On 8/14/2019 10:30 AM, @lbutlr wrote:
Aug 14 09:25:41 mail postfix/smtpd[44179]: NOQUEUE: reject: RCPT from unknown[198.241.168.120]: 550 5.7.25 Client host rejected: cannot find your hostname, [198.241.168.120]; from=<*munged*@*mybak*> to=<lbut...@covisp.net> proto=ESMTP helo=<cportal3.visa.com> 👹 root@mail # dig cportal3.visa.com +short [9:27] [/var/log] 198.241.168.120The help doesn’t match the from, but it is valid. And yes, this is a BANK, sigh. smtpd_helo_restrictions = reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, check_helo_access pcre:/etc/postfix/helo_checks.pcre permit
This looks like a reject on the client due to failed FCrDNS, not the HELO.
There's two PTRs for that IP, but only one PTR has FCrDNS. Postfix will check the first PTR returned, so it's basically random if they'll get rejected.
If you use reject_unknown_client_hostname be prepared to maintain a whitelist.
-- Noel Jones
