Humans are heavily dependent on the email system for communication. Emails are used by businesses, offices, homes, friends, family, etc to send personal as well as professional pieces of information to one another. Many a time, users tend to get the Relay access denied error which means that the one email server is not allowing the email to be sent to another mail server. This error is seen with Postfix mail servers. The error looks like:
454 4.7.1 <firstname.lastname@example.org>: Relay access denied
Generally, it is caused when sending or receiving an email from an external or outside domain. With this post, we shall go into detail as to how this error is caused and the best possible fix for it.
Why is the “454 4.7.1 – Can’t receive mail – Relay access denied” error is caused?
Let us understand how the email delivery system works. Popular mail clients such as Squirrelmail, Outlook, Mailbird, eM Client, Thunderbird, et cetera are used to send emails to other people. The mail client sends the email to our own mail server and then the mail server transmits it to the receivers’ mail server on relays. Then, finally, the receiver shall get this email. The receiver of the email can be on an external email server or even on the same email server. Before transmitting emails, most email servers demand authentication of the mail account. If proper authentication is not performed and the mail client sends an email to an email server that is external, then the error message “Relay Access Denied” will occur. This error can be checked and seen in the email logs. Improper recipient and relaying settings in the Postfix configuration can also cause this error. The error in the log shall look something like this:
July 07 03:09:10 user postfix/smtpd: NOQUEUE: reject: RCPT from unknown[***.***.***.***]: 454 4.7.1 <email@example.com>: Relay access denied; from=<firstname.lastname@example.org> to=<email@example.com> proto=ESMTP helo=<S>
When you send the email to another person, you have to authenticate the delivery with your mail client. This requires a unique username and password. Without proper authentication, the email will not be relayed to the receiver’s email address. This mechanism is incorporated into the mail clients to stop suspicious and unknown persons from sending emails using your mail server.
Alternatively, if the email delivery is successful from the sender’s end, then the problem might be with the recipient’s mail server. The recipient’s mail server can accept the emails from other domains only if the sender’s mail client can successfully go through the spam filter and security checks. It is also highly possible that the recipient might have some wrong configuration on their server. It can have database-related errors or the SMTP authentication settings are disabled. The email of the receiver can also be inactive or invalid.
The common causes for this error can be:
- Incorrect Postfix relaying and recipient configuration settings
- Sending a mail to an external or outside email server without authentication from the mail client
Easy ways to fix the “454 4.7.1” error in Postfix mail servers
Web hosts having Plesk control panels in their server prefer to use the Postfix mail server. Such servers have Dovecot configured for Internet Message Access Protocol (IMAP) and Post Office Protocol (POP) services. If all the users are getting the “454 4.7.1 Relay access denied” error while sending and receiving emails to outside domains, then the Postfix mail server might have some issues.
The error that we are looking for here can be found in four areas:
Postfix domain lookup database error
A list of local domain routes is contained in the Postfix database. When the Postfix mail server has to deliver emails to these local domains, it uses this list of local domain routes. In case the domain entries go missing or the complete database gets corrupted, sending emails to these local domains will cause the error. The “mysqlcheck -r psa smtp_poplocks -uadmin -p” command can be used to restore the table. The smtp_poplocks table will be checked and if there is any error in it, it will be fixed.
Configuration file error
The Postfix configuration file can be found at “/etc/postfix/main.cf”. This file has ‘mynetwork’, a list of networks with the permission to relay without authenticating from the mail server client. When the configuration file becomes corrupt, your email delivery will be halted and you will receive the “454 4.7.1 Relay Access Denied” error. You can contact the email provider to help fix this error.
With the Postfix mail server, SMTP authentication must be enabled. You can verify this by reviewing the configuration file and ensuring that the “smtpd_recipient_restrictions = permit_sasl_authenticated” part is configured like this. The server also gets timely updates. These updates can cause changes in the configuration setting of your mail server. In such cases, you have to keep an eye on the changes that are happening and then manually edit them to your preference. In the IT industry, it is considered good practice to keep a test server that resembles your actual live email server. You can try the updates on this test server to check if it is working properly or not and then you can implement the update in your live server.
Method to fix 454 4.7.1 – Can’t receive mail – Relay access denied error in Outlook, Thunderbird, SquirrelMail, and Roundcube
In general, the Postfix mail server will not allow relaying through the mail server unless someone has specially excluded authentication to the SMTP server. Trying to send emails without proper authentication or the wrong server settings in the mail client can affect the email delivery to an external or outside domain.
When the Relay access denied error occurs, we must first inspect the email logs. This can help us to know the cause of this error and then we can move on forward to fix it. Roundcube and SquirrelMail web clients have server-wide installation and configuration whereas Thunderbird and Microsoft Outlook have to be set up and configured by the user itself. Any configuration mistake in such mail clients can affect the users to send emails to other mail servers.
Fix for “454 4.7.1 Relay access denied”- Squirrelmail and Roundcube
No user will be able to send any emails if there is any configuration issue in mail clients such as Squirrelmail and Roundcube. In these mail clients, the configuration is applied to the complete server, which means all the users on this server will be affected.
Squirrelmail has a configuration file with the name “config.php” and it is conferred with “conf.pl”. If the configuration is not correct, then 454 4.7.1 error will be caused. The configuration file in Roundcube has the name “config.inc.php”. You can configure the SMTP server with this file. Wrong or incorrect configuration settings in this file can cause the Relay access denied error.
The easy fix for this issue for Sqirrelmail and Roundcube mail clients can be done by configuring these parameters:
- SMTP port settings for incoming and outgoing emails
- Authentication settings for SMTP
- Secure email delivery through the TLS/SSL settings
- Configuring the SMTP server for sending emails
Fix for “454 4.7.1 Relay access denied”- Outlook Express, Microsoft Outlook and Thunderbird
Outlook, Thunderbird, and other similar mail clients allow configuring the settings for individual mail accounts. The error here cannot be server-wide and the only possible cause for the error is improper settings at the user’s end. All these mail clients have different SMTP authentication settings. The SMTP server security also varies a lot in these email clients. Users need to configure their email clients in a proper way to avoid the Relay access denied 454 error.
Now to conclude this article, we have discussed in great detail the possible causes for the error – 454 4.7.1 Can’t receive mail Relay access denied. We have also covered the solution for this error for different available mail clients. Following the procedures mentioned above carefully can fix the 454 error on your system and you can have a smooth and uninterrupted email delivery to other individuals.