aliases.d/slss local_destination_concurrency_limit= 10 mailbox_size_limit= 0 message_size_limit= 30000000 mynetwork= 127.0.0.0/8, 192.168.0.0/255.255.0.0 myorigin= $mydomain recipient_delimiter= + # relay_clientcerts= ldap:ldaprelcert smtpd_tls_ask_ccert= yes smtpd_tls_received_header= yes tls_daemon_random_source= dev:/dev/urandom tls_random_source= dev:/dev/urandom # alias database for SuSE Linux Openschool Server ldapaliases_server_host= ldap ldapaliases_server_port= 389 ldapaliases_bind= no ldapaliases_timeout= 20 ldapaliases_search_base= dc=oes,dc=gympeg,dc=de ldapaliases_query_filter= (|(alias=%s)(&(fn=%s)(objectclass=SuSEIMAPFolderObject))) ldapaliases_result_attribute= uid,mailDeliveryProgram,deliverToUID ldapaliases_scope= one # virtual user database for SuSE Linux Openschool Server ldapvuser_server_host= ldap ldapvuser_server_port= 389 ldapvuser_bind= no ldapvuser_timeout= 20 ldapvuser_search_base= dc=oes,dc=gympeg,dc=de ldapvuser_query_filter= (|(&(objectclass=SuSEVirtUserObject)(vaddress=%s))(&(objectclass=dNSZone)(re lativeDomainName=@)(zoneName=%s)(MTALocaldomain=%s))) ldapvuser_result_attribute= uid,MTALocaldomain ldapvuser_scope= sub # this is used for client certificate based relaying ldaprelcert_server_host= ldap ldaprelcert_server_port= 389 ldaprelcert_bind= no ldaprelcert_timeout= 20 ldaprelcert_search_base= dc=oes,dc=gympeg,dc=de ldaprelcert_query_filter= (relayClientcert=%s) ldaprelcert_result_attribute= uid ldaprelcert_scope= one # this is used for mail transport maps ldaptransport_server_host= localhost ldaptransport_server_port= 389 ldaptransport_bind= no ldaptransport_timeout= 20 ldaptransport_search_base= ou=MailTransports,dc=oes,dc=gympeg,dc=de ldaptransport_query_filter= (&(objectclass=SuSEMailTransportObject)(smtpDomain=%s)) ldaptransport_result_attribute= smtpDomainTransportNexthop ldaptransport_scope= one # this is used for mydestination map ldapvdom_server_host= localhost ldapvdom_server_port= 389 ldapvdom_bind= no ldapvdom_timeout= 20 ldapvdom_search_base= o=DNS,dc=oes,dc=gympeg,dc=de ldapvdom_query_filter= (&(objectclass=dNSZone)(relativeDomainName=@)(zoneName=%s)(MTALocaldomain=tr ue)) ldapvdom_result_attribute= zoneName ldapvdom_scope= sub # Restriction for Students ldaprestricted_server_host= ldap ldaprestricted_server_port= 389 ldaprestricted_bind= no ldaprestricted_timeout= 20 ldaprestricted_search_base= dc=oes,dc=gympeg,dc=de ldaprestricted_query_filter= (mail=%s) ldaprestricted_result_attribute= mailenabled ldaprestricted_scope= one smtpd_restriction_classes= local_only local_only= check_recipient_access hash:/etc/postfix/local_domains, ldap:vdom, reject smtp_sasl_security_options= noanonymous # smtpd_tls_CAfile= /etc/ssl/CA/usedCA.pem # smtpd_use_tls= yes # smtpd_tls_cert_file= /etc/ssl/certs/cert.pem smtp_sasl_password_maps= hash:/etc/postfix/saslpasswd smtpd_sasl_security_options= noanonymous # smtpd_tls_key_file= /etc/ssl/certs/skey.pem smtp_sasl_auth_enable= yes smtpd_sasl_auth_enable= yes Im Voraus vielen Dank! Viele Grüße, Christian Steier