Resolved Addresses of mailing lists get "Relay Access Denied" RCPT from, 454 4.7.1

[saege]

Hi,
I created a mailing list in plesk (mailman) but messages from the list are not delivered to the members unless they have an email address on the same host. There are two domains hosted on this server.
domain2 has a mailing list and can send to members with email addresses from domain2 and domain1. But not to members with addresses like [email protected] or [email protected]. Same phenomenon vice versa: a mailing list on domain1 can only send to domain1 and domain2 mail addresses but not external.

Regular mails are delivered to anywhere from both domains, just not the mails sent from mailman (e.g. from [email protected] or [email protected])

Here is my setup:
- Plesk v12.5.30_build1205150826.19
- Ubuntu 14.04.5 LTS
- Postfix 2.11
- Mailman 2.1.16

postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
disable_vrfy_command = yes
inet_interfaces = all
inet_protocols = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mailman_destination_recipient_limit = 1
message_size_limit = 102400000
mydestination = localdomain, localhost, localhost.localdomain, localhost
myhostname = mail.domain1.de
mynetworks =
plesk_virtual_destination_recipient_limit = 1
readme_directory = no
recipient_delimiter = +
relayhost =
sender_dependent_default_transport_maps = hash:/var/spool/postfix/plesk/sdd_transport_maps
smtp_send_xforward_command = yes
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = no
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated
smtpd_milters = , inet:127.0.0.1:12768
smtpd_proxy_timeout = 3600s
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated
smtpd_timeout = 3600s
smtpd_tls_cert_file = /etc/postfix/postfix_default.pem
smtpd_tls_ciphers = medium
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_protocols = TLSv1 TLSv1.1 TLSv1.2
smtpd_tls_protocols = TLSv1 TLSv1.1 TLSv1.2
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
tls_medium_cipherlist = HIGH:!aNULL:!MD5
transport_maps = , hash:/var/spool/postfix/plesk/transport
virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual
virtual_gid_maps = static:31
virtual_mailbox_base = /var/qmail/mailnames
virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains
virtual_mailbox_limit = 0
virtual_mailbox_maps = , hash:/var/spool/postfix/plesk/vmailbox
virtual_transport = plesk_virtual
virtual_uid_maps = static:30

Errors postfix:

May 30 13:47:08 srv01 postfix/smtpd[3093]: connect from plesk-455452345.hostcloud.me[::1]
May 30 13:47:08 srv01 postfix/smtpd[3093]: NOQUEUE: reject: RCPT from plesk-455452345.hostcloud.me[::1]: 454 4.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<srv01.domain1.de>
May 30 13:47:08 srv01 postfix/smtpd[3093]: disconnect from plesk-455452345.hostcloud.me[::1]
May 30 13:47:08 srv01 postfix/smtpd[3093]: connect from plesk-455452345.hostcloud.me[::1]
May 30 13:47:08 srv01 postfix/smtpd[3093]: NOQUEUE: reject: RCPT from plesk-455452345.hostcloud.me[::1]: 454 4.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<srv01.domain1.de>
May 30 13:47:08 srv01 postfix/smtpd[3093]: disconnect from plesk-455452345.hostcloud.me[::1]
May 30 13:47:08 srv01 postfix/smtpd[3093]: connect from plesk-455452345.hostcloud.me[::1]
May 30 13:47:08 srv01 postfix/smtpd[3093]: NOQUEUE: reject: RCPT from plesk-455452345.hostcloud.me[::1]: 454 4.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<srv01.domain1.de>
May 30 13:47:08 srv01 postfix/smtpd[3093]: disconnect from plesk-455452345.hostcloud.me[::1]

and mailman:

May 30 14:32:07 2017 (5499) All recipients refused: {'[email protected]': (454, '4.7.1 <[email protected]>: Relay access denied')}, msgid: <[email protected]>

Thanks in advance for your help!

 

[UFHH01]

Hi saege,

You missed to configure your networks:

mynetworks =

Correct configuration sample:

...

myhostname = mail.domain1.de
myorigin = /etc/mailname
mydestination = localhost.domain1.de, localhost, localhost.localdomain

relayhost =
mynetworks = , 127.0.0.0/8 [::1]/128 XXX.XXX.XXX.XX1/32 XXX.XXX.XXX.XX2/32

...

... where XXX.XXX.XXX.XX1 or/and XXX.XXX.XXX.XX2 should be replaced with EACH associated IP of your server. ​

In addition, pls. make sure, that you added:

## mailman mailing list
mailman:              "|/var/lib/mailman/mail/mailman post mailman"
mailman-admin:        "|/var/lib/mailman/mail/mailman admin mailman"
mailman-bounces:      "|/var/lib/mailman/mail/mailman bounces mailman"
mailman-confirm:      "|/var/lib/mailman/mail/mailman confirm mailman"
mailman-join:         "|/var/lib/mailman/mail/mailman join mailman"
mailman-leave:        "|/var/lib/mailman/mail/mailman leave mailman"
mailman-owner:        "|/var/lib/mailman/mail/mailman owner mailman"
mailman-request:      "|/var/lib/mailman/mail/mailman request mailman"
mailman-subscribe:    "|/var/lib/mailman/mail/mailman subscribe mailman"
mailman-unsubscribe:  "|/var/lib/mailman/mail/mailman unsubscribe mailman"

to "/etc/aliases", followed by the command :

sudo newaliases

 

[saege]

Excellent! Works now.
I had had "mynetworks" configured with the IPs (internal and external) of my server but reverted to original configuration for this post.
Analyzing the logs I found that mailman was using some FQDN of the hoster I have my server at. I had never seen that name before. Resolved that hostname to its IP, put this IP in "mynetworks" also. Now it works.
Thanks for the help!