Hello everyone -
I have my Postfix server set up to reject mail from servers which are unknown
in DNS. Normally that is a good thing, but every now and then I run across
one that I want to accept mail from.
I have tried several ways to set up the exceptions in Postfix, but so far it is
not working. What rule is causing the rejection? I've tried changing all of
the rules I list below, but no luck.
I may have two problems here. The listings below show two servers that are
being denied. The maillog entries are slightly different. I may have two
different rules to change.
This is Postfix 2.3.3 running on CentOS 5.5.
Here is a sample entry from maillog:
=============
Jul 25 15:54:53 server2 postfix/smtpd[7338]: NOQUEUE: reject: RCPT from
unknown[212.96.160.162]
: 450 4.7.1 Client host rejected: cannot find your hostname, 212.96.160.162];
from=<therion-bo
un...@speleo.sk> to=<b...@campercaver.net> proto=ESMTP
helo=<outsider2.texxar.cz>
Jul 25 15:54:55 server2 postfix/smtpd[7338]: lost connection after RSET from
unknown[212.96.160.162]
Jul 25 15:54:55 server2 postfix/smtpd[7338]: disconnect from
unknown[212.96.160.162]
Jul 25 16:15:22 server2 postfix/smtpd[7829]: connect from
unknown[67.213.214.192]
Jul 25 16:15:23 server2 postfix/smtpd[7829]: NOQUEUE: reject: RCPT from
unknown[67.213.214.192]: 450 4.7.1 <vps.zr2usa.com>: Helo command rejected:
Host not found; from=<nob...@vps.zr2usa.com> to=<b...@campercaver.net>
proto=ESMTP helo=<vps.zr2usa.com>
Jul 25 16:15:23 server2 postfix/smtpd[7829]: disconnect from
unknown[67.213.214.192]
============
Here are the relevant entries from main.cf:
==============
smtpd_client_restrictions = check_client_access hash:/etc/postfix/access,
reject_unknown_client_hostname
smtpd_require_helo = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,
check_helo_access hash:/etc/postfix/ok-ipaddresses,
reject_invalid_helo_hostname,
reject_unknown_helo_hostname,
reject_non_fqdn_hostname,
permit
smtpd_recipient_restrictions = check_recipient_access
hash:/etc/postfix/special-senders,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
permit_mynetworks,
check_recipient_access hash:/etc/postfix/denied-system-mailboxes,
reject_unauth_destination,
permit
====================
Here is the 'access' file:
==================
zr2usa.com OK
vps.zr2usa.com OK
nob...@vps.zr2usa.com OK
ke...@vps.zr2usa.com OK
67.213.214.192 OK
212.96.160.162 OK
================
Here is the special-senders file:
================
75.144.158.125 OK
.onsetcomp.com OK
65.55.90.161 OK
.snt0.hotmail.com OK
67.213.214.192 OK
212.96.160.162 OK
===============
And finally, the ok-ipaddresses file:
===============
65.55.90.161 OK
.snt0.hotmail.com OK
65.55.90.175 OK
67.213.214.192 OK
212.96.160.162 OK
===============
Thanks - Bill Gee
