My setup is relatively simple: I have an Astaro firewall, with an smtp relay host and behind there is a Gentoo postfix mailserver. I have been using Astaro version 4 up till now, but recently I tried to upgrade it to Astaro 7.001 but I can't get the smtp relay host work properly.
I get an the following error when I try to email to my domain:
When I switch back to my old firewall the issue is resolved again. So there is a problem with the firewall. All other services on the firewall work fine so the issue is really with the SMTP relay host."myi.pad.dre.ss" does not like recipient.
Remote host said: 550 Relay not permitted
Giving up on "myi.pad.dre.ss"
Anyone any suggestion what could be wrong?
Here is the full error report when I send an email via Yahoo to mydomain:
Hi. This is the qmail-send program at yahoo.com.
I'm afraid I wasn't able to deliver your message to the following
addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<myname@mydomain.com>:
ip***.yyy.zzz.kkk does not like recipient.
Remote host said: 550 Relay not permitted
Giving up on ip***.yyy.zzz.kkk.
--- Below this line is a copy of the message.
Return-Path: <myaccount@yahoo.com>
Received: (qmail 99992 invoked by uid 60001); 1 Mar 2007 23:06:14 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.com;
h=X-YMail-OSG:Receivedate:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID;
b=5vkH7Z7iJy3J+dAO+edeY3RQZetLkLvkvPlOmzv8ftNT1qLd pk/JXUheMOCUvZ8X3oHFvdjnB9FdY8DRKfyVJtXi5JBjM9fwp1C64 hG2L+g/9RVRko9I1QMdIbna/krnLrK2Zh83L4KGQ9lvahbmvms+qU9oz5vJ1U9FWOPoamo=;
X-YMail-OSG:
qlELn1YVM1lGmfKUM7usIkMwhVW5.pAqB2U3AcguVcOa1ImoSC NPmCu4ujHl5_cMf.2yeflI49h_uQWkrZJv4DVQGIHB2P01EBiK ht4jHCJEPKHJeLNtrAi4tzxQ76_eUmamf4MV2in2o7o-
Received: from [ip***.yyy.zzz.kkk] by web53701.mail.yahoo.com via HTTP; Thu,
01 Mar 2007 23:06:13 GMT
Date: Thu, 1 Mar 2007 23:06:13 +0000 (GMT)
From: myaccount <myaccount@yahoo.com>
Subject: test
To: myname@mydomain.com
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Message-ID: <139660.99452.qm@web53701.mail.yahoo.com>
Solution
The MX record of mydomain.com was pointing at the public IP address of the firewall
Firewall has an internal DNS proxy and SMTP proxy based on Exim.
Exim could not resolve the address of the internal mail server without a static DNS entry in de DNS proxy of the firewall.
So by adding the static route to the internal email server (192.168.0.xxx) everything works fine.
The logfiles of Exim do show to relevant error messages:
routing defer (-51): retry time not reached
lowest numbered MX record points to local host