Re: REJECT - when sending - 501 Syntax error in parameters or arguments

Mon, 09 Mar 2015 13:20:06 -0700 

On Mon, Mar 09, 2015 at 04:05:51PM -0400, James B. Byrne wrote:

> When I send directly to [email protected] then I see this:
> 
> Mar  9 16:02:41 inet08 postfix/smtp[6447]: 14604601DC:
> to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024,
> delay=2.1, delays=0.18/0/0.01/1.9, dsn=2.0.0, status=sent (250 2.0.0
> from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 1833360229)
> Mar  9 16:02:53 inet08 postfix/smtp[6456]: 1833360229:
> to=<[email protected]>, relay=mxint01.1and1.com[212.227.17.16]:25,
> delay=12, delays=0.05/0.04/1.2/11, dsn=2.0.0, status=sent (250 OK
> id=1YV3t6-0001ZL-FB)
> 
> So, it does not seem to me that our E/HELO is causing the problem.

Inattention to detail:

    $ dig +short -t mx cuttingedgegrowersupply.com
    10 mx00.1and1.com.
    10 mx01.1and1.com.

    $ dig +short -t mx 1and1.com
    10 mxint02.1and1.com.
    10 mxint01.1and1.com.

These are not the same MX hosts.  The problem is the HELO name.
The second set of MX hosts does not object to short helo names.

    $ posttls-finger -l none -o myhostname=shorthelotest "[mxint02.1and1.com]"
    posttls-finger: Connected to mxint02.1and1.com[212.227.17.17]:25
    posttls-finger: < 220 mxint.1and1.com (mxint102) ESMTP Mon, 09 Mar 2015 
21:14:08 +0100
    posttls-finger: > EHLO shorthelotest
    posttls-finger: < 250-mxint.1and1.com Hello shorthelotest [192.0.2.1]
    posttls-finger: < 250-SIZE 62914560
    posttls-finger: < 250-8BITMIME
    posttls-finger: < 250-PIPELINING
    posttls-finger: < 250-STARTTLS
    posttls-finger: < 250 HELP
    posttls-finger: > QUIT
    posttls-finger: < 221 mxint.1and1.com closing connection

The posttls-finger program is included with the source code of
Postfix 2.11 or later.  It is not by default installed or included
in binary packages.  Distribution maintainers can choose to do so,
but many will not.

I am using posttls-finger to illustrate the problem.  You can use
other software for the same purpose.  For example, you can use
"swaks" instead, after figuring out the right command-line switches.
I am not sufficiently familiar with swaks, but it does almost
everything that posttls-finger can do and more (but has no DANE
support and does not use the Postfix TLS engine and associated
main.cf settings).

-- 
        Viktor.

Reply via email to