Joey J wrote:
> I'm trying to understand why this is telling me host not found.
> On that same server if I nslookup the ip it does resolve.
>
> Oct 18 16:00:51 mgw postfix/smtpd[24119]: NOQUEUE: reject: RCPT from
> unknown[199.5.50.180]: 450 4.7.1 <br2.vw.com>: Helo command rejected: Host
> not found; from=<traderequ...@audi.com> to=<b.m...@client.com> proto=ESMTP
> helo=<br2.vw.com>
In addition to what has already been said... I look up the SPF record
for Audi.com and find:
$ host -t txt Audi.com | grep spf
Audi.com descriptive text "v=spf1 include:cust-spf.exacttarget.com
ip4:199.5.47.0/24 ip4:91.198.139.136/31 -all"
$ host -t txt cust-spf.exacttarget.com | grep spf
cust-spf.exacttarget.com descriptive text "v=spf1 ip4:64.132.92.0/24
ip4:64.132.88.0/23 ip4:66.231.80.0/20 ip4:68.232.192.0/20 ip4:199.122.120.0/21
ip4:207.67.38.0/24 " "ip4:207.67.98.192/27 ip4:207.250.68.0/24
ip4:209.43.22.0/28 ip4:198.245.80.0/20 ip4:136.147.128.0/20
ip4:136.147.176.0/20 ip4:13.111.0.0/16 ip4:161.71.32.0/17 -all"
$ host -t txt cust-spf.exacttarget.com | grep spf | grep 199.5
...nothing...
Since 199.5.50.180 does not appear in the allowance for the SPF
records that I can see (I inspected by eye, did I miss something?)
then the final "-all" would have caused the message to be rejected by
SPF policy *if* it had been not been already rejected by the policy of
using "reject_unknown_client_hostname" .
Which means this SMTP transaction had multiple problems making it very
likely a spammer as the most simple explanation. Or simply very deeply
misconfigured if not.
Bob
