>On 9/16/2013 5:41 PM, Dave Jones wrote: >> >> Received: from mail02.corp.ena.net (unknown [96.4.3.90]) >> by mr11.mail.ena.net (Postfix) with ESMTP id 57C091480688 >> for <redac...@domain.com>; Mon, 16 Sep 2013 16:04:46 -0500 (CDT) >> >> My forward DNS lookup for this host is an internal IP address that >> doesn't not match the public but it has been this way for years.
> You need to do your tests as the postfix user, possibly also > chrooted. Turn off the chroot flag in master.cf for testing. I don't have anything chrooted (all n's in that column of the master.cf). The dig as the postfix user returns the same result. >> I >> didn't think the "unknown" above is dependent on FCRDNS. > but it is. For the conditions postfix will label a host as unknown, > please see > http://www.postfix.org/postconf.5.html#reject_unknown_client_hostname I am using reject_unknown_reverse_client_hostname in smtpd_recipient_restrictions but the server in question is covered by permit_mynetworks which is before it. > In the Received: header, the first name is the HELO name given, the > second is either the FCRDNS or "unknown". Postfix will also log a > warning explaining why the host is unknown. I see this in the maillog now that you mention it. It seems more informational than the cause of the "unknown" since I am using the "weaker" restriction above. warning: hostname mail02.corp.ena.net does not resolve to address 96.4.3.90 Based on the reasons at http://www.postfix.org/postconf.5.html#reject_unknown_reverse_client_hostname, it shouldn't be "unknown" with the postfix user being able to resolve the PTR. > I don't know if the "unknown" by itself will trigger the > SpamAssassin RDNS_NONE rule, but that seems a little strict to me. On Mon, Sep 16, 2013 at 7:00 PM, Noel Jones <njo...@megan.vbhcs.org> wrote: > On 9/16/2013 5:41 PM, Dave Jones wrote: >> >> Received: from mail02.corp.ena.net (unknown [96.4.3.90]) >> by mr11.mail.ena.net (Postfix) with ESMTP id 57C091480688 >> for <redac...@domain.com>; Mon, 16 Sep 2013 16:04:46 -0500 (CDT) >> >> My forward DNS lookup for this host is an internal IP address that >> doesn't not match the public but it has been this way for years. > > You need to do your tests as the postfix user, possibly also > chrooted. Turn off the chroot flag in master.cf for testing. > > >> I >> didn't think the "unknown" above is dependent on FCRDNS. > > but it is. For the conditions postfix will label a host as unknown, > please see > http://www.postfix.org/postconf.5.html#reject_unknown_client_hostname > > In the Received: header, the first name is the HELO name given, the > second is either the FCRDNS or "unknown". Postfix will also log a > warning explaining why the host is unknown. > > I don't know if the "unknown" by itself will trigger the > SpamAssassin RDNS_NONE rule, but that seems a little strict to me. > > > -- Noel Jones
