[Pkg-exim4-users] Getting 550 relay not permitted, I tried all sorts of things still getting error

Peter Gossner gossner at internode.on.net
Wed Apr 3 03:14:33 UTC 2013 

On Tue, 2 Apr 2013 21:07:09 +0200
Marc Haber scribed:

> On Tue, Apr 02, 2013 at 12:59:43PM +1030, Peter Gossner wrote:
> > On Mon, 1 Apr 2013 16:38:33 +0200
> > Marc Haber scribed:
> > > On Sat, Mar 30, 2013 at 07:49:47AM +1030, Peter Gossner wrote:
> > > > So we need to tell hyperion that it can relay for the IP
> > > > address 64.251.17.25/32 
> > > 
> > > Why?
> > 
> > Hmm maybe I had that backward. ?
> > 
> > I think the real confusion lay with the docs implying that setting a
> > netspace make the host a smarthost, and the google reject error..
> 
> I neither understand where the IP address comes from nor why the
> address was added there.
> 
> An IP address range for dc_relay_nets makes the host a smarthost for
> this IP address range. That is, it will relay _any_ message coming in
> from this IP address range.
> 
> A correctly configured host will accept incoming mail for its local
> domains from any IP address. This is the intended behavior for an MX
> server. A message coming in from a lesser priority MX will be
> accepted. It is just a normal incoming message.
> 
> A host configured to be secondary MX (this is not the case for the
> OP's machine) needs to have the domains it should MX for in
> dc_relay_domains, causing it to accept mail for these domains from
> arbitrary IP addresses and to continue to relay the message according
> to the MX records from public DNS.
> 
> > Quite right I should have asked for log info.
> > The given solution worked though.
> 
> I suspect that the change from "not working" to "working" is unrelated
> to your suggested change.
> 
> Greetings
> Marc
> 

HI Marc,
Thanks for your response.

My understanding of a smarthost may be flawed but it goes like this:
 a smarthost is an upstream host that I locally send _all remote_
 mail to .

There are also usage cases of some subsets which may also be virtuals,
or even plain old  dot forwards.

I have a longer rather more verbose reply in process but I think I will
track back through the mail and see where I stuffed up :)

Essentially my intention was to remove the DNS issue from the process
as it included dyndns (which in itsef may be fine) but may or may not
be up to date for any given service . 

The OP also had little experience of virtuals or AUTH based connections.
(which is how I have solved dynamic based issues in the past)

More later have to go now.
Thanks though for  laying it out nice and clearly.


--Pete 
Slavery is but half abolished, emancipation is but half completed, 
while millions of freemen with votes in their hands 
are left without education. 
    -- Robert Charles Winthrop
    Yorktown Oration (1881)
     
Peter Gossner <gossner at internode.on.net>
Peter Gossner <pete.gossner at gmail.com>
https://linuxcounter.net/user/224507.html

More information about the Pkg-exim4-users mailing list