docker icon indicating copy to clipboard operation
docker copied to clipboard

Published 20 hours ago verified publisher icon anonaddy

Relay access denied

Open hairy-tortoise opened this issue 1 year ago • 2 comments

Behaviour

Steps to reproduce this issue

  1. Send EMail to Alias

Expected behaviour

EMails arrives at recipient

Actual behaviour

EMail doesnt get delivered

Configuration

  • Docker version (type docker --version) : Docker version 20.10.17, build 100c701
  • Docker compose version if applicable (type docker-compose --version) : I use build in docker compose
  • Platform (Debian 9, Ubuntu 18.04, ...) : Debian11
  • System info (type uname -a) : Linux server 5.10.0-17-amd64 # 1 SMP Debian 5.10.136-1 (2022-08-13) x86_64 GNU/Linux
  • Include all necessary configuration files : docker-compose.yml, .env, ...
version: "3.5"

services:
  db:
    image: mariadb:10.5
    container_name: anonaddy_db
    command:
      - "mysqld"
      - "--character-set-server=utf8mb4"
      - "--collation-server=utf8mb4_unicode_ci"
    volumes:
      - "./db:/var/lib/mysql"
    environment:
      - "MYSQL_ALLOW_EMPTY_PASSWORD=yes"
      - "MYSQL_DATABASE"
      - "MYSQL_USER"
      - "MYSQL_PASSWORD"
    restart: always
    networks:
      - default

  redis:
    image: redis:4.0-alpine
    container_name: anonaddy_redis
    restart: always
    networks:
      - default

  anonaddy:
    image: anonaddy/anonaddy:latest
    container_name: anonaddy
    security_opt:
      - no-new-privileges:true
    depends_on:
      - db
      - redis
    ports:
      - "25:25"
      - "127.0.0.1:8000:8000"
      - "127.0.0.1:11334:11334"
    volumes:
      - "./data:/data"
    env_file:
      - "./anonaddy.env"
    environment:
      - "DB_HOST=anonaddy_db"
      - "DB_DATABASE=${MYSQL_DATABASE}"
      - "DB_USERNAME=${MYSQL_USER}"
      - "DB_PASSWORD=${MYSQL_PASSWORD}"
      - "REDIS_HOST=redis"
    restart: always
    networks:
      - NPM
      - default

networks:
  NPM:
    external: true

MYSQL_DATABASE=anonaddy
MYSQL_USER=anonaddy
MYSQL_PASSWORD=******************

TZ=Europe/Berlin
PUID=1001
PGID=1001

DB_HOST=anonaddy_db
DB_PASSWORD=******************
DB_TIMEOUT=30

MEMORY_LIMIT=512M
UPLOAD_MAX_SIZE=32M
OPCACHE_MEM_SIZE=256
REAL_IP_FROM=0.0.0.0/32
REAL_IP_HEADER=X-Forwarded-For
LOG_IP_VAR=remote_addr

APP_KEY=*****************************
APP_DEBUG=false
APP_URL=https://anon.domain.de

[email protected]
ANONADDY_ADMIN_USERNAME=domain
ANONADDY_ENABLE_REGISTRATION=false
ANONADDY_DOMAIN=domain.de
ANONADDY_ALL_DOMAINS=domain.de
ANONADDY_HOSTNAME=mail.domain.de
ANONADDY_DNS_RESOLVER=1.1.1.1
ANONADDY_SECRET=*********************************************************
ANONADDY_LIMIT=200
ANONADDY_BANDWIDTH_LIMIT=104857600
ANONADDY_NEW_ALIAS_LIMIT=10
ANONADDY_ADDITIONAL_USERNAME_LIMIT=3

MAIL_ENCRYPTION=tls

MAIL_FROM_NAME=AnonAddy
[email protected]

POSTFIX_DEBUG=false
POSTFIX_SMTPD_TLS=false
POSTFIX_SMTP_TLS=false

RSPAMD_ENABLE=true
RSPAMD_WEB_PASSWORD=*******************************

Docker info

> Output of command `docker info`
Client:
 Context:    default
 Debug Mode: false
 Plugins:
  app: Docker App (Docker Inc., v0.9.1-beta3)
  buildx: Docker Buildx (Docker Inc., v0.8.2-docker)
  compose: Docker Compose (Docker Inc., v2.6.0)
  scan: Docker Scan (Docker Inc., v0.17.0)

Server:
 Containers: 6
  Running: 6
  Paused: 0
  Stopped: 0
 Images: 6
 Server Version: 20.10.17
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runtime.v1.linux runc io.containerd.runc.v2
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 9cd3357b7fd7218e4aec3eae239db1f68a5a6ec6
 runc version: v1.1.4-0-g5fd4c4d
 init version: de40ad0
 Security Options:
  apparmor
  seccomp
   Profile: default
  cgroupns
 Kernel Version: 5.10.0-17-amd64
 Operating System: Debian GNU/Linux 11 (bullseye)
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 7.771GiB
 Name: server
 ID: CB4O:AGAF:OK64:TUCV:QVNL:DGU3:QAKV:I5N4:IR4M:IYUA:M3CA:ABCW
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Logs

anonaddy        | Sep 07 09:07:16 mail postfix/smtpd[6847]: connect from mail-40140.protonmail.ch[185.70.40.140]
anonaddy        | Sep 07 09:07:16 mail postfix/smtpd[6847]: NOQUEUE: reject: RCPT from mail-40140.protonmail.ch[185.70.40.140]: 554 5.7.1 <[email protected]>: Relay access denied; from=<********@proton.me> to=<[email protected]> proto=ESMTP helo=<mail-40140.protonmail.ch>
anonaddy        | Sep 07 09:07:16 mail postfix/smtpd[6847]: using backwards-compatible default setting smtpd_relay_before_recipient_restrictions=no to reject recipient "[email protected]" from client "mail-40140.protonmail.ch[185.70.40.140]"
anonaddy        | Sep 07 09:07:16 mail postfix/smtpd[6847]: disconnect from mail-40140.protonmail.ch[185.70.40.140] ehlo=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=4/6

hairy-tortoise avatar Sep 07 '22 07:09 hairy-tortoise

The postfix logs show that you are attempting to deliver to [email protected] but you have used domain.de in ANONADDY_DOMAIN and ANONADDY_ALL_DOMAINS.

If you will be creating aliases at the subdomain mail.domain.de and not domain.de then you need to update this in those variables.

willbrowningme avatar Sep 07 '22 08:09 willbrowningme

@hairy-tortoise did you try this again after adding mail.domain.de to the above variables?

willbrowningme avatar Sep 12 '22 07:09 willbrowningme