[Mailman-Users] trying to understand Relay access denied (in reply to RCPT TO command)
Stephen J. Turnbull
stephen at xemacs.org
Tue Oct 27 12:22:49 EDT 2015
Ricardo Kleemann writes:
> successful deliveries to yahoo and gmail, the relay shows a yahoo
> and gmail server respectively:
> Oct 23 13:18:07 localhost postfix/smtp: 0B0B344071:
> to=<xxxxxxx at yahoo.com>,
> relay=mta6.am0.yahoodns.net[22.214.171.124]:25, delay=1.4,
> delays=0.01/0.19/0.15/1, dsn=2.0.0, status=sent (250 ok dirdel)
That's not a relay in the relevant sense. That host is already
Yahoo. Everything past that is just internal details to Yahoo. The
same is true of your gmail example.
> Bad delivery attempts to same recipients at yahoo and gmail, but
> this time it’s relaying through a server in Brazil:
> Oct 24 06:27:26 localhost postfix/smtp: B7064449E0:
> to=<xxxxxxx at yahoo.com>, relay=mx2.ibest.com.br[126.96.36.199]:25,
> conn_use=17, delay=501, delays=0.03/501/0.2/0.21, dsn=5.7.1,
> status=bounced (host mx2.ibest.com.br[188.8.131.52] said: 554
> 5.7.1 < xxxxxxx at yahoo.com>: Relay access denied (in reply to RCPT
> TO command))
Almost certainly it's just telling you you don't have permission to
relay through that host. Is there a reason you think that you should
have permission, or did you just assume it would work? Or perhaps you
had past experience but no contract, and they decided that being an
open relay was a bad idea.
> So I don’t understand why would any server be bouncing back with a
> relay error.
Actually, the question is why any server not operated by the
recipient's ISP would allow you to relay. And the answer is simple.
Either they are an external MX authorized by the recipient ISP to
relay any mail to the recipient, or you have an explicit agreement
with them to relay mail from you.
There's a third answer, which is that they let anyone relay. Such
hosts are called "open relays," they are frequently used by spammers,
and they tend to get blacklisted by the major providers and "black
hole" lists very quickly. So nobody who has a reputation to protect
allows open relay any more (or they learn very quickly that it's a bad
More information about the Mailman-Users