Setup help please...

Hi Martijn,
Thanks for the quick response. I'm just a little confused though. I
have mail.helenhayeshosp.org as one of my relay domains. Are you saying
that I have to add just "helenhayeshosp.org" as well? I'm reasonably
sure that mail.helenhayeshosp.org is correct. If you do a ping -a it
comes up with the correct public IP address.

Thanks
Ron...

···

-----Original Message-----
From: Martijn Brinkers [mailto:martijn(a)djigzo.com]
Sent: Wednesday, August 04, 2010 5:14 PM
To: Serao, Ron
Cc: users(a)lists.djigzo.com
Subject: Re: Setup help please...

Hi Ron,

It seems you didn't add helenhayeshosp.org to the relay domains. You
relay domains now contain:

HelenHayes.Local, mail.helenhayeshosp.org

Are you sure that mail.helenhayeshosp.org is correct? You should at
least add helenhayeshosp.org if you want to receive email for the
helenhayeshosp.org domain.

Kind regards,

Martijn

Serao, Ron wrote:

Hello all,
I'm having a problem getting djigzo to work in my environment and I'm
hoping someone has some suggestions. Here's my existing setup:

Exchange backend server .30 <------->exchange front end server
.29<---->spam gateway .7<---->internet
The spam gateway has a natted public address of .3

I want to insert djigzo between the spam gateway and the internet so
here's what I've done so far (without success I might add)

Exchange backend server .30 <------->exchange front end server
.29<---->spam gateway .7<---->Djigzo.74<---->internet
  
Public .3

Right now I am just trying to get mail routed through djigzo without
signing or encrypting.
Here's my MTA config...

# postfix main config for djigzo

# these settings will be changed by the MTA admin page
djigzo_myhostname = mail.helenhayeshosp.org
djigzo_mydestination =
djigzo_mynetworks = 192.168.15.7, 192.168.15.29, 192.168.15.30
djigzo_relayhost =
djigzo_relayhost_mx_lookup =
djigzo_relayhost_port = 25
djigzo_relay_domains = HelenHayes.Local, mail.helenhayeshosp.org
djigzo_before_filter_message_size_limit = 10240000
djigzo_after_filter_message_size_limit = 512000000
djigzo_mailbox_size_limit = 512000000
djigzo_smtp_helo_name = mail.helenhayeshosp.org
djigzo_relay_transport_host = 192.168.15.7
djigzo_relay_transport_host_mx_lookup = mx
djigzo_relay_transport_host_port = 25
djigzo_reject_unverified_recipient = reject
djigzo_unverified_recipient_reject_code = 450
djigzo_parent_domain_matches_subdomains = relay_domains

smtpd_banner = $myhostname ESMTP $mail_name (Djigzo)

biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

myhostname = ${djigzo_myhostname}
mydestination = ${djigzo_mydestination}
mynetworks = 127.0.0.0/8, ${djigzo_mynetworks}
relayhost =

${djigzo_relayhost_mx_lookup:${djigzo_relayhost?[}}${djigzo_relayhost}${

djigzo_relayhost_mx_lookup:${djigzo_relayhost?]}}${djigzo_relayhost?:${d

jigzo_relayhost_port}}
relay_domains = ${djigzo_relay_domains}
message_size_limit = ${djigzo_after_filter_message_size_limit}
mailbox_size_limit = ${djigzo_mailbox_size_limit}
smtp_helo_name =

${djigzo_smtp_helo_name?$djigzo_smtp_helo_name}${djigzo_smtp_helo_name:$

myhostname}
relay_transport =

relay${djigzo_relay_transport_host?:${djigzo_relay_transport_host_mx_loo

kup:[}$djigzo_relay_transport_host${djigzo_relay_transport_host_mx_looku

p:]}:$djigzo_relay_transport_host_port}
smtpd_recipient_restrictions = permit_mynetworks,
reject_unauth_destination ${djigzo_reject_unverified_recipient?,
reject_unverified_recipient}
unverified_recipient_reject_code =
$djigzo_unverified_recipient_reject_code
parent_domain_matches_subdomains =
$djigzo_parent_domain_matches_subdomains

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

recipient_delimiter = +

smtpd_authorized_xforward_hosts = 127.0.0.1/32

content_filter = djigzo:127.0.0.1:10025

#smtp_tls_security_level = may
#smtp_sasl_auth_enable = yes
#smtp_sasl_password_maps = hash:/etc/postfix/smtp_client_passwd
#smtp_sasl_type = cyrus
#smtp_tls_CApath = /etc/postfix/certs/
#smtp_sasl_security_options =

When I try to send mail from an outside domain, say for example gmail,
to an internal address, I get an NDR with the following error:
"Google tried to deliver your message, but it was rejected by the
recipient domain. We recommend contacting the other email provider for
further information about the cause of this error. The error that the
other server returned was: 554 554 5.7.1 <xxxx(a)xxxx.xx>: Relay access
denied (state 14)."

Not sure where I've gone wrong but I'm certain I have.

Any help would be appreciated.

Thanks
Ron...

IMPORTANT NOTICE: This e-mail and any attachments may contain

confidential or sensitive information, which is, or may be legally
privileged or otherwise protected by law from further
disclosure.%CRLF%It is intended only for the addressee. If you received
this in error or from someone who was not authorized to send it to you,
please do not distribute copy or use it or any attachments.%CRLF% Please
notify the sender immediately by reply e-mail and delete this from your
system. Thank you for your cooperation.

_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
http://lists.djigzo.com/lists/listinfo/users

--
Djigzo open source email encryption

IMPORTANT NOTICE: This e-mail and any attachments may contain
confidential or sensitive information, which is, or may be legally
privileged or otherwise protected by law from further
disclosure.%CRLF%It is intended only for the addressee. If you received
this in error or from someone who was not authorized to send it to you,
please do not distribute copy or use it or any attachments.%CRLF% Please
notify the sender immediately by reply e-mail and delete this from your
system. Thank you for your cooperation.

IMPORTANT NOTICE: This e-mail and any attachments may contain confidential or sensitive information, which is, or may be legally privileged or otherwise protected by law from further disclosure.%CRLF%It is intended only for the addressee. If you received this in error or from someone who was not authorized to send it to you, please do not distribute copy or use it or any attachments.%CRLF% Please notify the sender immediately by reply e-mail and delete this from your system. Thank you for your cooperation.

Thanks for the quick response. I'm just a little confused though. I
have mail.helenhayeshosp.org as one of my relay domains. Are you saying
that I have to add just "helenhayeshosp.org" as well? I'm reasonably
sure that mail.helenhayeshosp.org is correct. If you do a ping -a it
comes up with the correct public IP address.

mail.helenhayeshosp.org is the name (A record) of the host that receives
email for the domain helenhayeshosp.org (i.e. the MX records of the
domain helenhayeshosp.org point to mail.helenhayeshosp.org).

The relay domains however are the domains your email server accepts as
internal email. Which in your case should contain at least
helenhayeshosp.org.

Right now (when mail.helenhayeshosp.org is added to relay domains)
Djigzo only accepts email for the domain mail.helenhayeshosp.org (like
for example seraor(a)mail.helenhayeshosp.org) and not for helenhayeshosp.org.

I think you are mixing up the hostname of the server and the domain name
for which you receive email.

Kind regards,

Martijn

···

Thanks
Ron...

-----Original Message-----
From: Martijn Brinkers [mailto:martijn(a)djigzo.com]
Sent: Wednesday, August 04, 2010 5:14 PM
To: Serao, Ron
Cc: users(a)lists.djigzo.com
Subject: Re: Setup help please...

Hi Ron,

It seems you didn't add helenhayeshosp.org to the relay domains. You
relay domains now contain:

HelenHayes.Local, mail.helenhayeshosp.org

Are you sure that mail.helenhayeshosp.org is correct? You should at
least add helenhayeshosp.org if you want to receive email for the
helenhayeshosp.org domain.

Kind regards,

Martijn

Serao, Ron wrote:

Hello all,
I'm having a problem getting djigzo to work in my environment and I'm
hoping someone has some suggestions. Here's my existing setup:

Exchange backend server .30 <------->exchange front end server
.29<---->spam gateway .7<---->internet
The spam gateway has a natted public address of .3

I want to insert djigzo between the spam gateway and the internet so
here's what I've done so far (without success I might add)

Exchange backend server .30 <------->exchange front end server
.29<---->spam gateway .7<---->Djigzo.74<---->internet
  
Public .3

Right now I am just trying to get mail routed through djigzo without
signing or encrypting.
Here's my MTA config...

# postfix main config for djigzo

# these settings will be changed by the MTA admin page
djigzo_myhostname = mail.helenhayeshosp.org
djigzo_mydestination =
djigzo_mynetworks = 192.168.15.7, 192.168.15.29, 192.168.15.30
djigzo_relayhost =
djigzo_relayhost_mx_lookup =
djigzo_relayhost_port = 25
djigzo_relay_domains = HelenHayes.Local, mail.helenhayeshosp.org
djigzo_before_filter_message_size_limit = 10240000
djigzo_after_filter_message_size_limit = 512000000
djigzo_mailbox_size_limit = 512000000
djigzo_smtp_helo_name = mail.helenhayeshosp.org
djigzo_relay_transport_host = 192.168.15.7
djigzo_relay_transport_host_mx_lookup = mx
djigzo_relay_transport_host_port = 25
djigzo_reject_unverified_recipient = reject
djigzo_unverified_recipient_reject_code = 450
djigzo_parent_domain_matches_subdomains = relay_domains

smtpd_banner = $myhostname ESMTP $mail_name (Djigzo)

biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

myhostname = ${djigzo_myhostname}
mydestination = ${djigzo_mydestination}
mynetworks = 127.0.0.0/8, ${djigzo_mynetworks}
relayhost =

${djigzo_relayhost_mx_lookup:${djigzo_relayhost?[}}${djigzo_relayhost}${
djigzo_relayhost_mx_lookup:${djigzo_relayhost?]}}${djigzo_relayhost?:${d

jigzo_relayhost_port}}
relay_domains = ${djigzo_relay_domains}
message_size_limit = ${djigzo_after_filter_message_size_limit}
mailbox_size_limit = ${djigzo_mailbox_size_limit}
smtp_helo_name =

${djigzo_smtp_helo_name?$djigzo_smtp_helo_name}${djigzo_smtp_helo_name:$

myhostname}
relay_transport =

relay${djigzo_relay_transport_host?:${djigzo_relay_transport_host_mx_loo
kup:[}$djigzo_relay_transport_host${djigzo_relay_transport_host_mx_looku

p:]}:$djigzo_relay_transport_host_port}
smtpd_recipient_restrictions = permit_mynetworks,
reject_unauth_destination ${djigzo_reject_unverified_recipient?,
reject_unverified_recipient}
unverified_recipient_reject_code =
$djigzo_unverified_recipient_reject_code
parent_domain_matches_subdomains =
$djigzo_parent_domain_matches_subdomains

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

recipient_delimiter = +

smtpd_authorized_xforward_hosts = 127.0.0.1/32

content_filter = djigzo:127.0.0.1:10025

#smtp_tls_security_level = may
#smtp_sasl_auth_enable = yes
#smtp_sasl_password_maps = hash:/etc/postfix/smtp_client_passwd
#smtp_sasl_type = cyrus
#smtp_tls_CApath = /etc/postfix/certs/
#smtp_sasl_security_options =

When I try to send mail from an outside domain, say for example gmail,
to an internal address, I get an NDR with the following error:
"Google tried to deliver your message, but it was rejected by the
recipient domain. We recommend contacting the other email provider for
further information about the cause of this error. The error that the
other server returned was: 554 554 5.7.1 <xxxx(a)xxxx.xx>: Relay access
denied (state 14)."

Not sure where I've gone wrong but I'm certain I have.

Any help would be appreciated.

Thanks
Ron...

IMPORTANT NOTICE: This e-mail and any attachments may contain

confidential or sensitive information, which is, or may be legally
privileged or otherwise protected by law from further
disclosure.%CRLF%It is intended only for the addressee. If you received
this in error or from someone who was not authorized to send it to you,
please do not distribute copy or use it or any attachments.%CRLF% Please
notify the sender immediately by reply e-mail and delete this from your
system. Thank you for your cooperation.

_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
http://lists.djigzo.com/lists/listinfo/users

--
Djigzo open source email encryption