No announcement yet.

Relay access denied on external mail server


Unconfigured Ad Widget

  • Filter
  • Time
  • Show
Clear All
new posts

  • Relay access denied on external mail server

    Hi everyone,

    I have one domain with MX records that point to an external mail server; the Mail service for the domain is disabled.
    Everything works without any problem except for one specific sender. Then, every email from this specific ended domain gets rejected with the following error:

    "Plesk server domain" gave this error:
    <recipient on external mail server>: Relay access denied

    We have whitelisted the sender domain on the external mail server, but it didn't solve the problem.

    Is there anyone who can help me with this one?

  • #2
    Hey Annie,

    What I believe is that there are two usual reasons for getting the error.

    1) The sender did not authenticate to an outgoing mail server due to misconfigurations.

    2)The Recipient's server has identified the sender's server to be a spam source or it had failed security checks.

    When Recipient's MX rejects the mail,

    If an email was successfully sent from Sender's MX, the issue might appear with the Recipient's MX.

    Therefore, it accepts mail only if:

    - The Sender's MX has passed all security checks/spam filters
    - The Recipient's MX isn't having any misconfigurations

    There are common misconfigurations on the Recipient's MX,
    - Incorrect MX records
    - If MX has some database errors
    - If SMTP authentication settings are not enabled.
    - If DNS MX records point to the wrong server
    - If Recipient's email is invalid/inactive/cancelled

    When Relay Access Denied error on the mail server side,

    There are two everyday situations that a server owner may face with such or similar errors.

    When the end-users try to send an email, they may receive and send the error in a bounce-back. For example, the person who tries to send an email to a user on your server receives an error and reports it to you.

    You have to check your log files. And also, have a look at the error codes, as there are versions of that.

    454 4.7.1 Relay Access Denied – The error code is noticed inside server logs when the Recipient's server is temporarily incapable of receiving emails. In that case, another attempt to send mail will occur later.

    554 5.7.1 Relay Access Denied – When the email is rejected, you can find this error code in the Recipient's mail server logs.

    1) If User authentication fails

    You need to review the server authentication configurations. If you use a Postfix server, you must ensure that SMTP authentication is enabled. Check for the configuration file and ensure that the

    "smtpd_recipient_restrictions" is configured as follows:
    smtpd_recipient_restrictions = permit_sasl_authenticated

    In server software updates, It may change the configurations. If your mail server was running all the time smoothly, and then it suddenly stopped, most probale the reason is the latest software update.

    If you are used to updating your server manually, consider having a test server setup similar to your live server.

    2) If An Authentication database is corrupted

    In that case, You can perform the command
    mysqlcheck -r psa smtp_poplocks -uadmin -p

    It helps to check the table "smtp_poplocks" and fix it if it turns out broken.

    3) If the External mail server failed anti-spam to check on the server

    Assuming that somebody sends the emails to your end-clients and emails may be dismissed by spam filters configured on your mail server.
    It happens due to simply the Sender Verify spam rule. It would help if you investigated mail logs. If this happens with a trustworthy mailbox, Emails from this address are obstructed because of spam checks often. Then, You should consider updating and disabling the anti-spam rule. Reach the owner of the sending email server, and request to re-configure his server in such a way that it should be compliant with the anti-spam rules and checks.

    4) If Anti-spam rules on the recipient server are bouncing back the user's emails

    If your end users send the emails and, in reply, they receive them back with the error code:

    454 4.7.1: Relay access denied

    Here, your server is not passing through the Recipient's server anti-spam rules and checks. As a result, it may get on the firewall blacklist on the Recipient's side.

    You should first review the headers of the bounced emails. It will give more details on why the email got rejected. Normally, it's provoked when your server gets on RBL (Real-time Blackhole List).

    These sites as MxToolbox and MultiRBL, help you to figure out and check if your server is located in blacklists. Information you will get from those sites will tell you about any blacklists you may be on and usually refer to these RBLs, so you can request them to exclude you from those RBLs. However, before asking to exclude your server, you must ensure and resolve the origin of getting blacklisted. So, for example, if a spammer was detected on your server, you need remove before asking to remove your server from the blacklist.

    I would be delighted if you find this helpful.