Help Please - Erro

Hi community, how are you?

I need everyone’s help with some urgency

My email server is not receiving mail. When doing a test sending a personal email to my server I am getting the following error:

554 5.7.1: Relay access denied

What should I do.

Below is my file for the


#See /usr/share/postfix/ for a commented, more complete version

#Debian specific: Specifying a file name will cause the first #line of that file to be used as the name. The Debian default #is /etc/mailname. #myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no

#appending .domain is the MUA’s job. append_dot_mydomain = no

#Uncomment the next line to generate “delayed mail” warnings #delay_warning_time = 4h

readme_directory = no

#TLS parameters smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem smtpd_tls_key_file = /etc/ssl/private/postfix.pem smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

#See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for #information on enabling SSL in the smtp client.

smtpd_relay_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination myhostname = alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = localhost relayhost = mynetworks = [::ffff:]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3 smtp_tls_mandatory_protocols = !SSLv2,!SSLv3 smtpd_tls_protocols = !SSLv2,!SSLv3 smtp_tls_protocols = !SSLv2,!SSLv3 virtual_transport = lmtp:unix:private/dovecot-lmtp virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 virtual_mailbox_domains = mysql:/etc/postfix/mysql/ virtual_mailbox_maps = mysql:/etc/postfix/mysql/ virtual_alias_maps = mysql:/etc/postfix/mysql/

default_transport = smtp relay_transport = smtp home_mailbox = Maildir/

#Change postfix TLS parameter to use dovecot #smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache #smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache #smtpd_tls_cert_file=/etc/ssl/certs/dovecot.pem #smtpd_tls_key_file=/etc/ssl/private/dovecot.pem smtpd_use_tls=yes #smtpd_tls_auth_only = yes

#Handle SMTP authentication using Dovecot smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes

smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination

#other destination domains should be handled using virtual domains mydestination = localhost

#using Dovecot’s LMTP for mail delivery and giving it path to store mail virtual_transport = lmtp:unix:private/dovecot-lmtp

#virtual mailbox setups virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 virtual_alias_maps = mysql:/etc/postfix/mysql/ virtual_mailbox_domains = mysql:/etc/postfix/mysql/ virtual_mailbox_maps = mysql:/etc/postfix/mysql/

Hi. I was experiencing this problem and after 5 hours of searching, I found the problem.

I used ViMbAdmin to add my domain and I have checked the Backup MX option when adding the domain.

Well, it will produce a problem with reject_unauth_destination parameter inside the smtpd_relay_restrictions option in your

But how?

In simple terms: postfix will check the recipient address. If the domain part of the recipient (which is your domain) was not defined in relay_domains, mydestination, inet_interfaces, proxy_interfaces, virtual_alias_domains, or virtual_mailbox_domains options at, then postfix will reject it.

Now, if you look at the virtual_mailbox_domains option, you will see this part:


and inside the file, there is one MySQL query:

SELECT domain FROM domain WHERE domain = '%s' AND **backupmx = '0'** AND active = '1'

So, it will not return the domain(s) which have Backup MX option enabled and postfix reject them as an unauth destination.

Besides that, I used and

To figure out other problems with my mail server configuration which helped a lot.

E.g., make sure you have the below DNS records:

  1. an MX record with 0 priority for your hostname (E.g., which you can find it by running the below command:

hostname -f

(If your hostname is wrong, you can change it by issuing: hostname your-new-name in the terminal)

  1. an A record for your hostname pointing to your server IP address.

  2. DKIM, DMARC and SPF records which are usually defined as a TXT record.

Finally, If you are using a firewall, make sure you have allowed these ports :

25, 465, 587, 143, 993, 110, 10025, 11025, 4190

Hope it works.