Re: Reverse DNS bug?

Tue, 07 Oct 2008 08:56:04 -0700 

Victor Duchovni wrote:

On Tue, Oct 07, 2008 at 10:49:46AM -0400, Darek M. wrote:
I have a weird issue where a sender with a valid reverse DNS entry is getting rejected. 

main.cf:
===
smtpd_delay_reject = yes
smtpd_client_restrictions =
  ...
  reject_unknown_reverse_client_hostname


Oct  4 19:04:21 postfix/smtpd[231]: connect from unknown[64.68.XXX.XXX]


You've left out the DNS related warnings logged between the log entry above
and the one below. Please look at these, and post them if you still have
a question.


The error lines are all that it logged.  Nothing in between.  Maybe you mean
warning: 1.2.3.4: hostname 1.2.3.4.someisp.tld verification failed: hostname nor servname provided, or not known 

Didn't see that warning in this case.
Oct 4 19:04:21 postfix/smtpd[231]: NOQUEUE: reject: RCPT from unknown[64.68.XXX.XXX]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [64.68.XXX.XXX]; from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> proto=ESMTP helo=<Y.COM> 

This is a transient failure. What are your unknown_mumble_reject_codes
set to? After tuning and testing your rules, you should have:

    unknown_address_reject_code = 550
    unknown_client_reject_code = 550
    unknown_hostname_reject_code = 550
    unknown_local_recipient_reject_code = 550
    unknown_relay_recipient_reject_code = 550
    unknown_virtual_alias_reject_code = 550
    unknown_virtual_mailbox_reject_code = 550
I didn't change any reject codes from the stock install, and I'm fine with a temporary reject for DNS errors. The issue is Postfix not seeing the reverse entry. 

access_map_reject_code = 554
invalid_hostname_reject_code = 501
maps_rbl_reject_code = 554
multi_recipient_bounce_reject_code = 550
non_fqdn_reject_code = 504
plaintext_reject_code = 450
reject_code = 554
relay_domains_reject_code = 554
unknown_address_reject_code = 450
unknown_client_reject_code = 450
unknown_hostname_reject_code = 450
unknown_local_recipient_reject_code = 550
unknown_relay_recipient_reject_code = 550
unknown_virtual_alias_reject_code = 550
unknown_virtual_mailbox_reject_code = 550
unverified_recipient_reject_code = 450
unverified_sender_reject_code = 450

- Darek

Reply via email to