SMTP error (554): Recipient "Email" cannot be added (5.7.1 <unknown[IP]>: Client

[Ranjithkr]

I have configured a roundcube webmail with roundcube 1.6.6.   I   have  a couple of email servers which is configured with postfix and dovecot like mx1.example.com, mx2.example.com and mx3.example.com. (Sorry, i cant mention the real host names).  I am able to login to the webmail with the email account of any of these mail servers and also can receive the mails. But when i try to send emails from webmail, it shows the below error.

SMTP error (554): Recipient "Email" cannot be added (5.7.1 <unknown[IP]>: Client host rejected: Access denied).

Any idea what could be wrong here. 

[Loggy]

I have this problem - or very similar.

Presumably the OP either sorted it out or migrated to a different system.  Either way it would be very useful to know what, if any, is the solution.

I had to change servers from one running Ubuntu 20.04 with RC 1.4.8 to 24.04 running RC 1.6.6.  I migrated the database and all email and configuration files. I've done this sort of thing a number of times and it has rarely taken longer than a day or so to get things up and running.

Clearly there are some differences but after a little work, relaying works and I can send mail from an xterm using mutt or mail.

But I can't send mail out from the RC client.

I get an error:

SMTP Error: Failed to add recipient '{target-email-address}': 5.7.1 <{target-email-address}>:: Relay access denied (Code: 554)

.

This has been bugging me for a couple of weeks now and I have sprinkled enough error_log() instructions to see that the issue appears to be in send_mail.

Any clue would be very helpful but I have to decide whether I:

• replace the send_mail function in rcube_smtp.php with a simple mutt execution,
• upgrade to 1.6.10,
• downgrade back to 1.4.8, or
• move to another IMAP client.

TIA

[alec]

You have to carefully review what you have in the config file regarding all smtp_* options. I'm guessing you do not use TLS or use wrong port, or just have to set smtp_user/smtp_pass options.

[Loggy]

@alec

You are correct about tls.  I will leave that for the moment.

I've tried to strip as much out as possible. At the moment I have set:

$config['smtp_host'] = 'localhost:25';
$config['smtp_auth_type'] = "LOGIN";
$config['smtp_user'] = '%u';
$config['smtp_pass']= '%p';
$config['smtp_debug'] = true;

But it appears to make no difference whatever I set.

I assume default.inc.php contains all possible $config elements, starting with the empty $config array so $config['smtp_port'], $config['smtp_server'] etc are meaningless legacy elements but perhaps should still work if the new name is not used.

I am using php7.4-fpm under nginx - I was having trouble with PEAR under the default 8.3.

[alec]

Typical setting for smtp_host is 'tls://localhost:587&#39;. In case you have problem with certificate validation you can use 'smtp_conn_options' to disable it.

[Loggy]

@alec - many thanks for your thoughts.  Sorry I've been away for a couple of days.

I don't think it is a validation issue:

• because mutt/mail can send mail without problem,
• relaying from incoming smtpd mail to (eg) gmail works and
• following your message I set smtp_timeout to 10 seconds and whether using port 25 or 587 (after restarting everything) the error message popped up immediately.

This error is something trapped in rcube_smtp.php.

Could it be that roundcube will not work using such slack settings?

Or it maybe some inconsistency between my postfix settings smtp and roundcube.  Here is are the basic stmp settings in postfix main.cf:

smtp_sasl_password_maps = hash:/etc/postfix/passwd
smtp_use_tls = no

where /etc/postfix/passwd contains the password

and in master.cf:

smtp      inet  n      -      y      -      -      smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_sasl_type=dovecot
  -o smtpd_tls_wrappermode=no
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
  -o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_destination
  -o smtpd_sasl_path=private/auth

I filter incoming mail for me using amavis but not for relayedmail. 

The settings may not be perfect but mutt/mail are happy with these...