On Fri, 20 Sep 2013, Craig Sanders <[email protected]> wrote: > On Fri, Sep 20, 2013 at 02:50:55PM +1000, Russell Coker wrote: > > <- 220 mx0.example.com ESMTP Postfix (Debian/GNU) > > > > -> EHLO example.com > > > > [...] > > <** 554 5.7.1 <[email protected]>: Sender address rejected: > > forged mail > > > > -> QUIT > > some questions that might lead you in the right direction: > > does mx0 have server0.example.com in its my_destination? > > is there a check_sender_access map in main.cf listing server0.example.com?
No. "grep server /etc/postfix/*" returns no matches. > is there a check_helo_access map listing example.com? if it > does exist, does it come *AFTER* or *BEFORE* permit_mynetworks, > permit_tls_clientcerts, and permit_sasl_authenticated? the order of > rules is extremely significant in postfix. smtpd_helo_restrictions = permit_mynetworks,reject_invalid_hostname,reject_unknown_sender_domain, reject_non_fqdn_hostname, reject_unknown_sender_domain Above is my only helo rule on that system. Thanks for the suggestions. James Harper's idea is interesting, is there any similar feature of Postfix for debugging these things? -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/ _______________________________________________ luv-main mailing list [email protected] http://lists.luv.asn.au/listinfo/luv-main
