Dec 29, 2023: iRedMail-1.6.8 has been released.

fv · 2023-08-05 03:39:06

fv
Member
Offline

Registered: 2021-06-17
Posts: 21

Topic: Client host rejected: Access denied (even with permitted network)

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9
- Deployed with iRedMail Easy or the downloadable installer? downloadable
- Linux/BSD distribution name and version: CentOS 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MYSQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Hello!

I am trying to get a webform submission from a server (140.X.X.X) to send email to my mail server (beacon). I have configured 140.X.X.X with postfix and set it to send mail on 587 with authentication. I have configured beacon by adding 140.X.X.X to $mynetworks in main.cf and iredapd conf.

When I send email from 140.X.X.X to beacon I get the following error in the maillog:

Aug  4 19:31:13 beacon postfix/submission/smtpd[10993]: connect from unknown[140.X.X.X]
Aug  4 19:31:14 beacon postfix/submission/smtpd[10993]: Anonymous TLS connection established from unknown[140.X.X.X]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Aug  4 19:31:15 beacon postfix/submission/smtpd[10993]: NOQUEUE: reject: RCPT from unknown[140.X.X.X]: 554 5.7.1 <unknown[140.X.X.X]>: Client host rejected: Access denied; from=<admin@example.llc> to=<admin@example.llc> proto=ESMTP helo=<example.llc>
Aug  4 19:31:15 beacon postfix/submission/smtpd[10993]: disconnect from unknown[140.X.X.X]
Aug  4 19:31:15 beacon postfix/submission/smtpd[10993]: connect from unknown[140.X.X.X]
Aug  4 19:31:16 beacon postfix/submission/smtpd[10993]: Anonymous TLS connection established from unknown[140.X.X.X]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Aug  4 19:31:17 beacon postfix/submission/smtpd[10993]: NOQUEUE: reject: RCPT from unknown[140.238.96.113]: 554 5.7.1 <unknown[140.X.X.X]>: Client host rejected: Access denied; from=<> to=<admin@example.llc> proto=ESMTP helo=<example.llc>
Aug  4 19:31:17 beacon postfix/submission/smtpd[10993]: disconnect from unknown[140.X.X.X]

Why will this not work even though the IP is permitted and it is authenticating?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

**ZhangHuangbin** · 2023-08-06 12:59:29

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 30,793

Re: Client host rejected: Access denied (even with permitted network)

In postfix /etc/postfix/master.cf, submission service is not configured to bypass trusted networks, but only smtp authenticated clients.

The simplest and BEST solution is enabling smtp auth in your web form.

fv · 2023-08-07 23:58:04

fv
Member
Offline

Registered: 2021-06-17
Posts: 21

Re: Client host rejected: Access denied (even with permitted network)

Thank you Huangbin!

I got it working with smtp authentication.

Dec 29, 2023: iRedMail-1.6.8 has been released.

[ Closed ] Client host rejected: Access denied (even with permitted network)

Posts: 3

1 Topic by fv 2023-08-05 03:39:06

Topic: Client host rejected: Access denied (even with permitted network)

2 Reply by ZhangHuangbin 2023-08-06 12:59:29

Re: Client host rejected: Access denied (even with permitted network)

3 Reply by fv 2023-08-07 23:58:04

Re: Client host rejected: Access denied (even with permitted network)

Posts: 3