1 (edited by monny999 2016-05-25 22:08:55)

Topic: [Solved] Recipient address rejected: Policy rejecion not logged in

==== Required information ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- Related log if you're reporting an issue:
====
hi!
I installed iredmail on ubuntu server 16.04
Everything  works
I have one domain and one virtual domain
I can send and receive from and to gmail and other domain
But when i try to send an email from my domain to my virtual domain it reply with that error.
I disabled the greylisting plugin
How can i solve this ?
Thanks

Ale

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: [Solved] Recipient address rejected: Policy rejecion not logged in

Please turn on debug mode in iRedAPD, then send the testing email again to reproduce this issue, show us FULL log related to this email in /var/log/iredapd/iredapd.log.

Reference: http://www.iredmail.org/docs/debug.iredapd.html

3

Re: [Solved] Recipient address rejected: Policy rejecion not logged in

ZhangHuangbin wrote:

Please turn on debug mode in iRedAPD, then send the testing email again to reproduce this issue, show us FULL log related to this email in /var/log/iredapd/iredapd.log.

Reference: http://www.iredmail.org/docs/debug.iredapd.html


 2016-05-24 08:20:23 DEBUG Connect from 127.0.0.1, port 55088.
2016-05-24 08:20:23 DEBUG smtp session: request=smtpd_access_policy
2016-05-24 08:20:23 DEBUG smtp session: protocol_state=RCPT
2016-05-24 08:20:23 DEBUG smtp session: protocol_name=ESMTP
2016-05-24 08:20:23 DEBUG smtp session: client_address=91.80.36.116
2016-05-24 08:20:23 DEBUG smtp session: client_name=free116.dsl.vodafone.it
2016-05-24 08:20:23 DEBUG smtp session: client_port=43991
2016-05-24 08:20:23 DEBUG smtp session: reverse_client_name=free116.dsl.vodafone.it
2016-05-24 08:20:23 DEBUG smtp session: helo_name=free.dsl.vodafone.it
2016-05-24 08:20:23 DEBUG smtp session: sender=contabilita@cemmedue.com
2016-05-24 08:20:23 DEBUG smtp session: recipient=confezioni@cemmedue.com
2016-05-24 08:20:23 DEBUG smtp session: recipient_count=0
2016-05-24 08:20:23 DEBUG smtp session: queue_id=
2016-05-24 08:20:23 DEBUG smtp session: instance=6ad.5743f2a7.9469e.0

2016-05-24 08:20:23 DEBUG smtp session: size=6958
2016-05-24 08:20:23 DEBUG smtp session: etrn_domain=
2016-05-24 08:20:23 DEBUG smtp session: stress=
2016-05-24 08:20:23 DEBUG smtp session: sasl_method=
2016-05-24 08:20:23 DEBUG smtp session: sasl_username=
2016-05-24 08:20:23 DEBUG smtp session: sasl_sender=
2016-05-24 08:20:23 DEBUG smtp session: ccert_subject=
2016-05-24 08:20:23 DEBUG smtp session: ccert_issuer=
2016-05-24 08:20:23 DEBUG smtp session: ccert_fingerprint=
2016-05-24 08:20:23 DEBUG smtp session: ccert_pubkey_fingerprint=
2016-05-24 08:20:23 DEBUG smtp session: encryption_protocol=
2016-05-24 08:20:23 DEBUG smtp session: encryption_cipher=
2016-05-24 08:20:23 DEBUG smtp session: encryption_keysize=0
2016-05-24 08:20:23 DEBUG smtp session: policy_context=
2016-05-24 08:20:23 DEBUG Drop invalid smtp session input: policy_context=
2016-05-24 08:20:23 DEBUG --> Apply plugin: reject_sender_login_mismatch
2016-05-24 08:20:23 DEBUG Not an authenticated sender (no sasl_username).
2016-05-24 08:20:23 DEBUG Sender is forged address (sender domain == recipient domain).
2016-05-24 08:20:23 DEBUG <-- Result: REJECT Policy rejection not logged in
2016-05-24 08:20:23 DEBUG Session ended
2016-05-24 08:20:23 INFO [91.80.36.116] RCPT, contabilita@cemmedue.com -> confezioni@cemmedue.com, REJECT Policy rejection not logged in
2016-05-24 08:20:23 DEBUG smtp session: request=smtpd_access_policy
2016-05-24 08:20:23 DEBUG smtp session: protocol_state=RCPT

2016-05-24 08:20:23 DEBUG smtp session: protocol_name=ESMTP
2016-05-24 08:20:23 DEBUG smtp session: client_address=91.80.36.116
2016-05-24 08:20:23 DEBUG smtp session: client_name=free116.dsl.vodafone.it
2016-05-24 08:20:23 DEBUG smtp session: client_port=43991
2016-05-24 08:20:23 DEBUG smtp session: reverse_client_name=free116.dsl.vodafone.it
2016-05-24 08:20:23 DEBUG smtp session: helo_name=free.dsl.vodafone.it
2016-05-24 08:20:23 DEBUG smtp session: sender=
2016-05-24 08:20:23 DEBUG smtp session: recipient=contabilita@cemmedue.com
2016-05-24 08:20:23 DEBUG smtp session: recipient_count=0
2016-05-24 08:20:23 DEBUG smtp session: queue_id=
2016-05-24 08:20:23 DEBUG smtp session: instance=6ad.5743f2a7.cac33.1
2016-05-24 08:20:23 DEBUG smtp session: size=7982
2016-05-24 08:20:23 DEBUG smtp session: etrn_domain=
2016-05-24 08:20:23 DEBUG smtp session: stress=
2016-05-24 08:20:23 DEBUG smtp session: sasl_method=
2016-05-24 08:20:23 DEBUG smtp session: sasl_username=
2016-05-24 08:20:23 DEBUG smtp session: sasl_sender=
2016-05-24 08:20:23 DEBUG smtp session: ccert_subject=
2016-05-24 08:20:23 DEBUG smtp session: ccert_issuer=
2016-05-24 08:20:23 DEBUG smtp session: ccert_fingerprint=
2016-05-24 08:20:23 DEBUG smtp session: ccert_pubkey_fingerprint=
2016-05-24 08:20:23 DEBUG smtp session: encryption_protocol=
2016-05-24 08:20:23 DEBUG smtp session: encryption_cipher=

2016-05-24 08:20:23 DEBUG smtp session: encryption_keysize=0
2016-05-24 08:20:23 DEBUG smtp session: policy_context=
2016-05-24 08:20:23 DEBUG Drop invalid smtp session input: policy_context=
2016-05-24 08:20:23 DEBUG --> Apply plugin: reject_sender_login_mismatch
2016-05-24 08:20:23 DEBUG Not an authenticated sender (no sasl_username).
2016-05-24 08:20:23 DEBUG [SQL] query alias domains:
SELECT alias_domain
                               FROM alias_domain
                              WHERE alias_domain='' OR target_domain=''
                              LIMIT 1
2016-05-24 08:20:23 DEBUG SQL query result: None
2016-05-24 08:20:23 DEBUG Sender domain is not hosted locally.
2016-05-24 08:20:23 DEBUG <-- Result: DUNNO
2016-05-24 08:20:23 DEBUG --> Apply plugin: throttle
2016-05-24 08:20:23 DEBUG Bypass sender throttling (No sasl_username).
2016-05-24 08:20:23 DEBUG Check recipient throttling.
2016-05-24 08:20:23 DEBUG [SQL] Query throttle setting:

        SELECT id, account, priority, period, max_msgs, max_quota, msg_size
          FROM throttle
         WHERE kind='inbound' AND account IN ('91.80.36.116', '@ip', '@.', 'contabilita@cemmedue.com', '@cemmedue.com', '@.cemmedue.com', '@com', '@.com', '91.*.*.*', '91.*.36.116', '*.80.$
         ORDER BY priority DESC
2016-05-24 08:20:23 DEBUG [SQL] Query result:
[]
2016-05-24 08:20:23 DEBUG No recipient throttle setting.
2016-05-24 08:20:23 DEBUG <-- Result: DUNNO
2016-05-24 08:20:23 DEBUG --> Apply plugin: sql_alias_access_policy
2016-05-24 08:20:23 DEBUG [SQL] query access policy:
SELECT accesspolicy, goto, moderators
               FROM alias
              WHERE
                    address='contabilita@cemmedue.com'
                    AND islist=1
                    AND active=1
              LIMIT 1

2016-05-24 08:20:23 DEBUG SQL query result: None
2016-05-24 08:20:23 DEBUG [SQL] Check whether recipient domain is an alias domain:
SELECT target_domain
                   FROM alias_domain
                  WHERE alias_domain = 'cemmedue.com'
                  LIMIT 1

2016-05-24 08:20:23 DEBUG [SQL] query result: None
2016-05-24 08:20:23 DEBUG Recipient domain is not an alias domain.

2016-05-24 08:20:23 DEBUG <-- Result: DUNNO (Not a mail alias account)
2016-05-24 08:20:23 DEBUG --> Apply plugin: amavisd_wblist
2016-05-24 08:20:23 DEBUG Bypass: both sender and sasl_username are empty.
2016-05-24 08:20:23 DEBUG <-- Result: DUNNO
2016-05-24 08:20:23 DEBUG Session ended
2016-05-24 08:20:23 INFO [91.80.36.116] RCPT,  -> contabilita@cemmedue.com, DUNNO
2016-05-24 08:20:23 DEBUG smtp session: request=smtpd_access_policy
2016-05-24 08:20:23 DEBUG smtp session: protocol_state=END-OF-MESSAGE
2016-05-24 08:20:23 DEBUG smtp session: protocol_name=ESMTP
2016-05-24 08:20:23 DEBUG smtp session: client_address=91.80.36.116
2016-05-24 08:20:23 DEBUG smtp session: client_name=free116.dsl.vodafone.it
2016-05-24 08:20:23 DEBUG smtp session: client_port=43991
2016-05-24 08:20:23 DEBUG smtp session: reverse_client_name=free116.dsl.vodafone.it
2016-05-24 08:20:23 DEBUG smtp session: helo_name=free.dsl.vodafone.it
2016-05-24 08:20:23 DEBUG smtp session: sender=
2016-05-24 08:20:23 DEBUG smtp session: recipient=contabilita@cemmedue.com
2016-05-24 08:20:23 DEBUG smtp session: recipient_count=1
2016-05-24 08:20:23 DEBUG smtp session: queue_id=D8CB31341660
2016-05-24 08:20:23 DEBUG smtp session: instance=6ad.5743f2a7.cac33.1
2016-05-24 08:20:23 DEBUG smtp session: size=9187
2016-05-24 08:20:23 DEBUG smtp session: etrn_domain=
2016-05-24 08:20:23 DEBUG smtp session: stress=
2016-05-24 08:20:23 DEBUG smtp session: sasl_method=

2016-05-24 08:20:23 DEBUG smtp session: sasl_username=
2016-05-24 08:20:23 DEBUG smtp session: sasl_sender=
2016-05-24 08:20:23 DEBUG smtp session: ccert_subject=
2016-05-24 08:20:23 DEBUG smtp session: ccert_issuer=
2016-05-24 08:20:23 DEBUG smtp session: ccert_fingerprint=
2016-05-24 08:20:23 DEBUG smtp session: ccert_pubkey_fingerprint=
2016-05-24 08:20:23 DEBUG smtp session: encryption_protocol=
2016-05-24 08:20:23 DEBUG smtp session: encryption_cipher=
2016-05-24 08:20:23 DEBUG smtp session: encryption_keysize=0
2016-05-24 08:20:23 DEBUG smtp session: policy_context=
2016-05-24 08:20:23 DEBUG Drop invalid smtp session input: policy_context=
2016-05-24 08:20:23 DEBUG Skip plugin: reject_sender_login_mismatch (protocol_state != END-OF-MESSAGE)
2016-05-24 08:20:23 DEBUG --> Apply plugin: throttle
2016-05-24 08:20:23 DEBUG Bypass sender throttling (No sasl_username).
2016-05-24 08:20:23 DEBUG Check recipient throttling.
2016-05-24 08:20:23 DEBUG [SQL] Query throttle setting:

        SELECT id, account, priority, period, max_msgs, max_quota, msg_size
          FROM throttle
         WHERE kind='inbound' AND account IN ('91.80.36.116', '@ip', '@.', 'contabilita@cemmedue.com', '@cemmedue.com', '@.cemmedue.com', '@com', '@.com', '91.*.*.*', '91.*.36.116', '*.80.$
         ORDER BY priority DESC

2016-05-24 08:20:23 DEBUG [SQL] Query result:
[]
2016-05-24 08:20:23 DEBUG No recipient throttle setting.
2016-05-24 08:20:23 DEBUG <-- Result: DUNNO
2016-05-24 08:20:23 DEBUG --> Apply plugin: sql_alias_access_policy
2016-05-24 08:20:23 DEBUG [SQL] query access policy:
SELECT accesspolicy, goto, moderators
               FROM alias
              WHERE
                    address='contabilita@cemmedue.com'
                    AND islist=1
                    AND active=1
              LIMIT 1

2016-05-24 08:20:23 DEBUG SQL query result: None
2016-05-24 08:20:23 DEBUG [SQL] Check whether recipient domain is an alias domain:
SELECT target_domain
                   FROM alias_domain
                  WHERE alias_domain = 'cemmedue.com'
                  LIMIT 1

2016-05-24 08:20:23 DEBUG [SQL] query result: None
2016-05-24 08:20:23 DEBUG Recipient domain is not an alias domain.
2016-05-24 08:20:23 DEBUG <-- Result: DUNNO (Not a mail alias account)
2016-05-24 08:20:23 DEBUG --> Apply plugin: amavisd_wblist
2016-05-24 08:20:23 DEBUG Bypass: both sender and sasl_username are empty.
2016-05-24 08:20:23 DEBUG <-- Result: DUNNO
2016-05-24 08:20:23 DEBUG Session ended
2016-05-24 08:20:23 INFO [91.80.36.116] RCPT,  -> contabilita@cemmedue.com, DUNNO
2016-05-24 08:20:23 DEBUG smtp session: request=smtpd_access_policy
2016-05-24 08:20:23 DEBUG smtp session: protocol_state=END-OF-MESSAGE
2016-05-24 08:20:23 DEBUG smtp session: protocol_name=ESMTP
2016-05-24 08:20:23 DEBUG smtp session: client_address=91.80.36.116
2016-05-24 08:20:23 DEBUG smtp session: client_name=free116.dsl.vodafone.it
2016-05-24 08:20:23 DEBUG smtp session: client_port=43991
2016-05-24 08:20:23 DEBUG smtp session: reverse_client_name=free116.dsl.vodafone.it
2016-05-24 08:20:23 DEBUG smtp session: helo_name=free.dsl.vodafone.it
2016-05-24 08:20:23 DEBUG smtp session: sender=
2016-05-24 08:20:23 DEBUG smtp session: recipient=contabilita@cemmedue.com
2016-05-24 08:20:23 DEBUG smtp session: recipient_count=1
2016-05-24 08:20:23 DEBUG smtp session: queue_id=D8CB31341660
2016-05-24 08:20:23 DEBUG smtp session: instance=6ad.5743f2a7.cac33.1
2016-05-24 08:20:23 DEBUG smtp session: size=9187
2016-05-24 08:20:23 DEBUG smtp session: etrn_domain=
2016-05-24 08:20:23 DEBUG smtp session: stress=

2016-05-24 08:20:23 DEBUG smtp session: sasl_username=
2016-05-24 08:20:23 DEBUG smtp session: sasl_sender=
2016-05-24 08:20:23 DEBUG smtp session: ccert_subject=
2016-05-24 08:20:23 DEBUG smtp session: ccert_issuer=
2016-05-24 08:20:23 DEBUG smtp session: ccert_fingerprint=
2016-05-24 08:20:23 DEBUG smtp session: ccert_pubkey_fingerprint=
2016-05-24 08:20:23 DEBUG smtp session: encryption_protocol=
2016-05-24 08:20:23 DEBUG smtp session: encryption_cipher=
2016-05-24 08:20:23 DEBUG smtp session: encryption_keysize=0
2016-05-24 08:20:23 DEBUG smtp session: policy_context=
2016-05-24 08:20:23 DEBUG Drop invalid smtp session input: policy_context=
2016-05-24 08:20:23 DEBUG Skip plugin: reject_sender_login_mismatch (protocol_state != END-OF-MESSAGE)
2016-05-24 08:20:23 DEBUG --> Apply plugin: throttle
2016-05-24 08:20:23 DEBUG Bypass sender throttling (No sasl_username).
2016-05-24 08:20:23 DEBUG Check recipient throttling.
2016-05-24 08:20:23 DEBUG [SQL] Query throttle setting:

        SELECT id, account, priority, period, max_msgs, max_quota, msg_size
          FROM throttle
         WHERE kind='inbound' AND account IN ('91.80.36.116', '@ip', '@.', 'contabilita@cemmedue.com', '@cemmedue.com', '@.cemmedue.com', '@com', '@.com', '91.*.*.*', '91.*.36.116', '*.80.$
         ORDER BY priority DESC

2016-05-24 08:20:23 DEBUG [SQL] Query result:
[]
2016-05-24 08:20:23 DEBUG No recipient throttle setting.
2016-05-24 08:20:23 DEBUG <-- Result: DUNNO
2016-05-24 08:20:23 DEBUG Skip plugin: sql_alias_access_policy (protocol_state != END-OF-MESSAGE)
2016-05-24 08:20:23 DEBUG Skip plugin: amavisd_wblist (protocol_state != END-OF-MESSAGE)
2016-05-24 08:20:23 DEBUG Session ended
2016-05-24 08:20:23 INFO [91.80.36.116] END-OF-MESSAGE,  -> contabilita@cemmedue.com, DUNNO

 

4

Re: [Solved] Recipient address rejected: Policy rejecion not logged in

monny999 wrote:

2016-05-24 08:20:23 DEBUG --> Apply plugin: reject_sender_login_mismatch
2016-05-24 08:20:23 DEBUG Not an authenticated sender (no sasl_username).
2016-05-24 08:20:23 DEBUG Sender is forged address (sender domain == recipient domain).
2016-05-24 08:20:23 DEBUG <-- Result: REJECT Policy rejection not logged in

The log says you didn't have smtp sasl auth. Please enable smtp auth for sending email, then try again.

5

Re: [Solved] Recipient address rejected: Policy rejecion not logged in

ZhangHuangbin wrote:
monny999 wrote:

2016-05-24 08:20:23 DEBUG --> Apply plugin: reject_sender_login_mismatch
2016-05-24 08:20:23 DEBUG Not an authenticated sender (no sasl_username).
2016-05-24 08:20:23 DEBUG Sender is forged address (sender domain == recipient domain).
2016-05-24 08:20:23 DEBUG <-- Result: REJECT Policy rejection not logged in

The log says you didn't have smtp sasl auth. Please enable smtp auth for sending email, then try again.

I can't do it because with my vendor (Vodafone italy) i must use their SMTP server (free.dsl.vodafone.it) without auth.

But this problem occured when i set up my new server (with ubuntu 16); when i used ubuntu 14 the server worked properly

Why?

Ale

6

Re: [Solved] Recipient address rejected: Policy rejecion not logged in

Try this:

*) Remove plugin name "reject_sender_login_mismatch" in /opt/iredapd/settings.py. Restart iredapd service.
*) Update Postfix setting "smtpd_sender_restrictions", add rule "reject_sender_login_mismatch' like below, reload Postfix service:

smtpd_sender_restrictions =
    ...
    permit_mynetworks
    reject_sender_login_mismatch
    permit_sasl_authenticated
    ...

If it still doesn't work, remove "reject_sender_login_mismatch" in Postfix parameter "smtpd_sender_restrictions" and try again.

7

Re: [Solved] Recipient address rejected: Policy rejecion not logged in

ZhangHuangbin wrote:

Try this:

*) Remove plugin name "reject_sender_login_mismatch" in /opt/iredapd/settings.py. Restart iredapd service.
*) Update Postfix setting "smtpd_sender_restrictions", add rule "reject_sender_login_mismatch' like below, reload Postfix service:

smtpd_sender_restrictions =
    ...
    permit_mynetworks
    reject_sender_login_mismatch
    permit_sasl_authenticated
    ...

If it still doesn't work, remove "reject_sender_login_mismatch" in Postfix parameter "smtpd_sender_restrictions" and try again.


Percfect! I solved doing this
Thank you!!!

Ale