Cannot send email using Outlook: 554 5.7.1: Client host rejected: Access denied

Created:

2016-11-16 12:42:50 UTC

Modified:

2017-08-16 16:11:19 UTC

15

Was this article helpful?


Have more questions?

Submit a request

Cannot send email using Outlook: 554 5.7.1: Client host rejected: Access denied

Applicable to:

  • Plesk for Linux

Symptoms

  • If trying to send an email to some external domains (hotmail.com, gmail.com, etc) using Outlook, the following bounce message is returned:

    Server error: '454 4.7.1 <mail@example.com>: Relay access denied'

    Or:

    Client host rejected: Access denied: 554 5.7.1 <example.com[203.0.113.2]>: Client host rejected: Access denied
  • The following message can be found in /var/log/maillog :

    Jul 18 06:03:05 ns315915 postfix/smtpd[8688]: NOQUEUE: reject: RCPT from source.dom[203.0.113.2]: 554 5.7.1 <mail@example.com>: Relay access denied;

    Or:

    Aug  4 23:30:53 hcs014 postfix/smtpd[21167]: NOQUEUE: reject: RCPT from unknown[203.0.113.2]: 454 4.7.1 <mail@example.com>: Relay access denied;
  • The other mail clients (Opera Mail, Mozilla Thunderbird) are able to send messages.

Cause

The configuration is too restrictive for Outlook to work properly.

Resolution

  1. Сonnect to the server using SSH. General configuration for Postfix is located in /etc/postfix/main.cf
  2. Back up the main configuration file:

    # cp /etc/postfix/main.cf{,.bak}

  3. Open it in a text editor and search for the following lines:

    smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination

    This line says that relaying messages of authenticated clients is allowed through the server. Make sure it is not commented out (does not have # sybmol in front of it). This, probably, is the option which affects relaying the most - make sure it is set properly . More information about this option .

    smtpd_sasl_security_options = noplaintext

    This line disables plain text authentication. Make sure it is not present in configuration (or commented out) as it should be client choice to use plaintext auth or not. It does not affect security but increases compatibility.

    smtpd_tls_auth_only = no

    This line enables non-secure access (in addition to secure one). As with previous line, it is needed for compatibility and does not decrease security.

  4. To apply the changes, reload Postfix:

    # service postfix reload

    All 3 options affect compatibility with Outlook. It is better to set them as specified to make sure Outlook is able to work properly. Outlook configuration example:

Additional Information

Postfix Configuration Parameters

Unable to connect to the mail server using Atmail: Relay access denied

Have more questions? Submit a request
Please sign in to leave a comment.