I can't seem to send to internal or external clients at all, neither works. I'll ask the ISP to provide some kind of reverse for that IP address to see if it helps.
Mike
les wrote:kazinvan wrote:I'm trying to send mail from an ERP application to both internal and external email accounts. The sender address in the ERP app is a valid Scalix account, but SMTP auth is not an option so connections are anonymous.
The IP of the server running the ERP is 205.206.209.124. I have added these lines to smtpd.cfg:
RELAY accept 205.206.209.
ANONYMOUS accept 205.206.209.
Restarted the SMTP service, but I still get these errors:
class com.sun.mail.smtp.SMTPAddressFailedException: 550 5.7.1 <me@domain.com>... Relaying denied. IP name lookup failed [205.206.209.124]
Now is that a relaying problem or a DNS problem?
I added an entry to /etc/hosts for that IP address but not sure if it needs proper DNS resolution. Any suggestions on what to try?
The problem is not in scalix, its how sendmail verifies relay clients.
I assume you can send to internal clients without problem.
The problem only occurs when you try to relay through the scalix server and send to an external client.
Its sendmail throwing you the error. Scalix uses sendmail for sending messages.
from the sendmail.cf# check client name: first: did it resolve?
R$* $: < $&{client_resolve} >
R<TEMP> $#TEMP $@ 4.4.0 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr}
R<FORGED> $#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name}
R<FAIL> $#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name}
an nslookup from my site shows now record for that IP.nslookup 205.206.209.124
Server: 220.233.0.3
Address: 220.233.0.3#53
** server can't find 124.209.206.205.in-addr.arpa: NXDOMAIN
This is the problem.
Normally ISP's will give you some form of record on your reverse address i.e.[root@quicksilver custom]# nslookup 211.211.211.211
Server: 220.233.0.3
Address: 220.233.0.3#53
Non-authoritative answer:
211.211.211.211.in-addr.arpa name = 111.13.233.220.myisp.com.au.
You need to request that the ISP looking after the ip range creates a reverse record for you.
On the other side of the coin.....is there a real need to relay through your scalix server? If you have valid mx records in external dns then if the ERP system tried to deliver directly it would know where to send it. No real need for relaying that i can see.
The other alternative is to relay via the isp's smtp server, which the erp system is connected to.
hope that helps.