1

I have setup postfix on CentOS and trying to configure phpmailer with smtp authentication.

Phpmailer will only work if i put 0.0.0.0/0 under mynetworks in postfix main.conf

mynetworks = 127.0.0.0/8, [::ffff:127.0.0.0]/104, [::1]/128, 0.0.0.0/0

But in this thread (How do I configure PostFix to allow other machines to send out email through it? ) someone said don't put 0.0.0.0/0 in mynetworks since it can cause spam problems, etc.

Can someone please advice what should I do, to keep my server out of spam problems and also to to work phpmailer?

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
myhostname = example.com
mydomain = example.com
myorigin = /etc/mailname
inet_interfaces = all
inet_protocols = all
mydestination = localhost.localdomain localhost $mydomain
virtual_alias_maps = hash:/etc/postfix/virtual
unknown_local_recipient_reject_code = 550
mynetworks = 127.0.0.0/8, [::ffff:127.0.0.0]/104, [::1]/128, 0.0.0.0/0
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, permit
relayhost = 
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/postfix/virtual
mailbox_size_limit = 0
recipient_delimiter = +
home_mailbox = Maildir/
smtpd_use_tls = yes
#smtpd_tls_auth_only = yes
smtpd_tls_key_file  = /etc/pki/tls/private/my.key
smtpd_tls_cert_file = /etc/pki/tls/certs/my.crt
smtpd_tls_CAfile = /etc/pki/tls/certs/my.ca-bundle
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
#smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_security_level = may
#SASL SMTP Authentication
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_authenticated_header = yes
debug_peer_level = 2
debugger_command =
     PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
     ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.6.6/samples
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES

if i remove 0.0.0.0/0 and keep only mynetworks = 127.0.0.0/8, [::ffff:127.0.0.0]/104, [::1]/128

phpmailer says it cant sent mail..

phpmailer debug...

2014-11-23 04:57:10 SERVER -> CLIENT: 220 myhost.com ESMTP Postfix
2014-11-23 04:57:10 CLIENT -> SERVER: EHLO www.myhost.com
2014-11-23 04:57:10 SERVER -> CLIENT: 250-myhost.com
                              250-PIPELINING
                              250-SIZE 10240000
                              250-VRFY
                              250-ETRN
                              250-STARTTLS
                              250-AUTH LOGIN PLAIN
                              250-AUTH=LOGIN PLAIN
                              250-ENHANCEDSTATUSCODES
                              250-8BITMIME
                              250 DSN
2014-11-23 04:57:10 CLIENT -> SERVER: AUTH LOGIN
2014-11-23 04:57:10 SERVER -> CLIENT: 334 VXNlcm5hbWU6
2014-11-23 04:57:10 CLIENT -> SERVER: XXXX
2014-11-23 04:57:10 SERVER -> CLIENT: 334 UGFzc3dvcmQ6
2014-11-23 04:57:10 CLIENT -> SERVER: XXXX
2014-11-23 04:57:10 SERVER -> CLIENT: 235 2.7.0 Authentication successful
2014-11-23 04:57:10 CLIENT -> SERVER: MAIL FROM: sender@example.com
2014-11-23 04:57:10 SERVER -> CLIENT: 250 2.1.0 Ok
2014-11-23 04:57:10 CLIENT -> SERVER: RCPT TO: someone@yahoo.com
2014-11-23 04:57:10 SERVER -> CLIENT: 554 5.7.1 :Relay access denied
2014-11-23 04:57:10 SMTP ERROR: RCPT TO command failed: 554 5.7.1 : Relay access denied
2014-11-23 04:57:10 CLIENT -> SERVER: QUIT
2014-11-23 04:57:10 SERVER -> CLIENT: 221 2.0.0 Bye
2014-11-23 04:57:10 SMTP Error: The following recipients failed: someone@yahoo.com Mailer Error: SMTP Error: The following recipients failed: someone@yahoo.com

and postfix error log

myhost postfix/smtpd[8272]: connect from myhost.com[168.x.x.x]
myhost postfix/smtpd[8272]: NOQUEUE: reject: RCPT from myhost.com[168.x.x.x]: 
554 5.7.1 <mymail@yahoo.com>: Relay access denied; from=<ara@myhost.com> 
to=<mymail@yahoo.com> proto=ESMTP helo=<www.myhost.com>Nov 22 23:57:10 myhost 
postfix/smtpd[8272]: disconnect from myhost.com[168.x.x.x]

Php mailer settings (I have changed only index of php mailer. other files keep as it is/untouched)

<!DOCTYPE html>
<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
    <title>PHPMailer - SMTP email test</title>
</head>
<body>
<?php

//SMTP needs accurate times, and the PHP time zone MUST be set
//This should be done in your php.ini, but this is how to do it if you don't have access to that
date_default_timezone_set('Etc/UTC');

require 'PHPMailerAutoload.php';

//Create a new PHPMailer instance
$mail = new PHPMailer();
$mail->isSMTP();
$host = "myhost.com";
$username = "ara";
$password = "ara";
$Port = 25;

$mail->FromName = "Mail from gottsf3 ";
$mail->From = "ara@myhost.com";
$mail->Host = $host;
$mail->Port = $Port;
//$mail->SMTPSecure = 'tls'; //optional 
$mail->SMTPAuth = true;
$mail->Username = $username;
$mail->Password = $password;


$mail->AddAddress("someone@yahoo.com");
$mail->Subject = 'gottsf3PHPMailer - SMTP email test';
$mail->Body = 'This is a plain-text message body';
$mail->SMTPDebug  = 2;

//send the message, check for errors
if (!$mail->send()) {
    echo "Mailer Error: " . $mail->ErrorInfo;
} else {
    echo "Message sent!";
}
?>
</body>
</html>
Aravinda
  • 1,101
  • 5
  • 12
  • 30
  • 2
    First remove that 0.0.0.0 as soon as possible. That makes you an open relay and you will be delivering _a lot of spam_ sent by third parties. Second, how did you configure phpmailer? – Michael Hampton Nov 23 '14 at 05:15
  • added php mailer settings in the question.. apology for not including it at the first place.. Not only php mailer, any client (outlook/thunderbird) will n ot work if i remove 0.0.0.0/0.. That's where im stuck... – Aravinda Nov 23 '14 at 05:30
  • 2
    Your mail clients should not be connecting to port 25 at all, but port 587. But that's a whole separate issue. – Michael Hampton Nov 23 '14 at 05:31

2 Answers2

4

You should be configuring phpmailer to connect to localhost, not to the hostname of the machine (which will then use its external IP address to connect).

Localhost is allowed to relay mail through postfix by mynetworks, but when you connect with the hostname it's via the public IP address, which is not allowed to relay.

Michael Hampton
  • 244,070
  • 43
  • 506
  • 972
  • yes that solved my problem regarding phpmailer.. but at the same time if i wish to use outlook how to correct mynetworks settings..unfortunately outlook also works only if i use 0.0.0.0/0 – Aravinda Nov 23 '14 at 05:56
  • @user3107413 As I already said, that's a separate issue, and they aren't supposed to connect to port 25 at all. – Michael Hampton Nov 23 '14 at 15:15
  • I have added port 587 on master.conf.. Outlook successfully connects on both port 25 or 587...(outlook mail testing option on account settings confirms both send receive are ok) but can't send mails .. outlook returns a fail message.. Undeliverable: ara is testing port 587 System Administrator Your message did not reach some or all of the intended recipients. Subject: Sent: The following recipient(s) cannot be reached: 'my name' on 11/23/2014 Server error: '554 5.7.1 : Relay access denied' – Aravinda Nov 23 '14 at 15:45
  • same postfix error will return... NOQUEUE: reject: RCPT from myhost.com[168.x.x.x]: 554 5.7.1 : Relay access denied; from= ...........and at this point also if i add 0.0.0.0/0 under network setting it will work.. – Aravinda Nov 23 '14 at 15:51
-1

I could fix by adding the following in postfix /etc/postfix/master.cf..

smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination

Relay access denied is not only for PHPmailer..its for any client Outlook, Thunderbird etc... Putting localhost is a workaround not a complete fix.. for example when PHPmailer/web server is a different server, which is isolated from postfix email server you can't put localhost..

More about smtpd_recipient_restrictions, please chick this https://stackoverflow.com/questions/18318789/linux-postfix-dovecot-554-relay-access-denied

frmbelz
  • 109
  • 5
Aravinda
  • 1,101
  • 5
  • 12
  • 30