Sender access rejected questions

Tue, 12 Mar 2013 11:11:06 -0700 

Hi all,

I realize questions about this error are all over the Internet, but
the all involve fixing the broken DNS entries, which I can't do in my
situation. I need to figure out how to work around this unresolvable
address using access controls. This is for a postfix-2.9 system on
fc17.

I'm receiving the following error because the tank.sub1.domain.com
host doesn't resolve and is being rejected by my configuration. I've
created a "special" check_sender_access file that's listed in
smtpd_recipient_access prior to the reject_unknown_sender_domain, but
it still doesn't work.

Mar 12 13:54:28 mail02 postfix/smtpd[24053]: NOQUEUE: reject: RCPT
from unknown[64.68.76.15]: 450 4.1.8 <appl...@tank.sub1.domain.com>:
Sender address rejected: Domain not found;
from=<appl...@tank.sub1.domain.com> to=<s...@mydomain.com> proto=ESMTP
helo=<mx02.example.com>

In my check_sender_access file I have the following:

64.68.76.15             OK
appl...@tank.sub1.domain.com OK
.sub1.domain.com OK

My smtpd_recipient_restrictions are below. I've had to create this
crazy sender_checks_special file that appears before the normal
sender_checks file because I was concerned that the
reject_unknown_sender_domain was rejecting the mail first. I don't
know the proper way to do this.

smtpd_recipient_restrictions =
        reject_non_fqdn_recipient,
        check_client_access hash:/etc/postfix/client_checks_special,
        check_sender_access hash:/etc/postfix/sender_checks_special,
        reject_non_fqdn_sender,
        reject_unlisted_recipient,
        permit_mynetworks,
        reject_unauth_destination,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        reject_rhsbl_reverse_client mykey.dbl.dq.spamhaus.net,
        reject_rhsbl_sender mykey.dbl.dq.spamhaus.net,
        reject_rhsbl_helo mykey.dbl.dq.spamhaus.net
        check_helo_access pcre:/etc/postfix/helo_checks.pcre,
        reject_invalid_helo_hostname,
        check_client_access hash:/etc/postfix/client_checks,
        check_sender_access hash:/etc/postfix/sender_checks,
        check_recipient_access pcre:/etc/postfix/relay_recips_access,
        permit

I'd gratefully appreciate any help on the proper way to do this. I'm
actually not even sure that the appl...@tank.sub1.domain.com is the
"envelope from" and not the "From:", which I guess would be listed in
client_checks.

Thanks,
Alex

Reply via email to