I only get the digest version, but thanks gents for the help on thisgood to
know that it's not my setup :)
James
From: James Lay <j...@slave-tothe-box.net>
Date: Sun, 15 May 2011 07:45:04 -0600
To: Postfix Users <postfix-users@postfix.org>
Subject: Postfix doesn't seem to always resolve
Hey all.
Topic says iton connect sometimes postfix doesn't seem to resolve:
May 15 07:34:14 gateway postfix/smtpd[7386]: warning: 80.237.209.12: address
not listed for hostname mycrysis.com
May 15 07:34:14 gateway postfix/smtpd[7386]: connect from
unknown[80.237.209.12]
May 15 07:34:14 gateway postfix/smtpd[7386]: setting up TLS connection from
unknown[80.237.209.12]
May 15 07:34:15 gateway postfix/smtpd[7386]: Anonymous TLS connection
established from unknown[80.237.209.12]: TLSv1 with cipher
DHE-RSA-AES256-SHA (256/256 bits)
May 15 07:34:16 gateway postfix/smtpd[7386]: NOQUEUE: reject: RCPT from
unknown[80.237.209.12]: 450 4.7.1 Client host rejected: cannot find your
hostname, [80.237.209.12]; from=<www-d...@mycrysis.com>
to=<j...@slave-tothe-box.net> proto=ESMTP
helo=<ds80-237-209-12.dedicated.hosteurope.de>
May 15 07:34:17 gateway postfix/smtpd[7386]: disconnect from
unknown[80.237.209.12]
Yet, dig can resolve:
; <<>> DiG 9.7.1-P2 <<>> -x 80.237.209.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35177
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;12.209.237.80.in-addr.arpa. IN PTR
;; ANSWER SECTION:
12.209.237.80.in-addr.arpa. 86197 IN PTR mycrysis.com.
;; AUTHORITY SECTION:
209.237.80.in-addr.arpa. 86197 IN NS dns2.hosteurope.de.
209.237.80.in-addr.arpa. 86197 IN NS dns.hosteurope.de.
;; Query time: 0 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Sun May 15 07:37:37 2011
;; MSG SIZE rcvd: 120
Did I miss something in my configuration? Thanks all.
James
Relevant DNS entries in main.cf:
disable_dns_lookups = no
lmtp_host_lookup = dns
smtp_host_lookup = dns
And postconf for smtpd:
smtpd_authorized_verp_clients = $authorized_verp_clients
smtpd_authorized_xclient_hosts =
smtpd_authorized_xforward_hosts =
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_connection_count_limit = 50
smtpd_client_connection_rate_limit = 0
smtpd_client_event_limit_exceptions =
${smtpd_client_connection_limit_exceptions:$mynetworks}
smtpd_client_message_rate_limit = 0
smtpd_client_new_tls_session_rate_limit = 0
smtpd_client_port_logging = no
smtpd_client_recipient_rate_limit = 0
smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated
reject_rbl_client zen.spamhaus.org check_client_access
hash:/etc/postfix/rbl_override reject_rbl_client dnsbl.njabl.org
reject_rbl_client cbl.abuseat.org reject_rbl_client bl.spamcop.net
reject_rbl_client dnsbl.sorbs.net reject_invalid_hostname
reject_unknown_client_hostname
smtpd_command_filter =
smtpd_data_restrictions =
smtpd_delay_open_until_valid_rcpt = yes
smtpd_delay_reject = yes
smtpd_discard_ehlo_keyword_address_maps =
smtpd_discard_ehlo_keywords =
smtpd_end_of_data_restrictions =
smtpd_enforce_tls = no
smtpd_error_sleep_time = 1s
smtpd_etrn_restrictions =
smtpd_expansion_filter =
\t\40!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdef
ghijklmnopqrstuvwxyz{|}~
smtpd_forbidden_commands = CONNECT GET POST
smtpd_hard_error_limit = ${stress?1}${stress:20}
smtpd_helo_required = no
smtpd_helo_restrictions =
smtpd_history_flush_threshold = 100
smtpd_junk_command_limit = ${stress?1}${stress:100}
smtpd_milters =
smtpd_noop_commands =
smtpd_null_access_lookup_key = <>
smtpd_peername_lookup = yes
smtpd_policy_service_max_idle = 300s
smtpd_policy_service_max_ttl = 1000s
smtpd_policy_service_timeout = 100s
smtpd_proxy_ehlo = $myhostname
smtpd_proxy_filter =
smtpd_proxy_options =
smtpd_proxy_timeout = 100s
smtpd_recipient_limit = 1000
smtpd_recipient_overshoot_limit = 1000
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = no
smtpd_restriction_classes =
smtpd_sasl_auth_enable = no
smtpd_sasl_authenticated_header = no
smtpd_sasl_exceptions_networks =
smtpd_sasl_local_domain =
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sasl_type = cyrus
smtpd_sender_login_maps =
smtpd_sender_restrictions =
smtpd_soft_error_limit = 10
smtpd_starttls_timeout = 300s
smtpd_timeout = ${stress?10}${stress:300}s
smtpd_tls_CAfile =
smtpd_tls_CApath =
smtpd_tls_always_issue_session_ids = yes
smtpd_tls_ask_ccert = no
smtpd_tls_auth_only = no
smtpd_tls_ccert_verifydepth = 9
smtpd_tls_cert_file = /etc/ssl/certs/slave-tothe-box.net.crt
smtpd_tls_ciphers = export
smtpd_tls_dcert_file =
smtpd_tls_dh1024_param_file =
smtpd_tls_dh512_param_file =
smtpd_tls_dkey_file = $smtpd_tls_dcert_file
smtpd_tls_eccert_file =
smtpd_tls_eckey_file = $smtpd_tls_eccert_file
smtpd_tls_eecdh_grade = none
smtpd_tls_exclude_ciphers =
smtpd_tls_fingerprint_digest = md5
smtpd_tls_key_file = /etc/ssl/private/slave-tothe-box.net.key
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_exclude_ciphers =
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_protocols =
smtpd_tls_received_header = yes
smtpd_tls_req_ccert = no
smtpd_tls_security_level =
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_wrappermode = no
smtpd_use_tls = yes
