On 07/26/2010 10:48 AM, Bernard T. Higonnet wrote:
I'm having a terrible problem with
Client host rejected: cannot find your hostname
That means the connecting IP has no PTR record and you have included
reject_unknown_client_hostname in your restrictions.
A simple "dig - x 125.207.64.38" shows this to be the case.
First trivial question: Why is the rejection message printed three
times? (I am running postfix -v)
Because you're running postfix -v; don't do that, then.
Second, important question: I do not understand why my
check_helo_access isn't working
Define "isn't working"; the reason your mail is rejected is due to your
client hostname check.
Since this occurs before any HELO checks, postfix never gets there.
Jul 26 08:59:36 freebsd postfix/smtpd[53134]: warning: 125.207.64.38:
address not listed for hostname WXYZ.com.cn
Correct.
smtpd_client_restrictions = reject_rbl_client sbl-xbl.spamhaus.org
reject_unknown_client_hostname
See ? I told you :)
and here's what DNS has to say:
freebsd# host WXYZ.com.cn
WXYZ.com.cn has address 122.198.247.211
Incorrect.
wxyz.com.cn. 600 IN CNAME at.domainsky.com.
at.domainsky.com. 600 IN A 96.0.169.81
Nobody ever tell you that an MX should never, ever be a CNAME ?
WXYZ.com.cn mail is handled by 10 mail8.WXYZ.com.cn.
WXYZ.com.cn mail is handled by 15 mail.WXYZ.com.cn.
freebsd# host mail.WXYZ.com.cn
mail.WXYZ.com.cn has address 125.207.64.38
Again, incorrect.
I don't know what kind of DNS you have, but those addresses are not in
the global namespace.
freebsd# host 122.198.247.211221.247.198.122.in-addr.arpa domain name
pointer ip198.hichina.com.
freebsd# host 125.207.64.38
38.64.207.125.in-addr.arpa domain name pointer WXYZ.com.cn.
Incorrect. That IP does not have a PTR record.
and, finally, here is /usr/local/etc/postfix/helo_access (I have not
forgotten to run postmap or to reload postfix)
freebsd# cat /usr/local/etc/postfix/helo_access
mail.WXYZ.com.cn PERMIT
Irrelevant. Postfix never gets to evaluate that file.
J.
