On 09.03.21 15:26, Curtis Maurand wrote:
your a record and fqdn, your helo/ehlo hostname and the ptr record all need to
match.
that's incorrect.
IP address has to point to DNS name that maps back to the IP address.
HELO (EHLO) hostname does not necessarily need to point to that DNS name.
HELO hostname needs to exist and should be canonical (e.g. fqdn and not
point to CNAME), but that's all.
It's of course better wen they all match, but the RFC explicitly states
server is not allowed to reject connection just because the HELO string
does not match reverse DNS.
...sorry, I have encountered situation (and not once) when someone insisted on
matching helo and rDNS and messed up things because of that.
Sent from my iPhone
On Mar 9, 2021, at 12:36 PM, Greg Sims <webmas...@raystedman.org> wrote:
We are receiving the following in our email logs:
Mar 09 08:12:15 mail01.raystedman.org postfix/smtpd[13431]: warning: hostname
mail01.raystedman.org does not resolve to address 192.168.122.12
This warning is in fact true. I believe something is not configured correctly.
The postfix mail server at mail01.raystedman.org has two network interfaces:
WAN and LAN. The WAN hostname is mail01.raystedman.org which resolves to
166.88.17.149. The LAN hostname is mail01-p.raystedman.org which resolves to
192.168.122.12.
main.cf contains:
mynetworks = 192.168.122.0/24, aaa.bbb.ccc.ddd/32, 127.0.0.0/8
where aaa.bbb.ccc.ddd/32 is the only acceptable WAN address (protected here and
at the firewall level). We also accept email from the LAN and localhost
networks.
We recently started accepting email from the single WAN address and added the
IP to mynetworks. This likely has something to do with the configuration issue.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
On the other hand, you have different fingers.
