Cannot send mail using Outlook: 554 5.7.1: Client host rejected: Access denied

Created:

2016-11-16 12:42:50 UTC

Modified:

2017-07-24 05:57:59 UTC

13

Was this article helpful?


Have more questions?

Submit a request

Cannot send mail using Outlook: 554 5.7.1: Client host rejected: Access denied

Applicable to:

  • Plesk 12.5 for Linux
  • Plesk 11.0 for Linux
  • Plesk 11.5 for Linux
  • Plesk 12.0 for Linux

Symptoms

Trying to send mail to some external domains (like hotmail.com or gmail.com ) using Outlook client, an error is shown Relay access denied , Relaying denied or Client host rejected: Access denied :

554 5.7.1
<hostname.tld[203.0.113.2]>: Client host rejected: Access denied

The following messages can be found in /usr/local/psa/var/log/maillog :

Jul 18 06:03:05 ns315915 postfix/smtpd[8688]: NOQUEUE: reject: RCPT from source.dom[203.0.113.2]: 554 5.7.1 <dest-address@example.com>: Relay access denied; from=<source-mailname@example2.com> to=<dest-address@example.com> proto=ESMTP helo=<helomessage>

The other mail clients (Opera Mail, Mozilla Thunderbird) are able to send messages.

Cause

Postfix misconfiguration. The configuration is too restrictive for Outlook to work properly.

Resolution

Сonnect to the server using SSH. General configuration for Postfix smtpd is located in /etc/postfix/main.cf 

  1. Back up the original file:

       # cp /etc/postfix/main.cf{,.old}
  2. Open it in text editor and search for the following lines:

    smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination

    This line says that relaying messages of authenticated clients is allowed through the server. Make sure it is not commented out (does not have '#' in front of it). This, probably, is the option which affects relaying the most - make sure it is set properly . More information about this option .

        smtpd_sasl_security_options = noplaintext

    This line disables plaintext authentication. Make sure it is not present in configuration (or commented out) as it should be client's choice to use plaintext auth or not. It does not affect security but increases compatibility.

        smtpd_tls_auth_only = no

    This line enables non-secure access (in addition to secure one) in smtpd . As with previous line, it is needed for compatibility and does not decrease security.

  3. To apply the changes, reload Postfix configuration:
    # service postfix reload
    Reloading postfix: [ OK ]

    All 3 options affect compatibility with Outlook. It is better to set them as specified to make sure Outlook is able to work properly. Outlook configuration example:

    Outlook configuration example

    More information about Postfix configuration can be found here .

Additional information

The following KB article can also be useful:

213365609 Users not able to connect to a relay mail server through Atmail webmail on Plesk 12.

Attachments:

Have more questions? Submit a request
Please sign in to leave a comment.