On 03/21/2015 08:53 PM, Noel Jones wrote:
On 3/21/2015 7:42 PM, L. D. James wrote:
I have a service from intuit.com that can't get past my
reject_unknown_helo_hostname configuration. I'm trying to use the
rbl_override to whitelist all the subhost of intuit.com. However, I
can't get it to work.
Consider if reject_unknown_helo_hostname is worth the large number
of false positives. Your best course may be to remove the restriction.
Some general tips... Restrictions are evaluated in the order
listed, so whitelist must come before whatever is causing the
unwanted reject. A whitelist in one smtpd_*_restrictions section
does not override a reject from another section.
That said, without your current "postconf -n" output, further
discussion is useless.
-- Noel Jones
I have tried:
/etc/postfix/rbl_override:
intuit.com ok
.intuit.com ok
*.intuit.com ok
Without your "postconf -n"
But none of their work.
The host are coming in this manner:
helo=qdcapmail[#].data.ie.intuit.net
The "[#]" is one of several numbers. None of the hostnames resolves
to an ip. I see the IP in the logs which is:
206.108.40.[#]
The "[#]" is one of several numbers.
I tried combinations of that IP with wild cards to try to override
that way since all of them had the 206.108.40 as part of the ip.
To receive the notifications, so far I have had to scan the logs and
add each of the IP's individually as they show in the log to the
rbl_override configuration. This works. But if they use a
different IP than the ones currently in the log, the email will
bounce. So what I'm trying to figure out is how to setup one entry
for the whole domain name that would include all the subdomains. I
would like to also know how to do this with the IP addresses.
Sample output from the mail.log file is:
-----------------------------------------------------------------
Mar 19 02:52:45 hera5 postfix/smtpd[27331]: disconnect from
mail.customs.gov.kg[212.42.104.110]
Mar 19 02:53:02 hera5 postfix/smtpd[20170]: connect from
mailout1b.intuit.com[206.108.40.7]
Mar 19 02:53:02 hera5 policyd-spf[6517]: None; identity=helo;
client-ip=206.108.40.7; helo=qdcapmail1.data.ie.intuit.net;
envelope-from=u...@mint.com; receiver=u...@apollo3.com
Mar 19 02:53:03 hera5 policyd-spf[6517]: Pass; identity=mailfrom;
client-ip=206.108.40.7; helo=qdcapmail1.data.ie.intuit.net;
envelope-from=u...@mint.com; receiver=u...@apollo3.com
Mar 19 02:53:03 hera5 postfix/smtpd[20170]: NOQUEUE: reject: RCPT
from mailout1b.intuit.com[206.108.40.7]: 450 4.7.1
<qdcapmail1.data.ie.intuit.net>: Helo command rejected: Host not
found; from=<u...@mint.com> to=<u...@apollo3.com> proto=ESMTP
helo=<qdcapmail1.data.ie.intuit.net>
Mar 19 02:53:08 hera5 postfix/smtpd[27331]: connect from
unknown[58.186.33.188]
Mar 19 02:53:08 hera5 postfix/smtpd[20170]: disconnect from
mailout1b.intuit.com[206.108.40.7]
Mar 19 02:53:09 hera5 policyd-spf[12592]: None; identity=helo;
client-ip=58.186.33.188; helo=[58.186.33.188];
envelope-from=u...@eriex.com; receiver=u...@apollo3.com
-----------------------------------------------------------------
Thanks in advance for any input on this.
-- L. James
Thanks for the input, Noel.
While still experimenting it turns out that my problem with the wild
card in the IP address was that you can't put a specific character. Just
put the portion of the IP network that you want to include. In this
case this is the proper format for an IP address block:
/etc/postfix/rbl_override:
206.108.40 ok
I didn't realize it before, but it appears to follow the same format as:
/etc/postfix/access
The hostname works the same:
/etc/postfix/rbl_override:
intuit.net ok
However the problem with the host name is that apparently the host name
had never failed and was never actually blocked. The site has bogus
hostnames without a DNS record, so in this case a hostname override
wouldn't be applicable.
So the answer to the wildcard question is to use a matching portion of
what you want to filter:
http://www.postfix.org/access.5.html
Thanks again for the input.
Have a nice day!
-- L. James
--
L. D. James
lja...@apollo3.com
www.apollo3.com/~ljames
