Postfix 554 5.7.1 'Client host rejected'

October 17, 2017 120 views
Email Ubuntu 16.04

I've spent days trying to figure this out and I am stumped. Got postfix up and working, both sending and receiving, under a test domain name (test.mydomain.com). Then moved 'mydomain.com' to DO's nameservers and reconfigured Postfix to use 'mydomain.com' instead, and now I can't send email. Receiving works fine. Below is the output I get from /var/log/mail.log:

Oct 17 13:27:08 sammy postfix/submission/smtpd[4852]: connect from x-x-x-x.xxx.xxx.xxx[x.x.x.x]
Oct 17 13:27:09 sammy postfix/submission/smtpd[4852]: NOQUEUE: reject: RCPT from x-x-x-x.xxx.xxx.xxx[x.x.x.x]: 554 5.7.1 <x-x-x-x.xxx.xxx.xx[x.x.x.x]>: Client host rejected: Access denied; from=<user1@mydomain.com> to=<user2@mydomain.com> proto=ESMTP helo=<[192.168.2.44]>
Oct 17 13:27:09 sammy postfix/submission/smtpd[4852]: disconnect from x-x-x-x.xxx.xxx.xxx[x.x.x.x] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6

Here is the output from postconf -n:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
home_mailbox = Maildir/
mailbox_command =
mailbox_size_limit = 0
mydestination = localhost
myhostname = mydomain.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/mydomain.com/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/mydomain.com/privkey.pem
smtpd_use_tls = yes
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp

Any clues as to what is causing the issue? I should mention that 'user2@mydomain.com' is an alias created using PostfixAdmin.

1 Answer

So, I discovered when I got access to another computer that mail would only not send on my laptop, but would send correctly from other computers. Upon further investigation I found that my client settings were not sending the username and password, so it was being rejected. I fixed that on the client and now it works. WIsh I didn't have to waste days trying to figure that out.

Have another answer? Share your knowledge.