On 01.12.22 15:23, David Dolan wrote:
We have two customers who we're unable to receive email from.
It's failing the helo lookup as it can't resolve the hostname in the helo
message.
Helo command rejected: Host not found;
The issued hostname is logged just prior to this text.
You skipped the most impotant info here.
The postfix configuration for helo checks is as follows. It's failing on
reject_unknown_helo_hostname
smtpd_helo_required = yes
smtpd_helo_restrictions =
reject_non_fqdn_helo_hostname
reject_invalid_helo_hostname
reject_unknown_helo_hostname
you should be able to explicitly allow IP addresses of your customers.
On ports 465/587, these checks even should not be applied as they (should)
explicitly require authentication
The hostnames in the helo messages are resolvable with the PTR and A record.
However there are 32 A records. I don't know if that's an issue which
causes a problem with the verification.
there is no "A" record as "Host not found" means that the hostname provided
does not exist.
reject_invalid_helo_hostname and reject_unknown_helo_hostname try to resolve
the helo string and report it in the error message and in the logs:
ehlo trest.fantomas.sk
Dec 1 16:44:31 fantomas postfix/smtpd[30059]: NOQUEUE: reject: RCPT from
example.com[192.0.2.1]: 450 4.7.1 <trest.fantomas.sk>: Helo command rejected: Host not found;
from=<uh...@example.com> to=<uh...@fantomas.sk> proto=ESMTP helo=<trest.fantomas.sk>
Maybe it can't match the IP address with the hostname as it does a round
robin dns lookup and doesn't find the IP which the message arrived from?
no.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The early bird may get the worm, but the second mouse gets the cheese.
