> -----Oorspronkelijk bericht----- > Van: pa...@matos-sorge.com [mailto:owner-postfix-us...@postfix.org] Namens > Paulo Matos > Verzonden: maandag 16 november 2015 21:14 > Aan: L.P.H. van Belle; postfix users > Onderwerp: Re: Disable spooling > > > > On 09/11/15 16:43, L.P.H. van Belle wrote: > > > >> -----Oorspronkelijk bericht----- > >> Van: njo...@megan.vbhcs.org [mailto:owner-postfix-us...@postfix.org] > >> Namens Noel Jones > >> Verzonden: maandag 9 november 2015 16:05 > >> Aan: postfix-users@postfix.org > >> Onderwerp: Re: Disable spooling > >> > >> On 11/9/2015 3:46 AM, Paulo Matos wrote: > >>> Hi, > >>> > >>> I have configured postfix with virtual users and virtual domains so I > >>> have it configured to serve two domains AAA.com and BBB.com. However, > >>> the machine hostname > >>> is centauri (none of the hostname its serving). Reverse DNS is enabled > >>> to one of the domains. I think that as a result of this setup I am > >>> getting a good chunk of my emails blocked by google with the following > >>> message: > >>> > >>> -------- > >>> Reporting-MTA: dns; centauri > >>> X-Postfix-Queue-ID: D8B6D22FD3 > >>> X-Postfix-Sender: rfc822; pa...@matos-sorge.com > >>> Arrival-Date: Thu, 5 Nov 2015 10:40:10 +0000 (GMT) > >>> > >>> Final-Recipient: rfc822; x...@yyy.com > >>> Original-Recipient: rfc822; x...@yyy.com > >>> Action: failed > >>> Status: 5.7.1 > >>> Remote-MTA: dns; aspmx.l.google.com > >>> Diagnostic-Code: smtp; 550-5.7.1 > >>> Our > >>> system has detected an 550-5.7.1 unusual rate of unsolicited mail > >>> originating from your IP address. To 550-5.7.1 protect our users > >>> from spam, > >>> mail sent from your IP address has been 550-5.7.1 blocked. Please > >> visit > >>> 550-5.7.1 https://support.google.com/mail/answer/81126 to review > >>> our Bulk > >>> Email 550 5.7.1 Senders Guidelines. ju5si7198479wjc.28 - gsmtp > >>> ---------- > >>> > >>> The problem is most likely that Reporting-MTA doesn't match any of the > >>> hostnames of the email we are sending from. > >> > >> No, the problem is most likely google thinks they are receiving an > >> unusual rate of unsolicited mail from your IP. > >> > >> - First, set your SMTP HELO hostname to match your rDNS hostname with > >> http://www.postfix.org/postconf.5.html#smtp_helo_name > >> This probably won't fix the problem with google, but may help with > >> other sites that don't like a non-FQDN or nonexistent HELO name. > >> > >> - configure your network gateway firewall such that client machines > >> cannot access outgoing port 25 to prevent an infected client machine > >> on your network from directly sending mail to the internet. > >> > >> - configure SPF, DKIM, and DMARC for your domains. Looks as if you > >> have SPF setup already. > >> > >> > >> > >> -- Noel Jones > > > > I suggest the following. > > > > (this is obligated by RFCs) > > > > Make sure your helo mail-hostname.domain.tld has an A record. > > Helo hostname must be resolvable. > > > > Make sure your hostname.domain.tld has an A and RR (PTR) record. > > Most server do not block on this because you wil be blokking to many > servers > > Lots of hosts give "unknown" back so rejecting on unknown_hostname is > not good imo. > > > > But an easy setting users/mail server managers can do is make sure the > dns > > And helo is correct. > > So i do block on reject_invalid_helo_hostname > reject_unknown_helo_hostname > > And report back that the have incorrect server/dns settings. > > How do you report that back? For this on i use policiy weight, and there you can set you text also http://www.policyd-weight.org/
> > > > > My hostname of my server for example is core.domain.tld (server > hostname) > > In postfix i have mail.domain.tld (helo hostname) > > .. myhostname = mail.domain.tld > > > > For you to setup myhostname = mail.domain.tld and I guess you setup your > FQDN to be domain.tld, does mail.domain.tld need to be a MX record? [L.P.H. van Belle] No. The myhostname in postfix is the helo. I dont use domain.tld for any mail things thats only for my web server. Im thinking in the future where my web and mail server al on different servers, so no domain.tld on mail. realname.domain.tld thing one gets an A - MX and PTR record. mailhelo.domainname.tld gets only an A record. > > > And you can set the same hostname in postfix and use that also for your > server, but i dont recommend that. > > > > Then thats done, login at google, use the administrative tools from > google to check your environment. > > > > I am new to that. Which tools? [L.P.H. van Belle] good link to test : https://support.google.com/mail/troubleshooter/2920052?hl=en https://support.google.com/a/answer/140038?hl=en https://www.google.com/webmasters/tools also handy. https://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard > > Thanks for your help. > > Paulo Matos > > > Greetz, > > > > Louis > > > > > >
