Relay access denied

[bionor]

I'm dumb and after contracting COVID I'm having brain fog on top of that so please be patient with me.

I can send mail from mail@mail.domain.com to mail@mail.domain.com, but get relay access denied when trying to send mail to other domains.

My best guess is that there is something wrong with the DNS records, even though I checked it with that link you provide and it reported everything is fine.

I have Office 365 mail via domain.com and trying to setup my own server at mail.domain.com. Perhaps this is creating some complexity I have to manage.

Another complication is that the DNS server for domain.com is transferred to noip.com because I have multiple sub-domains with dynamic IPs, so I believe this means the DNS server for the domain is not authoritative. This could very well be the issue for all I know.

The interface at noip.com is also not the best and doesn't really conform to norms, such that it makes it a bit harder.

[dklymenk]

I ran into the same issue while setting up a new client for an account on my existing mail server today.

Double check your SMTP settings on the client and make sure that authentication credentials are sent to your SMTP server.

I my case ticking a checkbox in evolution email client that says "Server requires authentication" did the job.

[bionor]

Hmm... Perhaps there is something wrong with the SMTP. I tried manually entering the various authentication methods in Thunderbird instead of leaving the field blank and they all failed. Only when I entered "no authentication" did it produce the "relay access denied" message. I'm pretty darn sure there is supposed to be some type of user/pass authentication on it. I just don't know enough to troubleshoot it.

[bionor]

I previously had some issues with the SSL certificate and had to manually put in the location in the configs (two of them). Now I'm thinking the issue might be with that, that the authentication isn't working properly due to a certificate error and that it then defaults to "no auth" which produces the error.

[dklymenk]

If you don't mind getting your hands dirty, you can try to authenticate and send a test email manually via telnet. That will usually lead you to the exact error that you can search online or post here.

Alternatively, you can wipe the install and try again, by following Luke's video.

[bionor]

I think I'm homing in to it now. Pretty sure there's some cert issue. The logs also say something to that effect. For now it seems it is missing the location of a CA certificate authority. I think it's supposed to be located at /etc/ssl/

Yeah, I'll see if I'll try with telnet eventually. I've never sent an email using telnet before, but doing over a CLI should produce some nice errors for sure.

[bionor]

I've made some progress. I can send mail to my gmail account now (marked as spam of course, but anyway), but anything M$ refuses me, saying banned IP. I've started the delisting process, let's see.

The issue was (if indeed it is solved) was that the postfix config was still misssing the location of what I believe is the root CA, a cert.pem file.

I did the process without using nginx as I only wanted mail, but Luke's script seems is made with doing both in mind and doesn't catch the Let's encrypt certs if you don't install them using the --nginx method, which is why I had to manually enter all the locations, which I thought I'd done, but were still missing one

[Mythbusters123]

I have used the video method, and using telnet I get a 554 5.7.1 <example@gmail.com>: Relay Access Denied I have set up everything perfectly according to the video and my DNS records are all correct. The only thing I think that could be the problem is that I am using Cloudflare as my DNS provider but I need it dyndns on my home IP

[Mythbusters123]

This might be due to the hosting provider, as it seems Contabo is on the blacklist. @LukeSmithxyz any help here would be greatly appreciated

[Mythbusters123]

Well, ive figured it out. Basically you need to have a Vultr VPS.