Thread Info
  • State Verified Answer
  • +4 person also asked this people also asked this
  • Replies 6 replies
  • Subscribers 8 subscribers
  • Views 39932 views
  • Users 0 members are here
Options
Suggested

MTA keeps saying "no relaying allowed"

oxident

Hi!

I'm quite new to SFOS 16 and after I've discovered, that Legacy SMTP seems to be broken ("Connection refused"), I've tried to implement the MTA mode but I didn't quite understand, how to configure this correctly.

In the past, I've used the SMTP rule to do spam/av-checking and while passing it down to my mail server. But when in MTA mode, my XG seems to check whether the incoming mail is really targeted to my domain. Does this involve maintaining a list of (valid) eMail accounts or domains within XG?

Sorry, maybe I'm missing the spot here ;-) 

Parents
  • +4

    Hello Oxident

    I attach here a quick&dirty "guide" or "howto" to set up MTA

     

    First you create the SMTP Policy

    Check that in the device settings relaying is allowed for all zones where mail is incoming or outgoing. Usually this is WAN and LAN (or DMZ - wherever your Mailserver resides)

    Check the autocreated firewall (Business) policy. Maybe change settings as WAN Interface to use in the NAT settings, IPS etc.

    and finally configure relaying settings. Under hostbased relay you should enter your internal devices using XG as MTA/Smarthost. At least there should be entered your mailserver. You also may add some MFC printers, webservers and other devices capable of sending mails directly via XG. Under Upstream hosts you enter "ANY", if you receive mails directly from Internet, or the IP´s from where mails arrive, if you use a upstream mail spooler.

     

    That should basically do the job

     

    Addendum few hrs. later concerning "Does this involve maintaining a list of (valid) eMail accounts or domains within XG?"

    ==> No, not mail accounts, but mail domains. If you own (and want to receive mails for) the domain example.com, you have to enter this in the MTA routing section, so the MTA only accepts mails to that domain and will reject other domains.

  • 0 in reply to SaschaParis

    Hi Sascha,

     

    your quick & dirty guide safed me a lot of time! I accedentially deleted the ANY Object under Upstream Host and the XG kept on saying: "550 Relay access denied" I was looking for about 2 Days what's going wrong simply not seeing the selfmade issue. YOUR list made my day!! Your wrote a kind of checklist "Under Upstream hosts you enter "ANY"," and everything works fine again!

    Thanks a lot!

     

    Best Regards

    Phil

Reply
  • 0 in reply to SaschaParis

    Hi Sascha,

     

    your quick & dirty guide safed me a lot of time! I accedentially deleted the ANY Object under Upstream Host and the XG kept on saying: "550 Relay access denied" I was looking for about 2 Days what's going wrong simply not seeing the selfmade issue. YOUR list made my day!! Your wrote a kind of checklist "Under Upstream hosts you enter "ANY"," and everything works fine again!

    Thanks a lot!

     

    Best Regards

    Phil

Children
No Data
Unfiltered HTML