KB06082102 550 Error & Messages returned marked 'Mail Relay Denied'
Relay Access Denied or 550 554 and other 500's messages -
Access Control
If you are having unexpected problems with Users being Blacklisted by Mailtraq* (for example, users in your domain but who are outside the LAN), or are getting '554 - Relay Access Denied' or other 550 messages you may need to adjust the Black List properties of the SMTP service they are using.
Users inside the LAN (Local Area Network): So - make sure your LAN definition correctly describes your local area network, and the IP addresses your Users will be connecting from. Read how here ...
Users outside the LAN Users who are outside the LAN, for example working from home, and who are sending mail to or through your Mailtraq email server should be doing so on a dedicated SMTP Service on Port 587 using SMTP Authentication (method). You should then adjust the Black List settings as described below on that SMTP service.
Adjusting Blacklists
These dialogs, accessed from the SMTP Properties dialog Black Lists Tab, by clicking on the [Explicit Black Lists] button, enable the Black Listing facilities to be configured for each instance of the SMTP Service.
Open the Mailtraq Console?, Then select Services, Select the SMTP Service, and right-click for Properties. The SMTP Service Properties dialog will open. Select the Blacklists-tab Click on the [Black Lists] button
When the 'Black List' dialog opens, you will need to select first the Senders-tab (see below left) and then the HELO Hosts-tab (see below right).
Senders-tab
Uncheck
[ ] Reject non-local senders claiming to be local
HELO Hosts-tab
Uncheck
[ ] Reject remote clients ... Using local HELO arguments
These default settings are in place as another layer of protection to reduce the amount of spam your mail system receives. You should avoid removing these settings from your primary SMTP service on Port 25 without first setting up the main Anti-spam services in Mailtraq to avoid a potential increase in spam.
Working with Spam Assassin If you are using the SpamAssassin feature, and are using the 'Sender Exceptions' options it is important not to remove the above settings from your Port 25 SMTP service, and to ensure that all your users connect using a dedicated SMTP-Auth connection, normally created on Port 587
White List (Exceptions) *You can also decide whether to White List certain IP Address Ranges, Senders, Recipients or HELO Hosts at the [Exceptions (White List)] button in the dialog above.
Configuration Tips:
Controlled Relaying see KB05111702 Allowing controlled Relaying when you need to allow a user who is outside your LAN to send mail via Mailtraq, without becoming an 'open-relay'.
General Relay configuration is described here ...
* 554 - Relay Access Denied from other mailservers If you are getting messages returned as undeliverable with 554 - Relay Access Denied notices, this means that the remote mail server does not want to receive mail from you. The most common reason is that you have not correctly configured your Reverse DNS. There is more information here: www.mailtraq.com/rDNS
Traditional Console If you are using the Traditional Console the instructions are slightly different:
Open the Mailtraq Console, Select Options from the top-menu, Then select Services, and when the Service Manager opens, Select the SMTP Service, and click the Properties button. The SMTP Service Properties dialog will open. Select the Blacklists-tab Click on the [Black Lists] button
|