From: John on

We have a Postfix (2.7.1) instance running successfully for all of our
mail needs, short of one scenario. On our network, we are trying to
configure other hosts (on the same class of private IP address -
192.168.x.x) to forward mail (logwatch files) to an aliased user using a
sendmail client.

Here is a snippet of a log entry, from the client, that shows the
connection refused error:

Aug 11 20:15:41 myhost sendmail[17048]: o7B9uJjQ015169:
to=<user(a)>, ctladdr=<root(a)> (0/0),
delay=15:19:22, xdelay=00:00:00, mailer=esmtp, pri=1560372,, dsn=4.0.0, stat=Deferred: Connection refused by

In reading the documentation the only thing I could find that would
affect this connection was $mydomain and $mynetworks, or so I assumed,
but cannot seem to find the right "mixture" to be successful. I've
spent a considerable amount of time on this and am now asking what am I
missing or what do I have misconfigured in order to get this work correctly?

Thanks for any help or pointing me in the right direction.


Here is the output of postconf -n

# postconf -n
alias_maps = hash:/etc/postfix/aliases
broken_sasl_auth_clients = yes
canonical_maps = pgsql:/etc/postfix/sql/
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = amavisfeed:[]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = $myhostname, localhost
mail_owner = postfix
mailbox_delivery_lock = fcntl, dotlock
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
masquerade_domains = $mydomain
message_size_limit = 20480000
mydestination = $myhostname, mail.$mydomain
mydomain =
myhostname =
mynetworks =,
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_tls_note_starttls_offer = yes
smtpd_helo_required = yes
smtpd_recipient_restrictions =
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = check_sender_access
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/ssl/
smtpd_tls_key_file = /etc/postfix/ssl/
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_timeout = 3600s
soft_bounce = no
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = pgsql:/etc/postfix/sql/
virtual_gid_maps = pgsql:/etc/postfix/sql/
virtual_mailbox_base = /mail
virtual_mailbox_domains =
virtual_mailbox_lock = fcntl, dotlock
virtual_mailbox_maps =
virtual_uid_maps = pgsql:/etc/postfix/sql/

P.S. Thanks Ralph and Patrick for "The Book of Postfix", you'll likely
recognize your virtual hosting solution from Chapter 14...

From: Wietse Venema on
> Aug 11 20:15:41 myhost sendmail[17048]: o7B9uJjQ015169:
> to=<user(a)>, ctladdr=<root(a)> (0/0),
> delay=15:19:22, xdelay=00:00:00, mailer=esmtp, pri=1560372,
>, dsn=4.0.0, stat=Deferred: Connection refused by

That is the Sendmail MTA, not POSTFIX.