Postfix to Axigen

Support General Configuration
1

Hi Team;

Having successfully configured configured Axigen to use SendGrid to send, and tested a couple of domains with WebMail/ IMAP/ SMTP. I am now trying to get the final part of my planning configuration to work.

I have on the same LAN 2 separate servers; an Axigen Service (mail) and a Postfix Server (web-wordpress).

I have created the rules in Axigen (192.168.1.34) to allow relay from my Postfix using Postfix IP (192.168.1.34). I have created DNS entries (using Cloudflare) for both these servers. The Postfix server sends email to Axigen, which then Greylists the mail.

I notice 2 things:

  1. The DNS is not resolving in Axigen, but does elsewhere including on Axegin server cli,
  2. The SPF message.

Any help/ pointers appreciated.

Log snippet as follows:

2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: [192.168.1.34:25] connection accepted from [192.168.1.36:40328]
2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: Set remote delivery to auth
2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: Set remote delivery to all
2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: Greylist enabled
2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: Set max data size to 10240 KB
2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: Set max received headers to 30
2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: Maximum recipient count set to 1000
2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: Wait for processing response at least 10 seconds
2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: STARTTLS extension allowed
2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: 8BIT MIME accepted
2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: BINARY DATA extension allowed
2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: PIPELINING extension allowed
2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: Set local delivery to all
2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: Created new queue item with id 0028A548
2020-10-14 08:50:57 +1300 08 diaus-mail-001 DNR:0000095A: Search TXT for ‘diaus-web-wordpress-001.diaus.nz’
2020-10-14 08:50:57 +1300 08 diaus-mail-001 DNR:0000095A: Sending query (1/1) to 127.0.0.53:53
2020-10-14 08:50:57 +1300 08 diaus-mail-001 DNR:0000095A: Search NS for ‘diaus-web-wordpress-001.diaus.nz’
2020-10-14 08:50:57 +1300 08 diaus-mail-001 DNR:0000095A: Sending query (1/1) to 127.0.0.53:53
2020-10-14 08:50:57 +1300 02 diaus-mail-001 DNR:0000095A: DNS query failed - recursive queries disabled
2020-10-14 08:50:57 +1300 08 diaus-mail-001 DNR:0000095A: ‘diaus-web-wordpress-001.diaus.nz’ not found in DNS
2020-10-14 08:50:57 +1300 08 diaus-mail-001 DNR:0000095A: ‘diaus-web-wordpress-001.diaus.nz’ not found in DNS
2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: SPF result for MAIL FROM <root@diaus-web-wordpress-001.diaus.nz@diaus-web-wordpress-001.diaus.nz> issued from EHLO domain <mail.diaus.nz> connected from <192.168.1.36>: None (spfHeader = ‘none (diaus-web-wordpress-001.diaus.nz: root@diaus-web-wordpress-001.diaus.nz does not designate permitted sender hosts) client-ip=192.168.1.36; envelope-from=root@diaus-web-wordpress-001.diaus.nz; mechanism=default; identity=mailfrom; receiver=diaus-mail-001.diaus.nz;’; spfExplanation = ‘null’)
2020-10-14 08:50:57 +1300 08 diaus-mail-001 SMTP-IN:0000095A: Greylisting mail 0028A548
2020-10-14 08:50:58 +1300 08 diaus-mail-001 SMTP-IN:0000095A: Set mail state to REMOVED
2020-10-14 08:50:58 +1300 08 diaus-mail-001 SMTP-IN:0000095A: closing session from [192.168.1.36:40328]

2

Sorry I typed the web-wordpress IP wrong it is .36.

The 2 servers are separate boxes.

David.

3

For test first please disabled greylist and set a correct DNS server in Services DNR.
Second to send email from postfix you need to authentication with an available account in axigen that set in your software. And set smtp receiving log level and processing log level on protocol communication
Finally test again and send logs

4

Mohammad;

Thanks - done.

I can now email to @diaus.nz from web/wordpress.

The authentication in postfix fixed it.

Regards
David

1 Like
5

Mohammad and others;

I am now trying to have my web-server send to other domains (@gmail.com, etc).

So the config is web (postfix) --> mail (Axigen) --> Sendgrid --> user@domain.

(BTW: mail (Axigen) --> Sendgrid --> user@domain is working fine.)

This does not work for domains that are not on my Axigen Server.

Please see attached log snippet and as always any advice/ thoughts/ etc are appreciated.

David

2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: [192.168.1.34:25] connection accepted from [192.168.1.36:42994]
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 220 diaus-mail-001.diaus.nz Axigen ESMTP ready
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: << EHLO mail.diaus.nz
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Set max data size to 10240 KB
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Set max received headers to 30
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Maximum recipient count set to 1000
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Wait for processing response at least 10 seconds
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: STARTTLS extension allowed
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: 8BIT MIME accepted
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: BINARY DATA extension allowed
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: PIPELINING extension allowed
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Set local delivery to all
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: DSN extension denied
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Set remote delivery to auth
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Greylist disabled
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Set remote delivery to auth
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-diaus-mail-001.diaus.nz Axigen ESMTP hello
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-PIPELINING
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-AUTH PLAIN LOGIN CRAM-MD5 DIGEST-MD5 GSSAPI
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-AUTH=PLAIN LOGIN CRAM-MD5 DIGEST-MD5 GSSAPI
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-8BITMIME
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-BINARYMIME
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-CHUNKING
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-SIZE 10485760
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-STARTTLS
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-HELP
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250 OK
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: << STARTTLS
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 220 Ready to start TLS
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: << SSL: client hello, remote 192.168.1.36:42994, version TLS 1.3 (0304)
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: << SSL: client hello, remote 192.168.1.36:42994, session id 7f41cc2bed0bd611a210c2fdf768b1b1111e072dc22e826ea42ffc194274976d
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: << SSL: client hello, remote 192.168.1.36:42994, 91 cipher suites: (Removed)
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> SSL: server hello, remote 192.168.1.36:42994, version TLS 1.2 (0303)
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> SSL: server hello, remote 192.168.1.36:42994, session id 7f41cc2bed0bd611a210c2fdf768b1b1111e072dc22e826ea42ffc194274976d
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> SSL: server hello, remote 192.168.1.36:42994, cipher suite c02f
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: << EHLO mail.diaus.nz
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Set max data size to 10240 KB
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Set max received headers to 30
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Maximum recipient count set to 1000
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Wait for processing response at least 10 seconds
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: STARTTLS extension allowed
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: 8BIT MIME accepted
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: BINARY DATA extension allowed
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: PIPELINING extension allowed
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Set local delivery to all
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: DSN extension denied
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Set remote delivery to auth
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Greylist disabled
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Set remote delivery to auth
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-diaus-mail-001.diaus.nz Axigen ESMTP hello
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-PIPELINING
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-AUTH PLAIN LOGIN CRAM-MD5 DIGEST-MD5 GSSAPI
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-AUTH=PLAIN LOGIN CRAM-MD5 DIGEST-MD5 GSSAPI
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-8BITMIME
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-BINARYMIME
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-CHUNKING
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-SIZE 10485760
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250-HELP
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250 OK
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: << MAIL FROM:diaus@diaus-web-wordpress-001 SIZE=358
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Created new queue item with id 0000AF9F
2020-10-21 15:51:52 +1300 08 diaus-mail-001 DNR:0000BD3C: Search TXT for ‘diaus-web-wordpress-001’
2020-10-21 15:51:52 +1300 08 diaus-mail-001 DNR:0000BD3C: Sending query (1/1) to 8.8.8.8:53
2020-10-21 15:51:52 +1300 08 diaus-mail-001 DNR:0000BD3C: Search NS for ‘diaus-web-wordpress-001’
2020-10-21 15:51:52 +1300 08 diaus-mail-001 DNR:0000BD3C: Sending query (1/1) to 8.8.8.8:53
2020-10-21 15:51:52 +1300 02 diaus-mail-001 DNR:0000BD3C: DNS query failed - recursive queries disabled
2020-10-21 15:51:52 +1300 08 diaus-mail-001 DNR:0000BD3C: ‘diaus-web-wordpress-001’ not found in DNS
2020-10-21 15:51:52 +1300 08 diaus-mail-001 DNR:0000BD3C: ‘diaus-web-wordpress-001’ not found in DNS
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: SPF result for MAIL FROM <diaus@diaus-web-wordpress-001@diaus-web-wordpress-001> issued from EHLO domain <mail.diaus.nz> connected from <192.168.1.36>: None (spfHeader = ‘none (diaus-web-wordpress-001: diaus@diaus-web-wordpress-001 does not designate permitted sender hosts) client-ip=192.168.1.36; envelope-from=diaus@diaus-web-wordpress-001; mechanism=default; identity=mailfrom; receiver=diaus-mail-001.diaus.nz;’; spfExplanation = ‘null’)
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250 Sender accepted
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: << RCPT TO:danicholson@gmail.com
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 550 Relay denied for <gmail.com>
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Reject relay to gmail.com for mail 00AF9F
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: << DATA
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 503 No recipient accepted for this mail transaction
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: << RSET
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: Set mail state to REMOVED
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 250 Reset done
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: << QUIT
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 221-diaus-mail-001.diaus.nz Axigen ESMTP is closing connection
2020-10-21 15:51:52 +1300 16 diaus-mail-001 SMTP-IN:0000BD3C: >> 221 Good bye
2020-10-21 15:51:52 +1300 08 diaus-mail-001 SMTP-IN:0000BD3C: closing session from [192.168.1.36:42994]

6

Hello David,

Yes, for obvious reasons you could not relay external messages in case you are using a non-authenticated SMTP session (which is the session you have shared).

SMTP-IN:0000BD3C: Set remote delivery to auth

On the other side you mentioned that you have created a rule that is allowing external relaying based on the IP address of your Postfix server (192.168.1.34).

But, from the shared logs we see that the connection came from 192.168.1.36 to Axigen IP address 192.168.1.34

SMTP-IN:0000095A: [192.168.1.34:25] connection accepted from [192.168.1.36:42994]

In case 192.168.1.36 is your own Postfix server and you trust it then please add a relay exception for it like:

WebAdmin > Security & Filtering > Acceptance & Rounting > Routing Basic Settings > Allow / Disallow Relaying > Add IP /Range > Add Exception for: Single IP address | IP: 192.168.1.36 | Allow Delivery: yes > Save

HTH,
Ioan