On the server w/ postfix:
$ host 38.119.56.160
160.56.119.38.in-addr.arpa domain name pointer mta700.testemail.newegg.com.
160.56.119.38.in-addr.arpa domain name pointer mta700.email.newegg.com.
Is the reason below why it shows up as unknown because the fwd/reverse do
not match properly, or?
$ host mta700.testemail.newegg.com
Host mta700.testemail.newegg.com not found: 3(NXDOMAIN)
$ host mta700.email.newegg.com
mta700.email.newegg.com has address 38.119.56.160
In the logs though, it does not lookup the name for (newegg only), I only
see it with newegg where this happens on occasion:
Aug 8 07:16:44 l1 postfix/smtpd[10205]: warning: 38.119.56.160: hostname
mta700.testemail.newegg.com verification failed: Name or service not known
Aug 8 07:16:44 l1 postfix/smtpd[10205]: connect from unknown[38.119.56.160]
Aug 8 07:16:45 l1 postfix/geoip[10209]: address[38.119.56.160] country[US, United States] result[DUNNO]
Aug 8 07:16:46 l1 postfix/policy-spf[10211]: handler sender_policy_framework: is decisive.
Aug 8 07:16:46 l1 postfix/policy-spf[10211]: : Policy action=PREPEND Received-SPF: pass (b.email.newegg.com: 38.119.56.160 is authorized to use '[EMAIL PROTECTED]' in 'mfrom' identity (mechanism 'ip4:38.119.56.160/29' matched)) receiver=l1.internal.lan; identity=mfrom; envelope-from="[EMAIL PROTECTED]"; helo=mta700.email.newegg.com; client-ip=38.119.56.160
Aug 8 07:16:49 l1 postfix/geoip[10209]: address[38.119.56.160] country[US, United States] result[DUNNO]
Aug 8 07:16:54 l1 postfix/policyd-weight[22228]: weighted check: NOT_IN_SURR=-0.2 NOT_IN_PBSO=-0.2 NOT_IN_SIMP=-0.2 NOT_IN_KOTQ=-0.2 NOT_IN_SPMC=-0.2 NOT_IN_BHNC=-0.2 NOT_IN_DCE3=-0.2 NOT_IN_DCE2=-0.2 NOT_IN_DCE1=-0.2 NOT_IN_ZENH=-0.2 NOT_IN_SARU=-0.2 NOT_IN_MAJI=-0.2 NOT_IN_ABAT=-0.2 NOT_IN_VIRB=-0.2 NOT_IN_KSVC=-0.2 NOT_IN_IXBL=-0.2 NOT_IN_KMPT=-0.2 NOT_IN_CLB4=-0.2 NOT_IN_DABL=-0.2 NOT_IN_CNJA=-0.2 NOT_IN_SRJP=-0.2 NOT_IN_SWCH=-0.1 NOT_IN_CNTQ=-0.1 NOT_IN_USUB=-0.1 NOT_IN_NSRB=-0.1 NOT_IN_LSBL=-0.1 IN_BLHL=1.75 NOT_IN_SRBD=-0.1 NOT_IN_CBLP=-0.1 NOT_IN_DNUL=-0.1 NOT_IN_0SPM=-0.1 NOT_IN_WPBL=-0.1 CL_IP_EQ_HELO_IP=-2 (check from: .newegg. - helo: .mta700.email.newegg. - helo-domain: .newegg.) FROM/MX_MATCHES_HELO(DOMAIN)=-2; <client=38.119.56.160> <helo=mta700.email.newegg.com> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>; rate: -7.45
Aug 8 07:16:54 l1 postfix/policyd-weight[22228]: decided action=PREPEND X-policyd-weight: NOT_IN_SURR=-0.2 NOT_IN_PBSO=-0.2 NOT_IN_SIMP=-0.2 NOT_IN_KOTQ=-0.2 NOT_IN_SPMC=-0.2 NOT_IN_BHNC=-0.2 NOT_IN_DCE3=-0.2 NOT_IN_DCE2=-0.2 NOT_IN_DCE1=-0.2 NOT_IN_ZENH=-0.2 NOT_IN_SARU=-0.2 NOT_IN_MAJI=-0.2 NOT_IN_ABAT=-0.2 NOT_IN_VIRB=-0.2 NOT_IN_KSVC=-0.2 NOT_IN_IXBL=-0.2 NOT_IN_KMPT=-0.2 NOT_IN_CLB4=-0.2 NOT_IN_DABL=-0.2 NOT_IN_CNJA=-0.2 NOT_IN_SRJP=-0.2 NOT_IN_SWCH=-0.1 NOT_IN_CNTQ=-0.1 NOT_IN_USUB=-0.1 NOT_IN_NSRB=-0.1 NOT_IN_LSBL=-0.1 IN_BLHL=1.75 NOT_IN_SRBD=-0.1 NOT_IN_CBLP=-0.1 NOT_IN_DNUL=-0.1 NOT_IN_0SPM=-0.1 NOT_IN_WPBL=-0.1 CL_IP_EQ_HELO_IP=-2 (check from: .newegg. - helo: .mta700.email.newegg. - helo-domain: .newegg.) FROM/MX_MATCHES_HELO(DOMAIN)=-2; rate: -7.45; <client=38.119.56.160> <helo=mta700.email.newegg.com> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>; delay: 5s
Aug 8 07:16:54 l1 postgrey: action=greylist, reason=new, client_name=unknown, client_address=38.119.56.160, [EMAIL PROTECTED], [EMAIL PROTECTED]
Aug 8 07:16:54 l1 postgrey: cleaning up old logs...
Aug 8 07:16:54 l1 postfix/smtpd[10205]: NOQUEUE: reject: RCPT from unknown[38.119.56.160]: 421 4.2.0 <[EMAIL PROTECTED]>: Recipient address rejected: Greylisted, see http://postgrey.schweikert.ch/help/solarrain.com.html; from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> proto=SMTP helo=<mta700.email.newegg.com>
Aug 8 07:16:54 l1 postfix/smtpd[10205]: disconnect from unknown[38.119.56.160]
Why does it show as unknown instead of the hostname itself?
I use check_client_access with a whitelist for newegg.com but if it does
not lookup (shows as unknown) instead of from *.newegg.com, it is of no
use.
Any ideas?
- postfix 2.5.2-2
- running local dns/bind caching server
- only happens typically from (newegg) from what I have seen (not orders),
but deal/sales e-mails from newegg
Is this something on my side or their side?
Justin.
