Steve Lindemann wrote: > Searched docs and archives and I'm not seeing it... > (postconf -n at end) > > Situation: > > changed config to: > smtpd_helo_required = yes > smtpd_helo_restrictions = permit_mynetworks, > reject_invalid_helo_hostname, reject_unknown_helo_hostname
See comments below. > changed config back to: > smtpd_helo_required = yes > smtpd_helo_restrictions = permit_mynetworks This is moot.. this basically means: permit_mynetworks, permit > and the problem "went away" > > Questions: > > 1) Is the problem really on my end with that config? > 2) If it is, how can I do better? > 3) If it isn't, any suggestions for what to tell the exchange sys > admins to fix on their end? > > any help would be greatly appreciated... that last question is > important if I'm going to go back to those admins and tell them their > config is bad. I certainly don't know anything about exchange, let > alone how to configure it properly... come to that, I'm sure my > postfix config needs help too. I'm a jack of all trades type and > don't have the depth of knowledge that many others on this list have. > > examples of log messages: > > Jan 29 08:57:20 email postfix/smtpd[16340]: NOQUEUE: reject: RCPT from > hqironport.dot.state.co.us[63.225.17.195]: 450 4.7.1 > <hqexchangesvr2.dot.state.co.us>: Helo command rejected: Host not > found; from=<xxx...@dot.state.co.us> to=<xx...@mcpld.org> proto=ESMTP > helo=<hqexchangesvr2.dot.state.co.us> > Because: grkni...@mx1 ~ $ host hqexchangesvr2.dot.state.co.us Host hqexchangesvr2.dot.state.co.us not found: 3(NXDOMAIN) > Jan 29 08:57:28 email postfix/smtpd[16326]: NOQUEUE: reject: RCPT from > exchange.western.edu[204.132.64.25]: 450 4.7.1 > <exchange01.wsc.western.edu>: Helo command rejected: Host not found; > from=<xx...@western.edu> to=<xx...@marmot.org> proto=ESMTP > helo=<exchange01.wsc.western.edu> > Because: grkni...@mx1 ~ $ host exchange01.wsc.western.edu Host exchange01.wsc.western.edu not found: 3(NXDOMAIN) > Jan 29 08:58:08 email postfix/smtpd[16274]: NOQUEUE: reject: RCPT from > alert2.myweather.net[64.73.41.234]: 450 4.7.1 <mywx-s12.alert2>: Helo > command rejected: Host not found; > from=<9news-customc...@subs.myweather.net> to=<xx...@marmot.org> > proto=ESMTP helo=<mywx-s12.alert2> > Because they have a broken HELO configured. All 3 have reject_unknown_helo_hostname fire because they are not in your DNS. > > # postconf -n > smtpd_client_restrictions = permit_mynetworks > smtpd_helo_restrictions = permit_mynetworks These do nothing really and can be removed for (your) clarity because there is an implied permit at the end of each. You can keep them if you like and are only required if you want to add a reject after permit_mynetworks. Brian
