Re: Helo rejected

Fri, 10 Nov 2017 07:38:36 -0800 

On Fri, 10 Nov 2017 16:24:10 +0100
Matus UHLAR - fantomas <uh...@fantomas.sk> wrote:

> >On Fri, 10 Nov 2017 16:08:02 +0100
> >Matus UHLAR - fantomas <uh...@fantomas.sk> wrote:
> >  
> >> >> >On 10 November 2017 at 14:08, Enrico Morelli
> >> >> ><more...@cerm.unifi.it> wrote:  
> >> >> >> my user don't receive mail from a real sender cause our mail
> >> >> >> server reject the Helo command:
> >> >> >>
> >> >> >> NOQUEUE: reject: RCPT from
> >> >> >> rrcs-70-60-37-220.central.biz.rr.com[70.60.37.220]: 450 4.7.1
> >> >> >> <NTFYOHSrvNLES05.ntfy.local>: Helo command rejected: Host not
> >> >> >> found; from=<x...@xxx.xxx.xx> to=<x...@xxx.xxx.xx> proto=ESMTP
> >> >> >> helo=<NTFYOHSrvNLES05.ntfy.local>
> >> >> >> Nov  8 17:55:46 genio postfix/smtpd[3667]: disconnect from
> >> >> >> rrcs-70-60-37-220.central.biz.rr.com[70.60.37.220] ehlo=1
> >> >> >> mail=1 rcpt=0/1 rset=1 quit=1 commands=4/5
> >> >> >>
> >> >> >> Is there a way to receive these mails?  
> >>  
> >> >On Fri, 10 Nov 2017 15:42:16 +0100
> >> >Matus UHLAR - fantomas <uh...@fantomas.sk> wrote:  
> >> >> you can whitelist particular IP by using "check_client_access"
> >> >> and you most probably want to have such directive in main.cf.  
> >>
> >> On 10.11.17 15:45, Enrico Morelli wrote:  
> >> >I have a check_sender_access, can I use that?  
> >>
> >> depends on where you have the reject_unknown_helo_hostname.  
> 
> On 10.11.17 16:12, Enrico Morelli wrote:
> >I've it under smtpd_helo_restrictions.  
> 
> this is evaluated after client and before restrictions - 
> you must whitelist it before.

To better understand, have I to put check_client_access here?

smtpd_helo_restrictions = permit_mynetworks,
        permit_sasl_authenticated,
        check_client_access hash:/etc/postfix/client_access,
        reject_invalid_helo_hostname,
        reject_non_fqdn_helo_hostname,
        reject_unknown_helo_hostname


> 
> >> client access is evaluated before sender access, so if you have the
> >> reject_unknown_helo_hostname in smtpd_client_restrictions, you must
> >> either use check_client_access or move the
> >> reject_unknown_helo_hostname (and possibly other checks) to
> >> check_sender_access.  
> 
> 



-- 
-----------------------------------------------------------
  Enrico Morelli
  System Administrator | Programmer | Web Developer

  CERM - Polo Scientifico
  via Sacconi, 6 - 50019 Sesto Fiorentino (FI) - ITALY
------------------------------------------------------------

Reply via email to