Hai,
Well, Thank you Noel, This makes much more sence now. I was mislead due to the log messages of postfix. My own server has an A/PTR to the hostname and A/MX for helo name. This is the confusing part, at least it was for me. The logs showed me: postfix/smtpd[29331]: connect from core.van-belle.nl[149.210.206.148] and Dec 19 09:46:36 mailhopper postfix/cleanup[29334]: 451A6FF071: hold: header Received: from mail.van-belle.nl (core.van-belle.nl [149.210.206.148]) ... etc ??(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))??(Client did not present a certificate)??by mailhopper.ba from core.van-belle.nl[149.210.206.148]; from=<lo...@van-belle.nl> to=<be...@bazuin.nl> proto=ESMTP helo=<mail.van-belle.nl> The : connect from hostname.fqdn[ip] and : hold: header Received: from mail.van-belle.nl (core.van-belle.nl [149.210.206.148]) and here is also shows mail.van-belle.nl, the helo name and the host.fqdn[ip] since i always did see : mail.van-belle.nl (core.van-belle.nl [149.210.206.148]) i was in the understanding postfix was loggin helo hostnames also, like the client name. Which explains all the confusion at my side. > No fixes are necessary, other than maybe I should write a tutorial > on reading logs. Very good idea, the part you explained is a good one, and that wil help others also. Due to this logging i am/was having discusions. Now..this helps a lot. Thanks you so much. So when everything is setup correct the helo and hostname ares shown in the logs, but when with errors it referes only back to the client name. Why is this? Best regards, Louis > -----Oorspronkelijk bericht----- > Van: njo...@megan.vbhcs.org [mailto:owner-postfix-us...@postfix.org] > Namens Noel Jones > Verzonden: vrijdag 16 december 2016 16:56 > Aan: postfix-users@postfix.org > Onderwerp: Re: request improved logging for postfix. > > On 12/16/2016 5:13 AM, L.P.H. van Belle wrote: > > > Maybe im totaly incorrect here so correct me if needed. > > Yes. > > > Now, Im running Debian Wheezy, postfix ( debian backport ) > > 2.11.2-1~bpo70+1. Kernel : 3.2.82-1 > > > > I’ve increased the debug level in postfix for the domains. > > Don't use debug logging. Everything you need is in the normal > logging, and the extra noise just confuses you. > > > > Dec 16 08:47:31 mailhopper postfix/smtpd[16089]: warning: hostname > > sweeper.stater.com does not resolve to address 193.172.8.206: Name > > or service not known > > > > Dec 16 08:47:32 mailhopper postfix/smtpd[16089]: NOQUEUE: reject: > > RCPT from unknown[193.172.8.206]: 554 5.7.1 <sweeper.stater.com>: > > Helo command rejected: Host not found; from=<serviced...@stater.nl> > > to=<be...@bazuin.nl> proto=ESMTP helo=<sweeper.stater.com> > > > > > > > > This part : > > > > hostname sweeper.stater.com does not resolve to address > > 193.172.8.206 which is totaly correct. > > > > > No, the warning: message always refers to the CLIENT hostname, and > is giving you the reason the CLIENT is labeled as "unknown". > > > > The line (part of the rejected incomming ) > > > > ... NOQUEUE: reject: RCPT from unknown[193.172.8.206]: 554 5.7.1 > > <sweeper.stater.com> > > > > More consistant would be : > > > > unknown([193.172.8.206]): 554 5.7.1 <sweeper.stater.com> > > > > Or with correct A/PTR but incorrect helo > > But the A/PTR is not correct, as logged earlier. That is the reason > the client is labeled unknown. > > > > To many people are confused by the “unknown” since it can be 2 things: > > > > Unknown CLIENT hostname > > > > Unknown HELO hostname > > No, the "unknown" always refers to the client, unless it's in the > descriptive text of a reject message. > > > ... reject: {smtp stage} from {client hostname/unknown}[{ipaddr]}: > {reject code} {extended code}; {descriptive text} > > Notice the HELO name is never listed other than in the descriptive > text if HELO is the reason for rejection. > > > > > > Which give discusions on the fixes. > > No fixes are necessary, other than maybe I should write a tutorial > on reading logs. > > > > -- Noel Jones
