Sending E-Mail to External Domains: Relay Access Denied (Openexchange Server 4)

Support knowledgebase (rsimai_slox_relay_access_denied)

Symptom

When trying to send an e-mail message to an external domain not included on the Openexchange Server, the sender receives a message similar to this:
Message could not be delivered: one of the recipients was rejected by 
the server. The rejected e-mail address is 'user@external_domain.com'. Subject '$Subject', 
account: 'account_name_in_client', server: 'openexchange.domain.com', protocol: 
SMTP, server reply: '554 <user@external_domain.com>: recipient address 
rejected: Relay access denied', port: 25, Secure(SSL): no, 
server error: 554, error code: 0x800CCC79
At any case, the following server notification is included:
Recipient address rejected: Relay access denied
This problem does not arise when sending e-mail messages through the web mailer.

Cause

The sending mail client is not included in the same IP domain as the Openexchange Server. Thus, its IP address is not trustworthy and the server does not allow relaying.
Relaying is only allowed by the server in the following cases:
  1. the client's IP address is located on the same network as the server, or
  2. SMTP-AUTH (SASL) has been activated on the server and the client has been configured accordingly, or
  3. the client is able to use certificates and a client certificate has been issued and imported in the client, or
  4. POP before SMTP has been configured on the server and the client has successfully logged in via POP or IMAP.

Solutions

You can choose from any of these solutions:
  1. Include the client's network among the networks trusted by the server: "The Postfix Parameter "mynetworks"" (http://sdb.suse.de/en/sdb/html/jdinten_imapIII_subnetz.html)
  2. Activate SMTP-AUTH in the configuration frontend as cyrus (Mail, Postfix, SMTP-AUTH, on). Then configure the client and enter the user name and password in the SMTP settings.
  3. Issue a CA, a server certificate, and a client certificate (see manual).
  4. Set up POP before SMTP as described in "Setting Up Pop before SMTP on Openexchange Server" (http://sdb.suse.de/en/sdb/html/rsimai_slox_drac.html)

Keywords: OPENEXCHANGESERVER, SLOX, RELAY, ACCESS, DENIED

Categories: SuSE Linux IMAP Server

SDB-rsimai_slox_relay_access_denied, Copyright SuSE Linux AG, Nürnberg, Germany - Version: 10. Apr 2003
SuSE Linux AG - Last generated: 10. Apr 2003 by ip (sdb_gen 1.40.0)