554 communication auth_error ai_generated true

554 5.7.0 中继访问被拒绝

554 5.7.0 Relay access denied

ID: communication/smtp-554-5-7-0-relay-denied

其他格式: JSON · Markdown 中文 · English
80%修复率
87%置信度
1证据数
2023-09-05首次发现

版本兼容性

版本状态引入弃用备注
Postfix 3.7.0 active
Exim 4.96 active
Sendmail 8.17.1 active

根因分析

SMTP 服务器拒绝中继尝试,因为客户端 IP 或认证用户无权向外部域发送邮件。

English

SMTP server rejects the relay attempt because the client's IP or authenticated user is not authorized to send emails to external domains.

generic

官方文档

https://www.ietf.org/rfc/rfc2821.txt

解决方案

  1. Add the client's IP to the relay allow list in the SMTP server config: For Postfix, add to `/etc/postfix/main.cf`: `mynetworks = 192.168.1.0/24` and restart with `systemctl restart postfix`.
  2. Enable SMTP authentication with valid credentials: In the client, configure `smtp_auth = login` and provide a username/password that has relay rights. For Python's smtplib, use `server.login(user, password)`.
  3. Route email through a dedicated relay service like SendGrid or AWS SES with proper SPF/DKIM records.

无效尝试

常见但无效的做法:

  1. Disable SMTP authentication on the server to allow open relay 95% 失败

    Open relays are a security risk and will be blacklisted; also violates RFC requirements.

  2. Change the sender email address to a local domain on the server 70% 失败

    The relay denial is based on the recipient domain, not the sender; local sender still fails for external recipients.

  3. Increase the SMTP timeout value 90% 失败

    The error is an authorization failure, not a timeout; timeout changes don't affect relay permissions.