1 (edited by sunderwood 2019-11-07 12:32:35)

Topic: Client host rejected: Access denied 554 5.7.1

2019102201 (Backend: mariadb, Date: 2019-11-04 20:43:53) iRedMail Easy: https://www.iredmail.org/easy.html
Ubuntu 18.04.3 LTS
nginx version: nginx/1.14.0
iRedadmin

mail.log
Nov  7 01:47:00 mail postfix/submission/smtpd[18796]: connect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]
Nov  7 01:47:00 mail postfix/submission/smtpd[18796]: Anonymous TLS connection established from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: TLSv1.2 w$
Nov  7 01:47:00 mail postfix/submission/smtpd[18796]: NOQUEUE: reject: RCPT from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 554 5.7.1 <cpe-172-101-6$
Nov  7 01:47:00 mail postfix/submission/smtpd[18796]: disconnect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50] ehlo=2 starttls=1 mail=1 rcpt=0/1 qu$


I just deployed with iredeasy to a new droplet on DO. It went flawlessly, and I added a letsencrypt certificate. Sending and receiving email works great and received no certificate popup when I configured an outlook email client on ports 995 and 587 (so i assume cert was installed correctly).

I am getting the error message when I try and send form mail through ActionMailer in my ruby on rails website in both development and production mode.  These forms have been running for years connected to a different iredmail server version 0.9.5-1, Ubuntu 16.04.5 LTS, and Apache2, and MYSQL.

I just changed the following to conform with new server:

deveopment.rb and production.rb

config.action_mailer.delivery_method = :smtp
config.action_mailer.default_url_options = { host: 'underwoodlaw.net' }
ActionMailer::Base.smtp_settings = {
      :address => 'mail.underwoodlaw.net',
      :port => '587',
      :authentication => :plain,
      :user_name => ENV['UNDERWOOD_USERNAME'],
      :password => ENV['UNDERWOOD_PASSWORD'],
      :domain => 'underwoodlaw.net',
      :enable_starttls_auto => true

local.env.yml

UNDERWOOD_USERNAME: 'steve@underwoodlaw.net'
UNDERWOOD_PASSWORD: 'xxxxxxxx'

application_mailer.rb

class ApplicationMailer < ActionMailer::Base
  default from: "steve@underwoodlaw.net"
  layout 'mailer'
end

contact.rb

def headers
    {

        :subject => "Web Consultation Request",
        :to => "steve@underwoodlaw.net",
        :from => %("#{name}" <#{email}>)

    }

Although it is true that I had to make the following adjustments on the old server to make the old server work, I get no error message if I use the test SMTP server at https://www.gmass.co/smtp-test, on the new server with the same setup as above.

Adjustments were made on old server because I was using a form on a website on Domain A, to send email through a mail server on  Domain B.
The new mail server is on the same domain as the website but on a separate droplet from the website.
I am quit sure my DNS is set up right with the correct things like at https://docs.iredmail.org/setup.dns.html.

Adjustments made on old server:
1) /ect/postfix/main.cf: Added:      smtp_header_checks = regexp:/etc/postfix/smtp_header_checks

2) /etc/postfix/smtp_header_checks:  Added:
/^Received: .*/     IGNORE
/^X-Originating-IP:/    IGNORE

3) /etc/amavis/conf.d/50-user:  Added a couple more domains (new server only has one).

4) /opt/iredapd/settings.py

Removed 'greylisting' from plugin section

ALLOWED_LOGIN_MISMATCH_SENDERS = ['noreply@iexample.com, 'noreply@example2.com']

MYNETWORKS = ['webserver-ip', 'home-ip - for development mode']

ALLOWED_FORGED_SENDERS =  ['website.com]

5)  /etc/postfix/main.cf Added: mynetworks= 127.0.0.1, home-ip, website-ip

I have tested the new server modifying it to match the old server for testing purposes, but still get same nondescript error.
I turned on the debug_peer_list = "" to get a better log but when the submit is pressed it gets to the point in the log where anonymous TLS connection established but then goes directly to NOQueue
Client host rejected: Access denied 554 5.7.1.

Been working on this for 2 days unsuccessfully. Help would be appreciated.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Client host rejected: Access denied 554 5.7.1

sunderwood wrote:

Nov  7 01:47:00 mail postfix/submission/smtpd[18796]: NOQUEUE: reject: RCPT from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 554 5.7.1 <cpe-172-101-6$

Please show us the original and full log line, this one was trimmed.

All your modifications (steps 1-5) are unnecessary and probably wrong. please revert it.

3

Re: Client host rejected: Access denied 554 5.7.1

Here is my postconf -n   

alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
allow_min_user = no
allow_percent_hack = no
biff = no
body_checks = pcre:/opt/iredmail/custom/postfix/body_checks.pcre pcre:/etc/postfix/body_checks.pcre
command_directory = /usr/sbin
compatibility_level = 2
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix/sbin
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
enable_long_queue_ids = yes
enable_original_recipient = no
header_checks = pcre:/opt/iredmail/custom/postfix/header_checks.pcre pcre:/etc/postfix/header_checks.pcre
inet_interfaces = all
inet_protocols = all
lmtp_tls_mandatory_protocols = !SSLv2 !SSLv3
lmtp_tls_protocols = !SSLv2 !SSLv3
mail_owner = postfix
mailbox_size_limit = 15728640
mailq_path = /usr/bin/mailq
message_size_limit = 15728640
mlmmj_destination_recipient_limit = 1
mydestination = $myhostname, localhost, localhost.localdomain
mydomain = mail.underwoodlaw.net
myhostname = mail.underwoodlaw.net
mynetworks = 127.0.0.1 [::1]
myorigin = mail.underwoodlaw.net
newaliases_path = /usr/bin/newaliases
postscreen_access_list = permit_mynetworks cidr:/opt/iredmail/custom/postfix/postscreen_access.cidr cidr:/etc/postfix/postscreen_access.cidr
postscreen_blacklist_action = drop
postscreen_dnsbl_action = drop
postscreen_dnsbl_reply_map = texthash:/etc/postfix/postscreen_dnsbl_reply.texthash
postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..11]*3 b.barracudacentral.org=127.0.0.2*2
postscreen_dnsbl_threshold = 2
postscreen_greet_action = drop
postscreen_helo_required = yes
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions $sender_dependent_relayhost_maps
queue_directory = /var/spool/postfix
recipient_bcc_maps = proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_user.cf proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_domain.cf
recipient_delimiter = +
relay_domains = $mydestination proxy:mysql:/etc/postfix/mysql/relay_domains.cf
sender_bcc_maps = proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_user.cf proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_domain.cf
sender_dependent_relayhost_maps = proxy:mysql:/etc/postfix/mysql/sender_dependent_relayhost_maps.cf
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp-amavis_destination_recipient_limit = 1
smtp_tls_CAfile = $smtpd_tls_CAfile
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_loglevel = 1
smtp_tls_mandatory_protocols = !SSLv2 !SSLv3
smtp_tls_note_starttls_offer = yes
smtp_tls_policy_maps = hash:/opt/iredmail/custom/postfix/smtp_tls_policy hash:/etc/postfix/smtp_tls_policy
smtp_tls_protocols = !SSLv2 !SSLv3
smtp_tls_security_level = may
smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated check_client_access pcre:/opt/iredmail/custom/postfix/rdns_access.pcre check_client_access pcre:/etc/postfix/rdns_access.pcre
smtpd_command_filter = pcre:/etc/postfix/command_filter.pcre
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:7777
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks permit_sasl_authenticated check_helo_access pcre:/opt/iredmail/custom/postfix/helo_access.pcre check_helo_access pcre:/etc/postfix/helo_access.pcre reject_non_fqdn_helo_hostname reject_unknown_helo_hostname
smtpd_recipient_restrictions = reject_unknown_recipient_domain reject_non_fqdn_recipient reject_unlisted_recipient check_policy_service inet:127.0.0.1:7777 permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_policy_service inet:127.0.0.1:12340
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql/sender_login_maps.cf
smtpd_sender_restrictions = reject_non_fqdn_sender reject_unlisted_sender permit_mynetworks permit_sasl_authenticated check_sender_access pcre:/opt/iredmail/custom/postfix/sender_access.pcre reject_unknown_sender_domain
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_cert_file = /opt/iredmail/ssl/cert.pem
smtpd_tls_dh1024_param_file = /opt/iredmail/ssl/dhparam2048.pem
smtpd_tls_dh512_param_file = /opt/iredmail/ssl/dhparam512.pem
smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
smtpd_tls_key_file = /opt/iredmail/ssl/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
smtpd_tls_protocols = !SSLv2 !SSLv3
smtpd_tls_security_level = may
swap_bangpath = no
tls_random_source = dev:/dev/urandom
transport_maps = hash:/opt/iredmail/custom/postfix/transport hash:/etc/postfix/transport proxy:mysql:/etc/postfix/mysql/transport_maps_user.cf proxy:mysql:/etc/postfix/mysql/transport_maps_maillist.cf proxy:mysql:/etc/postfix/mysql/transport_maps_domain.cf
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf proxy:mysql:/etc/postfix/mysql/domain_alias_maps.cf proxy:mysql:/etc/postfix/mysql/catchall_maps.cf proxy:mysql:/etc/postfix/mysql/domain_alias_catchall_maps.cf
virtual_gid_maps = static:2000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_domains.cf
virtual_minimum_uid = 2000
virtual_transport = dovecot
virtual_uid_maps = static:2000

4

Re: Client host rejected: Access denied 554 5.7.1

I noticed something I thought was strange in my  /etc/postfix/main.cf file.

mynetworks = 127.0.0.1 [::1]

Is the [::1] supposed to be there?

Perhaps it helps with the  /opt/iredmail/custom/ system you have going with IredEasy?

5

Re: Client host rejected: Access denied 554 5.7.1

Yes all those settings 1-5 have been reverted before I posted the postconf -n.

I only did it for testing purposes.

here is the last 200 lines after i just submitted the form again:

Nov  6 23:44:08 mail postfix/dnsblog[17160]: addr 197.50.25.93 listed by domain b.barracudacentral.org as 127.0.0.2
Nov  6 23:44:14 mail postfix/postscreen[17159]: DNSBL rank 5 for [197.50.25.93]:42561
Nov  6 23:44:14 mail postfix/postscreen[17159]: DISCONNECT [197.50.25.93]:42561
Nov  6 23:48:38 mail postfix/postscreen[17194]: CONNECT from [194.67.9.130]:60631 to [159.203.124.84]:25
Nov  6 23:48:38 mail postfix/dnsblog[17196]: addr 194.67.9.130 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  6 23:48:38 mail postfix/dnsblog[17195]: addr 194.67.9.130 listed by domain b.barracudacentral.org as 127.0.0.2
Nov  6 23:48:44 mail postfix/postscreen[17194]: DNSBL rank 5 for [194.67.9.130]:60631
Nov  6 23:48:44 mail postfix/postscreen[17194]: DISCONNECT [194.67.9.130]:60631
Nov  6 23:53:02 mail postfix/qmgr[2428]: 477d7n4dgVz1ybm: from=<steve@underwoodlaw.net>, size=4568, nrcpt=1 (queue active)
Nov  6 23:53:02 mail postfix/smtp[17246]: 477d7n4dgVz1ybm: host dnvrco-cmedge01.email.rr.com[69.134.155.135] refused to talk to me: 554 dnvrco-cmimta19 esmtp ESMTP server not available AUP#I-1000
Nov  6 23:53:02 mail postfix/smtp[17246]: 477d7n4dgVz1ybm: to=<sunder@roadrunner.com>, relay=dnvrco-cmedge02.email.rr.com[69.134.155.136]:25, delay=13049, delays=13049/0.04/0.43/0, dsn=4.0.0, status=deferred (host dnvrco-cmedge02.email.rr.com[69.134.155.136] refused to talk to me: 554 dnvrco-cmimta19 esmtp ESMTP server not available AUP#I-1000)
Nov  6 23:58:02 mail postfix/qmgr[2428]: 477dHh0F6Nz1ybn: from=<steve@underwoodlaw.net>, size=4582, nrcpt=1 (queue active)
Nov  6 23:58:02 mail postfix/smtp[17288]: 477dHh0F6Nz1ybn: host dnvrco-cmedge01.email.rr.com[69.134.155.135] refused to talk to me: 554 dnvrco-cmimta05 esmtp ESMTP server not available AUP#I-1000
Nov  6 23:58:02 mail postfix/smtp[17288]: 477dHh0F6Nz1ybn: to=<sunder@roadrunner.com>, relay=dnvrco-cmedge02.email.rr.com[69.134.155.136]:25, delay=12939, delays=12938/0.04/0.38/0, dsn=4.0.0, status=deferred (host dnvrco-cmedge02.email.rr.com[69.134.155.136] refused to talk to me: 554 dnvrco-cmimta05 esmtp ESMTP server not available AUP#I-1000)
Nov  7 00:16:06 mail postfix/submission/smtpd[17543]: connect from unknown[61.7.190.210]
Nov  7 00:16:08 mail postfix/submission/smtpd[17543]: Anonymous TLS connection established from unknown[61.7.190.210]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Nov  7 00:16:11 mail postfix/submission/smtpd[17543]: warning: unknown[61.7.190.210]: SASL PLAIN authentication failed:
Nov  7 00:16:17 mail postfix/submission/smtpd[17543]: warning: unknown[61.7.190.210]: SASL LOGIN authentication failed: VXNlcm5hbWU6
Nov  7 00:16:17 mail postfix/submission/smtpd[17543]: lost connection after AUTH from unknown[61.7.190.210]
Nov  7 00:16:17 mail postfix/submission/smtpd[17543]: disconnect from unknown[61.7.190.210] ehlo=2 starttls=1 auth=0/2 commands=3/5
Nov  7 00:19:37 mail postfix/anvil[17545]: statistics: max connection rate 1/60s for (submission:61.7.190.210) at Nov  7 00:16:06
Nov  7 00:19:37 mail postfix/anvil[17545]: statistics: max connection count 1 for (submission:61.7.190.210) at Nov  7 00:16:06
Nov  7 00:19:37 mail postfix/anvil[17545]: statistics: max cache size 1 at Nov  7 00:16:06
Nov  7 00:28:02 mail postfix/qmgr[2428]: 477cNw39wqz1ybl: from=<steve@underwoodlaw.net>, size=10852, nrcpt=1 (queue active)
Nov  7 00:28:03 mail postfix/smtp[17683]: 477cNw39wqz1ybl: host dnvrco-cmedge01.email.rr.com[69.134.155.135] refused to talk to me: 554 dnvrco-cmimta04 esmtp ESMTP server not available AUP#I-1000
Nov  7 00:28:03 mail postfix/smtp[17683]: 477cNw39wqz1ybl: to=<underwoodlaw@roadrunner.com>, relay=dnvrco-cmedge02.email.rr.com[69.134.155.136]:25, delay=17171, delays=17170/0.04/0.55/0, dsn=4.0.0, status=deferred (host dnvrco-cmedge02.email.rr.com[69.134.155.136] refused to talk to me: 554 dnvrco-cmimta14 esmtp ESMTP server not available AUP#I-1000)
Nov  7 00:39:53 mail postfix/postscreen[17855]: CONNECT from [190.61.50.89]:55905 to [159.203.124.84]:25
Nov  7 00:39:53 mail postfix/dnsblog[17856]: addr 190.61.50.89 listed by domain b.barracudacentral.org as 127.0.0.2
Nov  7 00:39:53 mail postfix/dnsblog[17857]: addr 190.61.50.89 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  7 00:39:53 mail postfix/postscreen[17855]: PREGREET 21 after 0.16 from [190.61.50.89]:55905: EHLO [190.61.50.89]\r\n
Nov  7 00:39:53 mail postfix/postscreen[17855]: DISCONNECT [190.61.50.89]:55905
Nov  7 00:53:39 mail postfix/postscreen[17980]: CONNECT from [196.45.155.106]:57114 to [159.203.124.84]:25
Nov  7 00:53:39 mail postfix/dnsblog[17981]: addr 196.45.155.106 listed by domain b.barracudacentral.org as 127.0.0.2
Nov  7 00:53:39 mail postfix/dnsblog[17982]: addr 196.45.155.106 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  7 00:53:39 mail postfix/dnsblog[17982]: addr 196.45.155.106 listed by domain zen.spamhaus.org as 127.0.0.3
Nov  7 00:53:39 mail postfix/postscreen[17980]: PREGREET 23 after 0.22 from [196.45.155.106]:57114: EHLO [196.45.155.106]\r\n
Nov  7 00:53:39 mail postfix/postscreen[17980]: DISCONNECT [196.45.155.106]:57114
Nov  7 01:03:02 mail postfix/qmgr[2428]: 477d7n4dgVz1ybm: from=<steve@underwoodlaw.net>, size=4568, nrcpt=1 (queue active)
Nov  7 01:03:02 mail postfix/smtp[18080]: 477d7n4dgVz1ybm: host dnvrco-cmedge01.email.rr.com[69.134.155.135] refused to talk to me: 554 dnvrco-cmimta14 esmtp ESMTP server not available AUP#I-1000
Nov  7 01:03:02 mail postfix/smtp[18080]: 477d7n4dgVz1ybm: to=<sunder@roadrunner.com>, relay=dnvrco-cmedge02.email.rr.com[69.134.155.136]:25, delay=17249, delays=17249/0.04/0.33/0, dsn=4.0.0, status=deferred (host dnvrco-cmedge02.email.rr.com[69.134.155.136] refused to talk to me: 554 dnvrco-cmimta14 esmtp ESMTP server not available AUP#I-1000)
Nov  7 01:08:02 mail postfix/qmgr[2428]: 477dHh0F6Nz1ybn: from=<steve@underwoodlaw.net>, size=4582, nrcpt=1 (queue active)
Nov  7 01:08:03 mail postfix/smtp[18110]: 477dHh0F6Nz1ybn: host dnvrco-cmedge01.email.rr.com[69.134.155.135] refused to talk to me: 554 dnvrco-cmimta16 esmtp ESMTP server not available AUP#I-1000
Nov  7 01:08:03 mail postfix/smtp[18110]: 477dHh0F6Nz1ybn: to=<sunder@roadrunner.com>, relay=dnvrco-cmedge02.email.rr.com[69.134.155.136]:25, delay=17139, delays=17139/0.04/0.55/0, dsn=4.0.0, status=deferred (host dnvrco-cmedge02.email.rr.com[69.134.155.136] refused to talk to me: 554 dnvrco-cmimta09 esmtp ESMTP server not available AUP#I-1000)
Nov  7 01:16:32 mail postfix/submission/smtpd[18263]: warning: hostname zg-0911b-44.stretchoid.com does not resolve to address 159.203.201.26: Name or service not known
Nov  7 01:16:32 mail postfix/submission/smtpd[18263]: connect from unknown[159.203.201.26]
Nov  7 01:16:32 mail postfix/submission/smtpd[18263]: disconnect from unknown[159.203.201.26] ehlo=1 quit=1 commands=2
Nov  7 01:19:52 mail postfix/anvil[18265]: statistics: max connection rate 1/60s for (submission:159.203.201.26) at Nov  7 01:16:32
Nov  7 01:19:52 mail postfix/anvil[18265]: statistics: max connection count 1 for (submission:159.203.201.26) at Nov  7 01:16:32
Nov  7 01:19:52 mail postfix/anvil[18265]: statistics: max cache size 1 at Nov  7 01:16:32
Nov  7 01:21:54 mail postfix/postscreen[18375]: CONNECT from [103.60.180.132]:57325 to [159.203.124.84]:25
Nov  7 01:21:54 mail postfix/dnsblog[18377]: addr 103.60.180.132 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  7 01:21:54 mail postfix/dnsblog[18377]: addr 103.60.180.132 listed by domain zen.spamhaus.org as 127.0.0.3
Nov  7 01:21:58 mail postfix/postscreen[18375]: PREGREET 28 after 4 from [103.60.180.132]:57325: EHLO ip-180-130.jlm.net.id\r\n
Nov  7 01:21:58 mail postfix/postscreen[18375]: DISCONNECT [103.60.180.132]:57325
Nov  7 01:23:03 mail postfix/submission/smtpd[18414]: connect from mail.underwoodlaw.net[127.0.0.1]
Nov  7 01:23:03 mail postfix/submission/smtpd[18414]: Anonymous TLS connection established from mail.underwoodlaw.net[127.0.0.1]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
Nov  7 01:23:03 mail postfix/submission/smtpd[18414]: 477lyb6sZ5z1xgY: client=mail.underwoodlaw.net[127.0.0.1], sasl_method=LOGIN, sasl_username=steve@underwoodlaw.net
Nov  7 01:23:04 mail postfix/cleanup[18430]: 477lyb6sZ5z1xgY: message-id=<b5c75564009fb56077c62a05655bbcc1@underwoodlaw.net>
Nov  7 01:23:04 mail postfix/qmgr[2428]: 477lyb6sZ5z1xgY: from=<steve@underwoodlaw.net>, size=1116, nrcpt=1 (queue active)
Nov  7 01:23:04 mail postfix/submission/smtpd[18414]: disconnect from mail.underwoodlaw.net[127.0.0.1] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8
Nov  7 01:23:04 mail postfix/10025/smtpd[18443]: connect from mail.underwoodlaw.net[127.0.0.1]
Nov  7 01:23:04 mail postfix/10025/smtpd[18443]: 477lyc2yZbz20Cj: client=mail.underwoodlaw.net[127.0.0.1]
Nov  7 01:23:04 mail postfix/cleanup[18430]: 477lyc2yZbz20Cj: message-id=<b5c75564009fb56077c62a05655bbcc1@underwoodlaw.net>
Nov  7 01:23:04 mail postfix/qmgr[2428]: 477lyc2yZbz20Cj: from=<steve@underwoodlaw.net>, size=2192, nrcpt=1 (queue active)
Nov  7 01:23:04 mail postfix/10025/smtpd[18443]: disconnect from mail.underwoodlaw.net[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Nov  7 01:23:04 mail amavis[15248]: (15248-05) Passed CLEAN {RelayedInternal}, ORIGINATING/MYNETS LOCAL [127.0.0.1]:39832 <steve@underwoodlaw.net> -> <test-r0n7f@mail-tester.com>, Queue-ID: 477lyb6sZ5z1xgY, Message-ID: <b5c75564009fb56077c62a05655bbcc1@underwoodlaw.net>, mail_id: NAx_jXnf_gye, Hits: -0.002, size: 941, queued_as: 477lyc2yZbz20Cj, dkim_new=dkim:underwoodlaw.net, 378 ms, Tests: [NO_RECEIVED=-0.001,NO_RELAYS=-0.001]
Nov  7 01:23:04 mail postfix/amavis/smtp[18435]: 477lyb6sZ5z1xgY: to=<test-r0n7f@mail-tester.com>, relay=127.0.0.1[127.0.0.1]:10026, delay=0.6, delays=0.17/0.04/0.01/0.39, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 477lyc2yZbz20Cj)
Nov  7 01:23:04 mail postfix/qmgr[2428]: 477lyb6sZ5z1xgY: removed
Nov  7 01:23:05 mail postfix/smtp[18444]: Anonymous TLS connection established to mail-tester.com[94.23.206.89]:25: TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)
Nov  7 01:23:06 mail postfix/smtp[18444]: 477lyc2yZbz20Cj: to=<test-r0n7f@mail-tester.com>, relay=mail-tester.com[94.23.206.89]:25, delay=1.8, delays=0.01/0.03/0.9/0.88, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as CFD529FAF7)
Nov  7 01:23:06 mail postfix/qmgr[2428]: 477lyc2yZbz20Cj: removed
Nov  7 01:26:24 mail postfix/anvil[18416]: statistics: max connection rate 1/60s for (submission:127.0.0.1) at Nov  7 01:23:03
Nov  7 01:26:24 mail postfix/anvil[18416]: statistics: max connection count 1 for (submission:127.0.0.1) at Nov  7 01:23:03
Nov  7 01:26:24 mail postfix/anvil[18416]: statistics: max cache size 1 at Nov  7 01:23:03
Nov  7 01:28:27 mail postfix/submission/smtpd[18491]: connect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]
Nov  7 01:28:27 mail postfix/submission/smtpd[18491]: Anonymous TLS connection established from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Nov  7 01:28:27 mail postfix/submission/smtpd[18491]: NOQUEUE: reject: RCPT from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 554 5.7.1 <cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]>: Client host rejected: Access denied; from=<steve@mrsumppump.com> to=<steve@underwoodlaw.net> proto=ESMTP helo=<underwoodlaw.net>
Nov  7 01:28:28 mail postfix/submission/smtpd[18491]: disconnect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6
Nov  7 01:32:35 mail postfix/postscreen[18562]: CONNECT from [45.56.127.226]:50008 to [159.203.124.84]:25
Nov  7 01:32:41 mail postfix/postscreen[18562]: PASS NEW [45.56.127.226]:50008
Nov  7 01:32:41 mail postfix/smtpd[18565]: connect from mail.iredmail.org[45.56.127.226]
Nov  7 01:32:42 mail postfix/smtpd[18565]: Anonymous TLS connection established from mail.iredmail.org[45.56.127.226]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Nov  7 01:32:42 mail postfix/smtpd[18565]: 477m9k6H4fz1xgY: client=mail.iredmail.org[45.56.127.226]
Nov  7 01:32:42 mail postfix/cleanup[18582]: 477m9k6H4fz1xgY: message-id=<477m9b3S3Rz6TR@mail.iredmail.org>
Nov  7 01:32:42 mail postfix/qmgr[2428]: 477m9k6H4fz1xgY: from=<no-reply@forum.iredmail.org>, size=2702, nrcpt=1 (queue active)
Nov  7 01:32:42 mail postfix/smtpd[18565]: disconnect from mail.iredmail.org[45.56.127.226] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
Nov  7 01:32:46 mail postfix/10025/smtpd[18592]: connect from mail.underwoodlaw.net[127.0.0.1]
Nov  7 01:32:46 mail postfix/10025/smtpd[18592]: 477m9p1TbLz20Cj: client=mail.underwoodlaw.net[127.0.0.1]
Nov  7 01:32:46 mail postfix/cleanup[18582]: 477m9p1TbLz20Cj: message-id=<477m9b3S3Rz6TR@mail.iredmail.org>
Nov  7 01:32:46 mail postfix/qmgr[2428]: 477m9p1TbLz20Cj: from=<no-reply@forum.iredmail.org>, size=2150, nrcpt=1 (queue active)
Nov  7 01:32:46 mail postfix/10025/smtpd[18592]: disconnect from mail.underwoodlaw.net[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Nov  7 01:32:46 mail amavis[15248]: (15248-06) Passed CLEAN {RelayedInbound}, [45.56.127.226]:50008 [45.56.127.226] <no-reply@forum.iredmail.org> -> <steve@underwoodlaw.net>, Queue-ID: 477m9k6H4fz1xgY, Message-ID: <477m9b3S3Rz6TR@mail.iredmail.org>, mail_id: YIshD1WomnZ9, Hits: -0.101, size: 1749, queued_as: 477m9p1TbLz20Cj, dkim_sd=dkim:iredmail.org, 3284 ms, Tests: [DKIM_SIGNED=0.1,DKIM_VALID=-0.1,DKIM_VALID_EF=-0.1,FROM_EXCESS_BASE64=0.001,NO_RECEIVED=-0.001,NO_RELAYS=-0.001]
Nov  7 01:32:46 mail postfix/amavis/smtp[18587]: 477m9k6H4fz1xgY: to=<steve@underwoodlaw.net>, relay=127.0.0.1[127.0.0.1]:10024, delay=4, delays=0.67/0.01/0/3.3, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 477m9p1TbLz20Cj)
Nov  7 01:32:46 mail postfix/qmgr[2428]: 477m9k6H4fz1xgY: removed
Nov  7 01:32:46 mail postfix/pipe[18593]: 477m9p1TbLz20Cj: to=<steve@underwoodlaw.net>, relay=dovecot, delay=0.06, delays=0.01/0.02/0/0.04, dsn=2.0.0, status=sent (delivered via dovecot service)
Nov  7 01:32:46 mail postfix/qmgr[2428]: 477m9p1TbLz20Cj: removed
Nov  7 01:36:03 mail postfix/anvil[18567]: statistics: max connection rate 1/60s for (smtpd:45.56.127.226) at Nov  7 01:32:41
Nov  7 01:36:03 mail postfix/anvil[18567]: statistics: max connection count 1 for (smtpd:45.56.127.226) at Nov  7 01:32:41
Nov  7 01:36:03 mail postfix/anvil[18567]: statistics: max cache size 1 at Nov  7 01:32:41
Nov  7 01:38:02 mail postfix/qmgr[2428]: 477cNw39wqz1ybl: from=<steve@underwoodlaw.net>, size=10852, nrcpt=1 (queue active)
Nov  7 01:38:02 mail postfix/smtp[18642]: 477cNw39wqz1ybl: host dnvrco-cmedge01.email.rr.com[69.134.155.135] refused to talk to me: 554 dnvrco-cmimta22 esmtp ESMTP server not available AUP#I-1000
Nov  7 01:38:02 mail postfix/smtp[18642]: 477cNw39wqz1ybl: to=<underwoodlaw@roadrunner.com>, relay=dnvrco-cmedge02.email.rr.com[69.134.155.136]:25, delay=21370, delays=21370/0.03/0.44/0, dsn=4.0.0, status=deferred (host dnvrco-cmedge02.email.rr.com[69.134.155.136] refused to talk to me: 554 dnvrco-cmimta09 esmtp ESMTP server not available AUP#I-1000)
Nov  7 01:47:00 mail postfix/submission/smtpd[18796]: connect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]
Nov  7 01:47:00 mail postfix/submission/smtpd[18796]: Anonymous TLS connection established from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Nov  7 01:47:00 mail postfix/submission/smtpd[18796]: NOQUEUE: reject: RCPT from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 554 5.7.1 <cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]>: Client host rejected: Access denied; from=<steve@underwoodlaw.net> to=<steve@underwoodlaw.net> proto=ESMTP helo=<underwoodlaw.net>
Nov  7 01:47:00 mail postfix/submission/smtpd[18796]: disconnect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6
Nov  7 01:52:01 mail postfix/postscreen[18856]: CONNECT from [113.190.55.0]:49634 to [159.203.124.84]:25
Nov  7 01:52:01 mail postfix/dnsblog[18857]: addr 113.190.55.0 listed by domain b.barracudacentral.org as 127.0.0.2
Nov  7 01:52:01 mail postfix/dnsblog[18858]: addr 113.190.55.0 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  7 01:52:01 mail postfix/dnsblog[18858]: addr 113.190.55.0 listed by domain zen.spamhaus.org as 127.0.0.11
Nov  7 01:52:01 mail postfix/postscreen[18856]: PREGREET 16 after 0.26 from [113.190.55.0]:49634: EHLO [0.0.0.0]\r\n
Nov  7 01:52:01 mail postfix/postscreen[18856]: DISCONNECT [113.190.55.0]:49634
Nov  7 02:01:55 mail postfix/postscreen[18964]: CONNECT from [139.255.160.16]:56004 to [159.203.124.84]:25
Nov  7 02:01:55 mail postfix/dnsblog[18966]: addr 139.255.160.16 listed by domain zen.spamhaus.org as 127.0.0.11
Nov  7 02:01:55 mail postfix/dnsblog[18966]: addr 139.255.160.16 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  7 02:01:56 mail postfix/postscreen[18964]: PREGREET 23 after 0.27 from [139.255.160.16]:56004: EHLO [139.255.160.16]\r\n
Nov  7 02:01:56 mail postfix/postscreen[18964]: DISCONNECT [139.255.160.16]:56004
Nov  7 02:13:02 mail postfix/qmgr[2428]: 477d7n4dgVz1ybm: from=<steve@underwoodlaw.net>, size=4568, nrcpt=1 (queue active)
Nov  7 02:13:02 mail postfix/smtp[19137]: 477d7n4dgVz1ybm: host dnvrco-cmedge01.email.rr.com[69.134.155.135] refused to talk to me: 554 dnvrco-cmimta09 esmtp ESMTP server not available AUP#I-1000
Nov  7 02:13:02 mail postfix/smtp[19137]: 477d7n4dgVz1ybm: to=<sunder@roadrunner.com>, relay=dnvrco-cmedge02.email.rr.com[69.134.155.136]:25, delay=21449, delays=21449/0.05/0.47/0, dsn=4.0.0, status=deferred (host dnvrco-cmedge02.email.rr.com[69.134.155.136] refused to talk to me: 554 dnvrco-cmimta22 esmtp ESMTP server not available AUP#I-1000)
Nov  7 02:18:02 mail postfix/qmgr[2428]: 477dHh0F6Nz1ybn: from=<steve@underwoodlaw.net>, size=4582, nrcpt=1 (queue active)
Nov  7 02:18:03 mail postfix/smtp[19189]: 477dHh0F6Nz1ybn: host dnvrco-cmedge01.email.rr.com[69.134.155.135] refused to talk to me: 554 dnvrco-cmimta08 esmtp ESMTP server not available AUP#I-1000
Nov  7 02:18:03 mail postfix/smtp[19189]: 477dHh0F6Nz1ybn: to=<sunder@roadrunner.com>, relay=dnvrco-cmedge02.email.rr.com[69.134.155.136]:25, delay=21339, delays=21339/0.04/0.41/0, dsn=4.0.0, status=deferred (host dnvrco-cmedge02.email.rr.com[69.134.155.136] refused to talk to me: 554 dnvrco-cmimta06 esmtp ESMTP server not available AUP#I-1000)
Nov  7 02:20:27 mail postfix/postscreen[19225]: CONNECT from [183.81.154.194]:52300 to [159.203.124.84]:25
Nov  7 02:20:27 mail postfix/dnsblog[19226]: addr 183.81.154.194 listed by domain b.barracudacentral.org as 127.0.0.2
Nov  7 02:20:27 mail postfix/dnsblog[19227]: addr 183.81.154.194 listed by domain zen.spamhaus.org as 127.0.0.3
Nov  7 02:20:27 mail postfix/dnsblog[19227]: addr 183.81.154.194 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  7 02:20:27 mail postfix/postscreen[19225]: PREGREET 23 after 0.25 from [183.81.154.194]:52300: EHLO [183.81.154.194]\r\n
Nov  7 02:20:28 mail postfix/postscreen[19225]: DISCONNECT [183.81.154.194]:52300
Nov  7 02:30:44 mail postfix/postscreen[19328]: CONNECT from [123.20.165.90]:42744 to [159.203.124.84]:25
Nov  7 02:30:44 mail postfix/dnsblog[19329]: addr 123.20.165.90 listed by domain b.barracudacentral.org as 127.0.0.2
Nov  7 02:30:44 mail postfix/dnsblog[19330]: addr 123.20.165.90 listed by domain zen.spamhaus.org as 127.0.0.3
Nov  7 02:30:44 mail postfix/dnsblog[19330]: addr 123.20.165.90 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  7 02:30:44 mail postfix/dnsblog[19330]: addr 123.20.165.90 listed by domain zen.spamhaus.org as 127.0.0.11
Nov  7 02:30:50 mail postfix/postscreen[19328]: DNSBL rank 5 for [123.20.165.90]:42744
Nov  7 02:30:50 mail postfix/postscreen[19328]: DISCONNECT [123.20.165.90]:42744
Nov  7 02:48:02 mail postfix/qmgr[2428]: 477cNw39wqz1ybl: from=<steve@underwoodlaw.net>, size=10852, nrcpt=1 (queue active)
Nov  7 02:48:02 mail postfix/smtp[19528]: 477cNw39wqz1ybl: host dnvrco-cmedge01.email.rr.com[69.134.155.135] refused to talk to me: 554 dnvrco-cmimta16 esmtp ESMTP server not available AUP#I-1000
Nov  7 02:48:03 mail postfix/smtp[19528]: 477cNw39wqz1ybl: to=<underwoodlaw@roadrunner.com>, relay=dnvrco-cmedge02.email.rr.com[69.134.155.136]:25, delay=25571, delays=25570/0.04/0.52/0, dsn=4.0.0, status=deferred (host dnvrco-cmedge02.email.rr.com[69.134.155.136] refused to talk to me: 554 dnvrco-cmimta05 esmtp ESMTP server not available AUP#I-1000)
Nov  7 02:56:28 mail postfix/postscreen[19599]: CONNECT from [190.119.191.246]:46039 to [159.203.124.84]:25
Nov  7 02:56:28 mail postfix/dnsblog[19600]: addr 190.119.191.246 listed by domain b.barracudacentral.org as 127.0.0.2
Nov  7 02:56:28 mail postfix/dnsblog[19601]: addr 190.119.191.246 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  7 02:56:28 mail postfix/postscreen[19599]: PREGREET 24 after 0.13 from [190.119.191.246]:46039: EHLO [190.119.191.246]\r\n
Nov  7 02:56:28 mail postfix/postscreen[19599]: DISCONNECT [190.119.191.246]:46039
Nov  7 02:58:36 mail postfix/postscreen[19626]: CONNECT from [84.54.76.67]:36241 to [159.203.124.84]:25
Nov  7 02:58:36 mail postfix/dnsblog[19628]: addr 84.54.76.67 listed by domain zen.spamhaus.org as 127.0.0.11
Nov  7 02:58:36 mail postfix/dnsblog[19628]: addr 84.54.76.67 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  7 02:58:36 mail postfix/dnsblog[19627]: addr 84.54.76.67 listed by domain b.barracudacentral.org as 127.0.0.2
Nov  7 02:58:37 mail postfix/postscreen[19626]: PREGREET 20 after 0.2 from [84.54.76.67]:36241: EHLO [84.54.76.67]\r\n
Nov  7 02:58:37 mail postfix/postscreen[19626]: DISCONNECT [84.54.76.67]:36241
Nov  7 03:12:55 mail postfix/postfix-script[20414]: stopping the Postfix mail system
Nov  7 03:12:55 mail postfix/master[2418]: terminating on signal 15
Nov  7 03:13:27 mail postfix/postfix-script[1198]: warning: symlink leaves directory: /etc/postfix/./master.cf
Nov  7 03:13:27 mail postfix/postfix-script[1205]: warning: symlink leaves directory: /etc/postfix/./main.cf
Nov  7 03:13:27 mail postfix/postfix-script[1259]: starting the Postfix mail system
Nov  7 03:13:27 mail postfix/master[1262]: daemon started -- version 3.3.0, configuration /etc/postfix
Nov  7 03:13:30 mail amavis[907]: starting. /usr/sbin/amavisd-new at mail.underwoodlaw.net amavisd-new-2.11.0 (20160426), Unicode aware, LC_ALL="C", LANG="C.UTF-8"
Nov  7 03:13:32 mail amavis[1325]: Net::Server: Group Not Defined.  Defaulting to EGID '122 122'
Nov  7 03:13:32 mail amavis[1325]: Net::Server: User Not Defined.  Defaulting to EUID '116'
Nov  7 03:13:32 mail amavis[1325]: No ext program for   .F, tried: unfreeze, freeze -d, melt, fcat
Nov  7 03:13:32 mail amavis[1325]: No ext program for   .lrz, tried: lrzip -q -k -d -o -, lrzcat -q -k
Nov  7 03:13:32 mail amavis[1325]: No ext program for   .zoo, tried: zoo, unzoo
Nov  7 03:13:32 mail amavis[1325]: No decoder for       .F
Nov  7 03:13:32 mail amavis[1325]: No decoder for       .lrz
Nov  7 03:13:32 mail amavis[1325]: No decoder for       .zoo
Nov  7 03:13:32 mail amavis[1325]: Using primary internal av scanner code for clamav-socket
Nov  7 03:13:32 mail amavis[1325]: Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan
Nov  7 03:15:02 mail postfix/pickup[1264]: 477pRp5Sp0z20Cj: uid=0 from=<root>
Nov  7 03:15:02 mail postfix/cleanup[1476]: 477pRp5Sp0z20Cj: message-id=<477pRp5Sp0z20Cj@mail.underwoodlaw.net>
Nov  7 03:15:02 mail postfix/qmgr[1263]: 477pRp5Sp0z20Cj: from=<root@mail.underwoodlaw.net>, size=1312, nrcpt=1 (queue active)
Nov  7 03:15:04 mail postfix/10025/smtpd[1500]: connect from mail.underwoodlaw.net[127.0.0.1]
Nov  7 03:15:04 mail postfix/10025/smtpd[1500]: 477pRr09vJz1ybk: client=mail.underwoodlaw.net[127.0.0.1]
Nov  7 03:15:04 mail postfix/cleanup[1476]: 477pRr09vJz1ybk: message-id=<477pRp5Sp0z20Cj@mail.underwoodlaw.net>
Nov  7 03:15:04 mail postfix/qmgr[1263]: 477pRr09vJz1ybk: from=<root@mail.underwoodlaw.net>, size=2605, nrcpt=1 (queue active)
Nov  7 03:15:04 mail postfix/10025/smtpd[1500]: disconnect from mail.underwoodlaw.net[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Nov  7 03:15:04 mail amavis[1381]: (01381-01) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [127.0.0.1] <root@mail.underwoodlaw.net> -> <root@mail.underwoodlaw.net>, Message-ID: <477pRp5Sp0z20Cj@mail.underwoodlaw.net>, mail_id: NzxFrefiR8ez, Hits: 0.378, size: 1339, queued_as: 477pRr09vJz1ybk, dkim_new=dkim:underwoodlaw.net, 1191 ms, Tests: [NO_DNS_FOR_FROM=0.379,NO_RELAYS=-0.001]
Nov  7 03:15:04 mail postfix/amavis/smtp[1491]: 477pRp5Sp0z20Cj: to=<root@mail.underwoodlaw.net>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10026, delay=1.3, delays=0.08/0.02/0.01/1.2, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 477pRr09vJz1ybk)
Nov  7 03:15:04 mail postfix/qmgr[1263]: 477pRp5Sp0z20Cj: removed
Nov  7 03:15:04 mail postfix/cleanup[1476]: 477pRr0RHFz20Cj: message-id=<477pRp5Sp0z20Cj@mail.underwoodlaw.net>
Nov  7 03:15:04 mail postfix/qmgr[1263]: 477pRr0RHFz20Cj: from=<root@mail.underwoodlaw.net>, size=2753, nrcpt=1 (queue active)
Nov  7 03:15:04 mail postfix/local[1504]: 477pRr09vJz1ybk: to=<root@mail.underwoodlaw.net>, relay=local, delay=0.05, delays=0.01/0.02/0/0.02, dsn=2.0.0, status=sent (forwarded as 477pRr0RHFz20Cj)
Nov  7 03:15:04 mail postfix/qmgr[1263]: 477pRr09vJz1ybk: removed
Nov  7 03:15:04 mail postfix/pipe[1505]: 477pRr0RHFz20Cj: to=<postmaster@underwoodlaw.net>, orig_to=<root@mail.underwoodlaw.net>, relay=dovecot, delay=0.05, delays=0/0.01/0/0.04, dsn=2.0.0, status=sent (delivered via dovecot service)
Nov  7 03:15:04 mail postfix/qmgr[1263]: 477pRr0RHFz20Cj: removed
Nov  7 03:16:56 mail postfix/postscreen[1755]: CONNECT from [188.0.134.124]:56158 to [159.203.124.84]:25
Nov  7 03:16:56 mail postfix/dnsblog[1757]: addr 188.0.134.124 listed by domain zen.spamhaus.org as 127.0.0.3
Nov  7 03:16:56 mail postfix/dnsblog[1757]: addr 188.0.134.124 listed by domain zen.spamhaus.org as 127.0.0.4
Nov  7 03:16:56 mail postfix/dnsblog[1756]: addr 188.0.134.124 listed by domain b.barracudacentral.org as 127.0.0.2
Nov  7 03:16:56 mail postfix/postscreen[1755]: PREGREET 22 after 0.17 from [188.0.134.124]:56158: EHLO [188.0.134.124]\r\n
Nov  7 03:16:56 mail postfix/postscreen[1755]: DISCONNECT [188.0.134.124]:56158
Nov  7 03:23:28 mail postfix/qmgr[1263]: 477d7n4dgVz1ybm: from=<steve@underwoodlaw.net>, size=4568, nrcpt=1 (queue active)
Nov  7 03:23:29 mail postfix/smtp[1996]: 477d7n4dgVz1ybm: host dnvrco-cmedge01.email.rr.com[69.134.155.135] refused to talk to me: 554 dnvrco-cmimta01 esmtp ESMTP server not available AUP#I-1000
Nov  7 03:23:29 mail postfix/smtp[1996]: 477d7n4dgVz1ybm: to=<sunder@roadrunner.com>, relay=dnvrco-cmedge02.email.rr.com[69.134.155.136]:25, delay=25676, delays=25675/0.03/0.58/0, dsn=4.0.0, status=deferred (host dnvrco-cmedge02.email.rr.com[69.134.155.136] refused to talk to me: 554 dnvrco-cmimta18 esmtp ESMTP server not available AUP#I-1000)
Nov  7 03:28:28 mail postfix/qmgr[1263]: 477dHh0F6Nz1ybn: from=<steve@underwoodlaw.net>, size=4582, nrcpt=1 (queue active)
Nov  7 03:28:28 mail postfix/smtp[2055]: 477dHh0F6Nz1ybn: host dnvrco-cmedge01.email.rr.com[69.134.155.135] refused to talk to me: 554 dnvrco-cmimta25 esmtp ESMTP server not available AUP#I-1000
Nov  7 03:28:29 mail postfix/smtp[2055]: 477dHh0F6Nz1ybn: to=<sunder@roadrunner.com>, relay=dnvrco-cmedge02.email.rr.com[69.134.155.136]:25, delay=25565, delays=25565/0.04/0.39/0, dsn=4.0.0, status=deferred (host dnvrco-cmedge02.email.rr.com[69.134.155.136] refused to talk to me: 554 dnvrco-cmimta05 esmtp ESMTP server not available AUP#I-1000)
Nov  7 03:45:01 mail postfix/submission/smtpd[2280]: connect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]
Nov  7 03:45:01 mail postfix/submission/smtpd[2280]: Anonymous TLS connection established from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Nov  7 03:45:01 mail postfix/submission/smtpd[2280]: NOQUEUE: reject: RCPT from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 554 5.7.1 <cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]>: Client host rejected: Access denied; from=<xbox.joesmoe@gmail.com> to=<steve@underwoodlaw.net> proto=ESMTP helo=<underwoodlaw.net>
Nov  7 03:45:01 mail postfix/submission/smtpd[2280]: disconnect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6

6

Re: Client host rejected: Access denied 554 5.7.1

Here is a more detailed Log

Nov  7 04:00:16 mail postfix/10025/smtpd[2682]: connect from mail.underwoodlaw.net[127.0.0.1]
Nov  7 04:00:16 mail postfix/10025/smtpd[2682]: 477qS03hRHz20Cj: client=mail.underwoodlaw.net[127.0.0.1]
Nov  7 04:00:16 mail postfix/cleanup[2669]: 477qS03hRHz20Cj: message-id=<007901d5951f$dc86e350$9594a9f0$@underwoodlaw.net>
Nov  7 04:00:16 mail postfix/qmgr[2612]: 477qS03hRHz20Cj: from=<steve@underwoodlaw.net>, size=4791, nrcpt=1 (queue active)
Nov  7 04:00:16 mail amavis[1381]: (01381-02) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [172.101.69.50]:30907 [172.101.69.50] <steve@underwoodlaw.net> -> <xbox.joesmoe@gmail.com>, Queue-ID: 477qRz51xzz1ybk, Message-ID: <007901d5951f$dc86e350$9594a9f0$@underwoodlaw.net>, mail_id: XAPaCYlT2GTx, Hits: 0.101, size: 3559, queued_as: 477qS03hRHz20Cj, dkim_new=dkim:underwoodlaw.net, 697 ms, Tests: [ALL_TRUSTED=0.1,HTML_MESSAGE=0.001]
Nov  7 04:00:16 mail postfix/10025/smtpd[2682]: disconnect from mail.underwoodlaw.net[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Nov  7 04:00:16 mail postfix/amavis/smtp[2675]: 477qRz51xzz1ybk: to=<xbox.joesmoe@gmail.com>, relay=127.0.0.1[127.0.0.1]:10026, delay=0.98, delays=0.26/0.01/0/0.71, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 477qS03hRHz20Cj)
Nov  7 04:00:16 mail postfix/qmgr[2612]: 477qRz51xzz1ybk: removed
Nov  7 04:00:16 mail postfix/smtp[2683]: connect to gmail-smtp-in.l.google.com[2607:f8b0:400d:c0f::1a]:25: Network is unreachable
Nov  7 04:00:16 mail postfix/smtp[2683]: Trusted TLS connection established to gmail-smtp-in.l.google.com[172.217.197.26]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
Nov  7 04:00:17 mail postfix/smtp[2683]: 477qS03hRHz20Cj: to=<xbox.joesmoe@gmail.com>, relay=gmail-smtp-in.l.google.com[172.217.197.26]:25, delay=0.81, delays=0.01/0.03/0.19/0.58, dsn=2.0.0, status=sent (250 2.0.0 OK  1573099217 u15si422194qvi.161 - gsmtp)
Nov  7 04:00:17 mail postfix/qmgr[2612]: 477qS03hRHz20Cj: removed
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: < cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: QUIT
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: dict_pcre_lookup: /etc/postfix/command_filter.pcre: QUIT
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 221 2.0.0 Bye
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: match_hostname: smtpd_client_event_limit_exceptions: cpe-172-101-69-50.buffalo.res.rr.com ~? 127.0.0.1
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: match_hostaddr: smtpd_client_event_limit_exceptions: 172.101.69.50 ~? 127.0.0.1
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: match_hostname: smtpd_client_event_limit_exceptions: cpe-172-101-69-50.buffalo.res.rr.com ~? [::1]
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: match_hostaddr: smtpd_client_event_limit_exceptions: 172.101.69.50 ~? [::1]
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: match_list_match: cpe-172-101-69-50.buffalo.res.rr.com: no match
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: match_list_match: 172.101.69.50: no match
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: send attr request = disconnect
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: send attr ident = submission:172.101.69.50
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: private/anvil: wanted attribute: status
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: input attribute name: status
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: input attribute value: 0
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: private/anvil: wanted attribute: (list terminator)
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: input attribute name: (end)
Nov  7 04:00:18 mail postfix/submission/smtpd[2653]: disconnect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: connect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: smtp_stream_setup: maxtime=300 enable_deadline=0
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: match_hostname: smtpd_client_event_limit_exceptions: cpe-172-101-69-50.buffalo.res.rr.com ~? 127.0.0.1
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: match_hostaddr: smtpd_client_event_limit_exceptions: 172.101.69.50 ~? 127.0.0.1
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: match_hostname: smtpd_client_event_limit_exceptions: cpe-172-101-69-50.buffalo.res.rr.com ~? [::1]
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: match_hostaddr: smtpd_client_event_limit_exceptions: 172.101.69.50 ~? [::1]
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: match_list_match: cpe-172-101-69-50.buffalo.res.rr.com: no match
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: match_list_match: 172.101.69.50: no match
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: send attr request = connect
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: send attr ident = submission:172.101.69.50
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: private/anvil: wanted attribute: status
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute name: status
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute value: 0
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: private/anvil: wanted attribute: count
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute name: count
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute value: 1
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: private/anvil: wanted attribute: rate
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute name: rate
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute value: 2
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: private/anvil: wanted attribute: (list terminator)
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute name: (end)
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 220 mail.underwoodlaw.net ESMTP Postfix
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: watchdog_pat: 0x5622e8ee4bf0
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: < cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: EHLO underwoodlaw.net
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: dict_pcre_lookup: /etc/postfix/command_filter.pcre: EHLO underwoodlaw.net
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: match_list_match: cpe-172-101-69-50.buffalo.res.rr.com: no match
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: match_list_match: 172.101.69.50: no match
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-mail.underwoodlaw.net
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-PIPELINING
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-SIZE 15728640
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-ETRN
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-STARTTLS
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-ENHANCEDSTATUSCODES
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-8BITMIME
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-DSN
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250 SMTPUTF8
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: watchdog_pat: 0x5622e8ee4bf0
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: < cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: STARTTLS
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: dict_pcre_lookup: /etc/postfix/command_filter.pcre: STARTTLS
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 220 2.0.0 Ready to start TLS
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: auto_clnt_open: connected to private/tlsmgr
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: send attr request = seed
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: send attr size = 32
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: private/tlsmgr: wanted attribute: status
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute name: status
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute value: 0
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: private/tlsmgr: wanted attribute: seed
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute name: seed
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute value: wKZRFlq1RdBae8tH48TDBImu83uYSVoZ31jsK9qxU9I=
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: private/tlsmgr: wanted attribute: (list terminator)
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute name: (end)
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: send attr request = tktkey
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: send attr keyname = [data 0 bytes]
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: private/tlsmgr: wanted attribute: status
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute name: status
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute value: 0
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: private/tlsmgr: wanted attribute: keybuf
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute name: keybuf
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute value: +skyA/RE8EiQ7ivM7sYEgAw0lO6AYwYPLCRjoRBgQe/YGdUZnvE875rDVRrUmZUhd1kZXjUO+fZkqmj/F459b99kzTJIp6YmamcdQHrulNzsncNdAAAAAA==
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: private/tlsmgr: wanted attribute: (list terminator)
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: input attribute name: (end)
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: Anonymous TLS connection established from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: xsasl_dovecot_server_create: SASL service=smtp, realm=(null)
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: name_mask: noanonymous
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: xsasl_dovecot_server_mech_filter: keep mechanism: PLAIN
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: xsasl_dovecot_server_mech_filter: keep mechanism: LOGIN
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: watchdog_pat: 0x5622e8ee4bf0
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: < cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: EHLO underwoodlaw.net
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: dict_pcre_lookup: /etc/postfix/command_filter.pcre: EHLO underwoodlaw.net
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: match_list_match: cpe-172-101-69-50.buffalo.res.rr.com: no match
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: match_list_match: 172.101.69.50: no match
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-mail.underwoodlaw.net
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-PIPELINING
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-SIZE 15728640
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-ETRN
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-AUTH PLAIN LOGIN
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-ENHANCEDSTATUSCODES
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-8BITMIME
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250-DSN
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250 SMTPUTF8
Nov  7 04:00:37 mail postfix/submission/smtpd[2653]: watchdog_pat: 0x5622e8ee4bf0
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: < cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: MAIL FROM:<xbox.joesmoe@gmail.com>
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: dict_pcre_lookup: /etc/postfix/command_filter.pcre: MAIL FROM:<xbox.joesmoe@gmail.com>
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: extract_addr: input: <xbox.joesmoe@gmail.com>
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: smtpd_check_addr: addr=xbox.joesmoe@gmail.com
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: connect to subsystem private/rewrite
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: send attr request = rewrite
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: send attr rule = local
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: send attr address = ""
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: private/rewrite socket: wanted attribute: flags
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute name: flags
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute value: 0
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: private/rewrite socket: wanted attribute: address
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute name: address
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute value: ""
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: private/rewrite socket: wanted attribute: (list terminator)
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute name: (end)
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: rewrite_clnt: local: "" -> ""
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: send attr request = rewrite
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: send attr rule = local
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: send attr address = xbox.joesmoe@gmail.com
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: private/rewrite socket: wanted attribute: flags
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute name: flags
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute value: 0
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: private/rewrite socket: wanted attribute: address
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute name: address
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute value: xbox.joesmoe@gmail.com
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: private/rewrite socket: wanted attribute: (list terminator)
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute name: (end)
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: rewrite_clnt: local: xbox.joesmoe@gmail.com -> xbox.joesmoe@gmail.com
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: send attr request = resolve
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: send attr sender =
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: send attr address = xbox.joesmoe@gmail.com
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: private/rewrite socket: wanted attribute: flags
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute name: flags
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute value: 0
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: private/rewrite socket: wanted attribute: transport
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute name: transport
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute value: smtp
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: private/rewrite socket: wanted attribute: nexthop
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute name: nexthop
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute value: gmail.com
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: private/rewrite socket: wanted attribute: recipient
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute name: recipient
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute value: xbox.joesmoe@gmail.com
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: private/rewrite socket: wanted attribute: flags
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute name: flags
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute value: 4096
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: private/rewrite socket: wanted attribute: (list terminator)
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute name: (end)
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: resolve_clnt: `' -> `xbox.joesmoe@gmail.com' -> transp=`smtp' host=`gmail.com' rcpt=`xbox.joesmoe@gmail.com' flags= class=default
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: ctable_locate: install entry key ?xbox.joesmoe@gmail.com
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: extract_addr: in: <xbox.joesmoe@gmail.com>, result: xbox.joesmoe@gmail.com
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: smtpd_check_rewrite: trying: permit_inet_interfaces
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: permit_inet_interfaces: cpe-172-101-69-50.buffalo.res.rr.com 172.101.69.50
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: fsspace: .: block size 4096, blocks free 11912855
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: smtpd_check_queue: blocks 4096 avail 11912855 min_free 0 msg_size_limit 15728640
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 250 2.1.0 Ok
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: watchdog_pat: 0x5622e8ee4bf0
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: < cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: RCPT TO:<steve@underwoodlaw.net>
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: dict_pcre_lookup: /etc/postfix/command_filter.pcre: RCPT TO:<steve@underwoodlaw.net>
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: extract_addr: input: <steve@underwoodlaw.net>
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: smtpd_check_addr: addr=steve@underwoodlaw.net
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: ctable_locate: move existing entry key xbox.joesmoe@gmail.com?steve@underwoodlaw.net
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: extract_addr: in: <steve@underwoodlaw.net>, result: steve@underwoodlaw.net
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: >>> START Client host RESTRICTIONS <<<
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: generic_checks: name=permit_sasl_authenticated
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: generic_checks: name=permit_sasl_authenticated status=0
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: generic_checks: name=reject
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: NOQUEUE: reject: RCPT from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 554 5.7.1 <cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]>: Client host rejected: Access denied; from=<xbox.joesmoe@gmail.com> to=<steve@underwoodlaw.net> proto=ESMTP helo=<underwoodlaw.net>
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: generic_checks: name=reject status=2
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: >>> END Client host RESTRICTIONS <<<
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 554 5.7.1 <cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]>: Client host rejected: Access denied
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: watchdog_pat: 0x5622e8ee4bf0
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: < cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: QUIT
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: dict_pcre_lookup: /etc/postfix/command_filter.pcre: QUIT
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: > cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 221 2.0.0 Bye
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: match_hostname: smtpd_client_event_limit_exceptions: cpe-172-101-69-50.buffalo.res.rr.com ~? 127.0.0.1
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: match_hostaddr: smtpd_client_event_limit_exceptions: 172.101.69.50 ~? 127.0.0.1
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: match_hostname: smtpd_client_event_limit_exceptions: cpe-172-101-69-50.buffalo.res.rr.com ~? [::1]
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: match_hostaddr: smtpd_client_event_limit_exceptions: 172.101.69.50 ~? [::1]
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: match_list_match: cpe-172-101-69-50.buffalo.res.rr.com: no match
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: match_list_match: 172.101.69.50: no match
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: send attr request = disconnect
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: send attr ident = submission:172.101.69.50
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: private/anvil: wanted attribute: status
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute name: status
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute value: 0
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: private/anvil: wanted attribute: (list terminator)
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: input attribute name: (end)
Nov  7 04:00:38 mail postfix/submission/smtpd[2653]: disconnect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6

7 (edited by sunderwood 2019-11-07 14:48:20)

Re: Client host rejected: Access denied 554 5.7.1

Just for more information I tested a node.js app I made with the following code and the email was delivered. The request was made from the same ip address on my home computer like i was useing in the rails app. Emailjs can be found here: https://github.com/eleith/emailjs.

This makes no sense to me.

------------------------------------------

var email = require('emailjs');

var server = email.server.connect({
  user: 'steve@underwoodlaw.net',
  password: 'xxxxxx',
  host: 'mail.underwoodlaw.net',
  tls: true
});

server.send({
  text: 'Hey howdy',
  from: 'steve@underwoodlaw.net',
  to: 'Steve <steve@underwoodlaw.net>',
  cc: '',
  subject: 'Greetings'
}, function (err, message) {
  console.log(err || message);
});

------------------------------
LOG Below:

Nov  7 06:29:21 mail postfix/submission/smtpd[5326]: connect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]
Nov  7 06:29:21 mail postfix/submission/smtpd[5326]: Anonymous TLS connection established from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)
Nov  7 06:29:21 mail postfix/submission/smtpd[5326]: 477tm14YRmz1y5r: client=cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50], sasl_method=LOGIN, sasl_username=steve@underwoodlaw.net
Nov  7 06:29:21 mail postfix/cleanup[5342]: 477tm14YRmz1y5r: message-id=<00a201d59534$b0bb2370$12316a50$@underwoodlaw.net>
Nov  7 06:29:21 mail postfix/qmgr[3537]: 477tm14YRmz1y5r: from=<steve@underwoodlaw.net>, size=17081, nrcpt=1 (queue active)
Nov  7 06:29:22 mail amavis[1381]: (01381-09) (!!)collect_results from [5352] (/usr/bin/altermime): DIED, signal 11 (008b)
Nov  7 06:29:22 mail amavis[1381]: (01381-09) (!)mangling by altermime failed: Program /usr/bin/altermime failed: 139,  at /usr/sbin/amavisd-new line 17349., mail will pass unmodified
Nov  7 06:29:22 mail postfix/10025/smtpd[5354]: connect from mail.underwoodlaw.net[127.0.0.1]
Nov  7 06:29:22 mail postfix/10025/smtpd[5354]: 477tm25jWkz21qn: client=mail.underwoodlaw.net[127.0.0.1]
Nov  7 06:29:22 mail postfix/cleanup[5342]: 477tm25jWkz21qn: message-id=<00a201d59534$b0bb2370$12316a50$@underwoodlaw.net>
Nov  7 06:29:22 mail postfix/qmgr[3537]: 477tm25jWkz21qn: from=<steve@underwoodlaw.net>, size=18426, nrcpt=1 (queue active)
Nov  7 06:29:22 mail amavis[1381]: (01381-09) Passed CLEAN {RelayedInternal},

8 (edited by sunderwood 2019-11-08 11:23:49)

Re: Client host rejected: Access denied 554 5.7.1

I have tested everything I can think of including making another form that sends html, because the form in post 7 sends the email in plain text, that worked as well.

I am sending from the same ip address using the rails app that I am in post 7, and the rails app is rejected but post 7 works.

If I send the rails app form through my other iredmail server it works fine (only difference is the version of iredmail, and it uses the stock certificate instead of letsencrypt.)

All of these tests were done with the default configuration as posted in post 6 on a new server as described in my first post.

Any ideas anyone?

9

Re: Client host rejected: Access denied 554 5.7.1

OK I got it working but I am not sure if I did it correctly (at this point i don't really care).

First,  ZhangHuangbin, if you developed iredmail you are one smart dude. There is so much going on with this, and so many services running, I can't wrap my head around it. Normally I can figure out how

anything works but this not so much.

ZhangHuangbin you were right about the the modifications I made to my old iredmail server: Steps 1-5 were mostly unnecessary and wrong. I went back and reconfigured them and found I only needed to have
ALLOWED_LOGIN_MISMATCH_SENDERS = True, in the iredapd settings for the other server to work when sending a rails form when the mail server was on the same ip address as the website contact form.  I

needed the mismatch sender modification because the rails mail_form gem uses the email address in the contact form, (ie. email address of person filling  out the contact form), instead of the default email address

sender that is set forth in application_mailer.rb.

The new iRedeasy server was a differen story. With the default settings, the form would not send at all (Client Host Rejected), but of course the javascript one would so long as the "from: field" matched the

account that I was using to access the SMTP server. Adding a custom setting in  /opt/iredmail/custom/iredapd/settings.py,  ALLOWED_LOGIN_MISMATCH_SENDERS = True, fixed the issue on the javascript

form, but still got the evil "Client Host Rejected" on my rails contact form.

At this point, nothing made sense and still doesn't. Keep in mind, that my new setup is that my rails app is running on one droplet and the mail server is on another (2 different ip addresses). They both share the

same domain with the mail server being on a subdomain. There is an A record pointing to the mail subdomain that directs to the mail server droplet ip, and a MX record pointing the domain that says that the mail

is handled by the mail subdomain. Also keep in mind that the javascript form is working.

Here is what I had to do to fix it:

nano /opt/iredmail/custom/postfix/custom.sh

postconf -e mynetworks='127.0.0.1, 122.104.69.55, 162.27.127.16'   

postconf -P "submission/inet/smtpd_client_restrictions=permit_mynetworks"

bash custom.sh
sudo service postfix restart

The  122.104.69.55  =  The WAN IP of my home computer so I can submit the form in rails development mode.
The   162.27.127.16 =  The IP of the droplet were the rails app is running so I can submit the form in production on the apache2 webserver.   

Form some unkown reason to me the postfix master.cf setting of:  -o smtpd_client_restrictions=permit_sasl_authenticated,reject kept the rails app from submitting in both development and production modes,

even with starttls set to true in the configuration (:enable_starttls_auto => true).

Both the javascript form, and the rails app, seemed to be connecting and authenticating through tls accourding to the logs.

Before I stumbled onto this fix, I tried  upgrading rails from 5.0.0.1, to 5.1,  but it did not help.

ZhangHuangbin, if you know what is causing this problem I would be interested in knowing.

The logs are really different on a successful submission between the javascript form and the rails form.

Will post the in two separate posts after this one.

10

Re: Client host rejected: Access denied 554 5.7.1

JAVASCRIPT FORM POST LOG

Nov  9 07:45:04 mail postfix/submission/smtpd[8570]: connect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]
Nov  9 07:45:04 mail postfix/submission/smtpd[8570]: Anonymous TLS connection established from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
Nov  9 07:45:04 mail postfix/submission/smtpd[8570]: 4798LS34M8z1xgY: client=cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50], sasl_method=LOGIN, sasl_username=steve@underwoodlaw.net
Nov  9 07:45:04 mail postfix/cleanup[8585]: 4798LS34M8z1xgY: message-id=<1573285504100.0.1120@Steve-PC>
Nov  9 07:45:04 mail postfix/qmgr[3691]: 4798LS34M8z1xgY: from=<xbox.joesmoe@gmail.com>, size=1346, nrcpt=1 (queue active)
Nov  9 07:45:04 mail postfix/10025/smtpd[8595]: connect from mail.underwoodlaw.net[127.0.0.1]
Nov  9 07:45:04 mail postfix/10025/smtpd[8595]: 4798LS5pVMz21r5: client=mail.underwoodlaw.net[127.0.0.1]
Nov  9 07:45:04 mail postfix/cleanup[8585]: 4798LS5pVMz21r5: message-id=<1573285504100.0.1120@Steve-PC>
Nov  9 07:45:04 mail postfix/qmgr[3691]: 4798LS5pVMz21r5: from=<xbox.joesmoe@gmail.com>, size=2867, nrcpt=1 (queue active)
Nov  9 07:45:04 mail postfix/10025/smtpd[8595]: disconnect from mail.underwoodlaw.net[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Nov  9 07:45:04 mail amavis[7948]: (07948-02) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [172.101.69.50]:28649 [172.101.69.50] <xbox.joesmoe@gmail.com> -> <steve@underwoodlaw.net>, Queue-ID: 4798LS34M8z1xgY, Message-ID: <1573285504100.0.1120@steve-pc>, mail_id: lDhkG5gNyCiB, Hits: 3.027, size: 1346, queued_as: 4798LS5pVMz21r5, dkim_new=dkim:underwoodlaw.net, 248 ms, Tests: [ALL_TRUSTED=0.1,DKIM_ADSP_CUSTOM_MED=0.001,FORGED_GMAIL_RCVD=1,FREEMAIL_FROM=0.001,HTML_MESSAGE=0.001,MPART_ALT_DIFF=0.724,NML_ADSP_CUSTOM_MED=1.2]
Nov  9 07:45:04 mail postfix/amavis/smtp[8590]: 4798LS34M8z1xgY: to=<steve@underwoodlaw.net>, relay=127.0.0.1[127.0.0.1]:10026, delay=0.48, delays=0.21/0.01/0.01/0.25, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4798LS5pVMz21r5)
Nov  9 07:45:04 mail postfix/qmgr[3691]: 4798LS34M8z1xgY: removed
Nov  9 07:45:04 mail postfix/pipe[8596]: 4798LS5pVMz21r5: to=<steve@underwoodlaw.net>, relay=dovecot, delay=0.06, delays=0.01/0.02/0/0.04, dsn=2.0.0, status=sent (delivered via dovecot service)
Nov  9 07:45:04 mail postfix/qmgr[3691]: 4798LS5pVMz21r5: removed
Nov  9 07:45:05 mail postfix/submission/smtpd[8570]: disconnect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8

11

Re: Client host rejected: Access denied 554 5.7.1

RAILS FORM LOG (mail_form gem, and simple_form gem)

ov  9 08:06:31 mail postfix/submission/smtpd[9241]: connect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]
Nov  9 08:06:31 mail postfix/submission/smtpd[9241]: Anonymous TLS connection established from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Nov  9 08:06:31 mail postfix/submission/smtpd[9241]: 4798qC6X3lz1xgY: client=cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]
Nov  9 08:06:32 mail postfix/cleanup[9256]: 4798qC6X3lz1xgY: message-id=<5dc67387bb27c_734476be1c6794f@Steve-PC.mail>
Nov  9 08:06:32 mail postfix/qmgr[3691]: 4798qC6X3lz1xgY: from=<xbox.joesmoe@gmail.com>, size=1195, nrcpt=1 (queue active)
Nov  9 08:06:32 mail postfix/submission/smtpd[9241]: disconnect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
Nov  9 08:06:32 mail postfix/10025/smtpd[9265]: connect from mail.underwoodlaw.net[127.0.0.1]
Nov  9 08:06:32 mail postfix/10025/smtpd[9265]: 4798qD216Hz21r5: client=mail.underwoodlaw.net[127.0.0.1]
Nov  9 08:06:32 mail postfix/cleanup[9256]: 4798qD216Hz21r5: message-id=<SAPYCTAGKWW249@mail.underwoodlaw.net>
Nov  9 08:06:32 mail postfix/qmgr[3691]: 4798qD216Hz21r5: from=<postmaster@mail.underwoodlaw.net>, size=4934, nrcpt=1 (queue active)
Nov  9 08:06:32 mail postfix/10025/smtpd[9265]: disconnect from mail.underwoodlaw.net[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Nov  9 08:06:32 mail postfix/10025/smtpd[9265]: connect from mail.underwoodlaw.net[127.0.0.1]
Nov  9 08:06:32 mail postfix/local[9266]: 4798qD216Hz21r5: to=<virusalert@mail.underwoodlaw.net>, relay=local, delay=0.04, delays=0.01/0.02/0/0.02, dsn=5.1.1, status=bounced (unknown user: "virusalert")
Nov  9 08:06:32 mail postfix/cleanup[9256]: 4798qD2JJzz21tm: message-id=<4798qD2JJzz21tm@mail.underwoodlaw.net>
Nov  9 08:06:32 mail postfix/qmgr[3691]: 4798qD2JJzz21tm: from=<>, size=7041, nrcpt=1 (queue active)
Nov  9 08:06:32 mail postfix/10025/smtpd[9265]: 4798qD2MhFz21tn: client=mail.underwoodlaw.net[127.0.0.1]
Nov  9 08:06:32 mail postfix/local[9266]: warning: required alias not found: postmaster
Nov  9 08:06:32 mail postfix/local[9266]: 4798qD2JJzz21tm: to=<postmaster@mail.underwoodlaw.net>, relay=local, delay=0.02, delays=0.01/0.01/0/0, dsn=2.0.0, status=sent (discarded)
Nov  9 08:06:32 mail postfix/qmgr[3691]: 4798qD2JJzz21tm: removed
Nov  9 08:06:32 mail postfix/cleanup[9256]: 4798qD2MhFz21tn: message-id=<5dc67387bb27c_734476be1c6794f@Steve-PC.mail>
Nov  9 08:06:32 mail postfix/bounce[9268]: 4798qD216Hz21r5: sender non-delivery notification: 4798qD2JJzz21tm
Nov  9 08:06:32 mail postfix/qmgr[3691]: 4798qD216Hz21r5: removed
Nov  9 08:06:32 mail postfix/10025/smtpd[9265]: disconnect from mail.underwoodlaw.net[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Nov  9 08:06:32 mail postfix/qmgr[3691]: 4798qD2MhFz21tn: from=<xbox.joesmoe@gmail.com>, size=2291, nrcpt=1 (queue active)
Nov  9 08:06:32 mail amavis[7948]: (07948-04) Passed SPAM {RelayedTaggedInternal}, ORIGINATING LOCAL [172.101.69.50]:28795 [172.101.69.50] <xbox.joesmoe@gmail.com> -> <steve@underwoodlaw.net>, Queue-ID: 4798qC6X3lz1xgY, Message-ID: <5dc67387bb27c_734476be1c6794f@steve-pc.mail>, mail_id: PYCTAGKWW249, Hits: 18.995, size: 1194, queued_as: 4798qD2MhFz21tn, 306 ms, Tests: [DKIM_ADSP_CUSTOM_MED=0.001,FORGED_GMAIL_RCVD=1,FREEMAIL_FROM=0.001,HTML_MESSAGE=0.001,HTML_MIME_NO_HTML_TAG=0.635,KHOP_HELO_FCRDNS=0.4,MIME_HTML_ONLY=0.1,NML_ADSP_CUSTOM_MED=1.2,RCVD_IN_PBL=10,RDNS_DYNAMIC=0.363,SPF_HELO_FAIL=0.001,SPF_SOFTFAIL=0.972,SPOOFED_FREEMAIL=1.999,TO_NO_BRKTS_DYNIP=2.322]
Nov  9 08:06:32 mail postfix/amavis/smtp[9261]: 4798qC6X3lz1xgY: to=<steve@underwoodlaw.net>, relay=127.0.0.1[127.0.0.1]:10026, delay=0.51, delays=0.17/0.02/0/0.32, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4798qD2MhFz21tn)
Nov  9 08:06:32 mail postfix/qmgr[3691]: 4798qC6X3lz1xgY: removed
Nov  9 08:06:32 mail postfix/pipe[9270]: 4798qD2MhFz21tn: to=<steve@underwoodlaw.net>, relay=dovecot, delay=0.07, delays=0.02/0.02/0/0.03, dsn=2.0.0, status=sent (delivered via dovecot service)
Nov  9 08:06:32 mail postfix/qmgr[3691]: 4798qD2MhFz21tn: removed

12

Re: Client host rejected: Access denied 554 5.7.1

So sorry about my late reply.

Please read my full reply in this post BEFORE you change any settings on iRedMail server, because you don't need to change anything on iRedMail server.

It was "caused" by one rule in file /etc/postfix/rdns_access.pcre (used in postfix main.cf, parameter "smtpd_client_restrictions"), you can check it like this:

# cd /etc/postfix/
# grep 'cpe' rdns_access.pcre  | grep rr
...
/^cpe(-[12]?[0-9]{1,2}){4}\.[a-z]{2,6}\.rr\.com$/ REJECT Generic - Please relay via ISP (rr.com)

With this rule, connection from IP addresses (which resolved to DNS name "cpe-<ip>.<...>.rr.com") to port 25 will be blocked directly.

BUT we still allow connections from these (actually, all) IP addresses to port 587 (defined in /etc/postfix/master.cf, transport "submission"). This way we block all (bad) connections which trying to prevent they're a MTA and send spams, but still allows normal users who have a working smtp username+password to send emails.

According to pasted log in your 4rd reply in this thread, your application didn't perform SMTP authentication at all:

Nov  7 01:28:27 mail postfix/submission/smtpd[18491]: connect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]
Nov  7 01:28:27 mail postfix/submission/smtpd[18491]: Anonymous TLS connection established from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Nov  7 01:28:27 mail postfix/submission/smtpd[18491]: NOQUEUE: reject: RCPT from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]: 554 5.7.1 <cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50]>: Client host rejected: Access denied; from=<steve@mrsumppump.com> to=<steve@underwoodlaw.net> proto=ESMTP helo=<underwoodlaw.net>
Nov  7 01:28:28 mail postfix/submission/smtpd[18491]: disconnect from cpe-172-101-69-50.buffalo.res.rr.com[172.101.69.50] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6

With smtp authentication enabled (on your application or MUA side) and working correctly, you should see log LIKE below among above log lines:

Nov 11 15:50:24 <hostname> postfix/submission/smtpd[5796]: <queue-id>: client=<hostname>[<remote-ip>], sasl_method=LOGIN, sasl_username=<full-email-address>

You may feel weird that your application did have smtp authentication enabled, but i'm just telling the fact based on your  pasted log, it didn't enable smtp auth.

13

Re: Client host rejected: Access denied 554 5.7.1

What you said in Post 12 makes perfect sense to me. I will revert that setting  and see if I can figure out why the app is not authenticating  SMTP.   Thanks for your reply, and for figuring out the problem even though it was never an iredmail issue.

14

Re: Client host rejected: Access denied 554 5.7.1

OK I figured it out finally.  The problem was I was using local_env.yml to bring in the authorization credentials, and they were not being imported or used to make the secured connection on port 587, so smtp auth was not working (just like you said in your last post).

This following section of production.rb and and development.rb, setting up the smtp credentials.

:user_name => ENV['APP_USERNAME'],
:password => ENV['APP_PASSWORD'],

The problem was that I had nothing in my application.rb to do the importing and parsing (you would think that you would get an error message from rails about it).

If you use this method and store your credentials in local_env.yml the you need the following code inside you app beginning with config.before...


module YourApp
  class Application < Rails::Application

    config.before_configuration do
      env_file = File.join(Rails.root, 'config', 'local_env.yml')
      YAML.load(File.open(env_file)).each do |key, value|
        ENV[key.to_s] = value
      end if File.exists?(env_file)
    end

  end
end


That fixed it so I only need one modification (ALLOWED_LOGIN_MISMATCH_SENDERS = True)
and I reverted all the other changes.

All that drama for just that.

Thanks,  ZhangHuangbin I would never have figured it out without your last post.

15

Re: Client host rejected: Access denied 554 5.7.1

Here is My Log for the form submission after repaired:

Nov 14 03:56:00 mail postfix/submission/smtpd[27835]: connect from underwoodlaw.net[165.227.127.168]
Nov 14 03:56:00 mail postfix/submission/smtpd[27835]: Anonymous TLS connection established from underwoodlaw.net[165.227.127.168]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Nov 14 03:56:00 mail postfix/submission/smtpd[27835]: 47D71r4l3dz1wc3: client=underwoodlaw.net[165.227.127.168], sasl_method=PLAIN, sasl_username=steve@underwoodlaw.net
Nov 14 03:56:00 mail postfix/cleanup[27854]: 47D71r4l3dz1wc3: message-id=<5dccd0506d85e_288c1428884969ea@underwoodlaw.net.mail>
Nov 14 03:56:00 mail postfix/qmgr[25129]: 47D71r4l3dz1wc3: from=<xbox.joesmoe@gmail.com>, size=1157, nrcpt=1 (queue active)
Nov 14 03:56:00 mail postfix/submission/smtpd[27835]: disconnect from underwoodlaw.net[165.227.127.168] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8
Nov 14 03:56:00 mail postfix/10025/smtpd[27864]: connect from mail.underwoodlaw.net[127.0.0.1]
Nov 14 03:56:00 mail postfix/10025/smtpd[27864]: 47D71r6pdFz1wc4: client=mail.underwoodlaw.net[127.0.0.1]
Nov 14 03:56:00 mail postfix/cleanup[27854]: 47D71r6pdFz1wc4: message-id=<5dccd0506d85e_288c1428884969ea@underwoodlaw.net.mail>
Nov 14 03:56:00 mail postfix/qmgr[25129]: 47D71r6pdFz1wc4: from=<xbox.joesmoe@gmail.com>, size=2734, nrcpt=1 (queue active)
Nov 14 03:56:00 mail postfix/10025/smtpd[27864]: disconnect from mail.underwoodlaw.net[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Nov 14 03:56:00 mail amavis[25173]: (25173-19) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [165.227.127.168]:55806 [165.227.127.168] <xbox.joesmoe@gmail.com> -> <steve@underwoodlaw.net>, Queue-ID: 47D71r4l3dz1wc3, Message-ID: <5dccd0506d85e_288c1428884969ea@underwoodlaw.net.mail>, mail_id: 1shkN1EyQIrl, Hits: 3.038, size: 1156, queued_as: 47D71r6pdFz1wc4, dkim_new=dkim:underwoodlaw.net, 237 ms, Tests: [ALL_TRUSTED=0.1,DKIM_ADSP_CUSTOM_MED=0.001,FORGED_GMAIL_RCVD=1,FREEMAIL_FROM=0.001,HTML_MESSAGE=0.001,HTML_MIME_NO_HTML_TAG=0.635,MIME_HTML_ONLY=0.1,NML_ADSP_CUSTOM_MED=1.2]
Nov 14 03:56:00 mail postfix/amavis/smtp[27859]: 47D71r4l3dz1wc3: to=<steve@underwoodlaw.net>, relay=127.0.0.1[127.0.0.1]:10026, delay=0.35, delays=0.09/0.02/0.01/0.24, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 47D71r6pdFz1wc4)
Nov 14 03:56:00 mail postfix/qmgr[25129]: 47D71r4l3dz1wc3: removed
Nov 14 03:56:01 mail postfix/pipe[27865]: 47D71r6pdFz1wc4: to=<steve@underwoodlaw.net>, relay=dovecot, delay=0.07, delays=0.01/0.02/0/0.04, dsn=2.0.0, status=sent (delivered via dovecot service)
Nov 14 03:56:01 mail postfix/qmgr[25129]: 47D71r6pdFz1wc4: removed