I'm having a terrible problem with
Client host rejected: cannot find your hostname
All error messages, config options etc are below
First trivial question: Why is the rejection message printed three
times? (I am running postfix -v)
Second, important question: I do not understand why my check_helo_access
isn't working
TIA
Bernard Higonnet
================================================
Running FreeBSD 7.0-RELEASE and Postfix 2.4.6
Here is the complete output from maillog for this client request (names
and addresses have been changed to protect the guilty). I'm sorry but
was unable to get Thunderbird 3 not to wrap these lines.
Jul 26 08:59:36 freebsd postfix/smtpd[53134]: warning: 125.207.64.38:
address not listed for hostname WXYZ.com.cn
Jul 26 08:59:36 freebsd postfix/smtpd[53134]: connect from
unknown[125.207.64.38]
Jul 26 08:59:36 freebsd postfix/smtpd[53134]: NOQUEUE: reject: RCPT from
unknown[125.207.64.38]: 450 4.7.1 Client host rejected: cannot find your
hostname, [125.207.64.38]; from=<mhigon...@wxyz.com.cn> to=<bth
@higonnet.net> proto=ESMTP helo=<mail.WXYZ.com.cn>
Jul 26 08:59:37 freebsd postfix/smtpd[53134]: NOQUEUE: reject: RCPT from
unknown[125.207.64.38]: 450 4.7.1 Client host rejected: cannot find your
hostname, [125.207.64.38]; from=<mhigon...@wxyz.com.cn> to=<bth
@higonnet.net> proto=ESMTP helo=<mail.WXYZ.com.cn>
Jul 26 08:59:37 freebsd postfix/smtpd[53134]: NOQUEUE: reject: RCPT from
unknown[125.207.64.38]: 450 4.7.1 Client host rejected: cannot find your
hostname, [125.207.64.38]; from=<mhigon...@wxyz.com.cn> to=<ejm
h...@higonnet.net> proto=ESMTP helo=<mail.WXYZ.com.cn>
Jul 26 08:59:37 freebsd postfix/smtpd[53134]: disconnect from
unknown[125.207.64.38]
Here is the result of postconf -n (I have shown only those parameters
which I think relevant to a rejection)
smtpd_client_restrictions = reject_rbl_client sbl-xbl.spamhaus.org
reject_unknown_client_hostname
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_hostname,
check_helo_access hash:/usr/local/etc/postfix/helo_access,
reject_unknown_helo_hostname
smtpd_recipient_restrictions = permit_mynetworks,
reject_unauth_destination, check_sender_access
hash:/usr/local/etc/postfix/not_our_domains, check_client_access
hash:/usr/local/etc/postfix/internal_networks,
check_recipient_access hash:/usr/local/etc/postfix/access,
reject_unknown_sender_domain, reject_invalid_hostname,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_unknown_recipient_domain
smtpd_reject_unlisted_sender = yes
smtpd_restriction_classes = has_our_domain_as_sender
smtpd_sender_restrictions = reject_non_fqdn_sender,
reject_unknown_sender_domain, check_sender_access
hash:/usr/local/etc/postfix/access,
reject_unauth_destination, check_policy_service
unix:private/tumgreyspf,
strict_rfc821_envelopes = yes
and here's what DNS has to say:
freebsd# host WXYZ.com.cn
WXYZ.com.cn has address 122.198.247.211
WXYZ.com.cn mail is handled by 10 mail8.WXYZ.com.cn.
WXYZ.com.cn mail is handled by 15 mail.WXYZ.com.cn.
freebsd# host mail.WXYZ.com.cn
mail.WXYZ.com.cn has address 125.207.64.38
freebsd# host 122.198.247.211221.247.198.122.in-addr.arpa domain name
pointer ip198.hichina.com.
freebsd# host 125.207.64.38
38.64.207.125.in-addr.arpa domain name pointer WXYZ.com.cn.
and, finally, here is /usr/local/etc/postfix/helo_access (I have not
forgotten to run postmap or to reload postfix)
freebsd# cat /usr/local/etc/postfix/helo_access
mail.WXYZ.com.cn PERMIT
125.207.64.38 PERMIT
sd02.ipslink.com permit
freebsd#
