For several years I've been using reject_unknown_helo_hostname
as part of a "freemail" restriction class.
I'm using postfix 2.7-20090807 and have seen the note in
HISTORY regarding the 20090808 change to NS and MX lookups
affecting reject_unknown_helo_hostname
Mail from yahoo.com is now rejected with:
Aug 28 16:24:05 mgate2 postfix/smtpd[53002]: NOQUEUE: reject:
RCPT from web34202.mail.mud.yahoo.com[66.163.178.117]: 554
5.7.1 <web34202.mail.mud.yahoo.com>: Helo command rejected:
Malformed DNS server reply; from=<yu...@yahoo.com>
to=<u...@vbhcs.org> proto=SMTP helo=<web34202.mail.mud.yahoo.com>
If we look up the helo name, we see:
# host web34202.mail.mud.yahoo.com
web34202.mail.mud.yahoo.com has address 66.163.178.117
web34202.mail.mud.yahoo.com mail is handled by 0 .
Apparently the bogus MX record triggers the reject. It also
looks as if all of Yahoo!'s mail servers are configured with a
similar MX record.
Is this now the intended behavior of the
reject_unknown_helo_hostname restriction? It seems like it
would be correct to reject if there were *only* a bogus MX and
no A record, but since there is an A record it's not really
unknown.
-- Noel Jones
