[ALUG] Strange postfix problem

Laurie Brown laurie at brownowl.com
Thu Dec 7 11:28:52 GMT 2017


On 06/12/17 16:57, Chris Green wrote:
> On Wed, Dec 06, 2017 at 02:09:53PM +0000, Laurie Brown wrote:
>> Hi all,
>>
>> Do we have any postfix experts on here? I have a very strange problem
>> I'm struggling to resolve, and I'd appreciate some help.
>>
> Well I use postfix and have configured it for basic receiving and
> sending of mail.  I'm also on the postfix users mailing list so can
> forward questions there too - they've been very straightforward and
> helpful to me in the past.

Thanks Chris.

I've been using Postfix for years and know my way around it pretty well,
but this has me stumped.

Essentially, a particular client who uses one of my SMTP servers to send
email (along with many other clients) is having a fatal problem which
manifests itself as follows. The mechanism we use is SMTP-AUTH, with a
MySQL backend doing the validation, and it has worked well for a very
long time. Except for this client, that is, who keeps getting "Relay
access denied" errors at seemingly random times. Fail2ban then locks her
out of the system. This started on November 27th, out of the blue and
continues.

Said client is using Thunderbird on an iMac.

Having looked at the logs, said client is the only person this happens
to, and there's one consistent feature which is seriously puzzling me.
Here's a log entry (doctored):

Dec  6 07:56:57 mg3 postfix/smtpd[28482]: NOQUEUE: reject: RCPT from
host86-141-***-***.range86-141.btcentralplus.com[86.141.***.***]: 554
5.7.1 <****@gmail.com>: Relay access denied; from=<***@****.co.uk>
to=<****@gmail.com> proto=ESMTP helo=<[192.168.1.80]>

Note the IP address in that last "helo"; it's a non-public one. Each and
every one of the failures has a seemingly-random non-public IP address
in it. The IP remains consistent during each "session" but it changes
every time a new connection is made.

There is no pattern in the recipients either.

Any ideas? Any suggestions for debugging this?

Cheers, Laurie.
-- 
---------------------------------------------------------------------
                               Laurie Brown
                           laurie at brownowl.com
---------------------------------------------------------------------



More information about the main mailing list