View Single Post
  #4  
Old 27th May 2013, 16:51
monkfish monkfish is offline
HowtoForge Supporter
 
Join Date: Mar 2013
Posts: 106
Thanks: 9
Thanked 15 Times in 14 Posts
Default

Possibly a few spam bots there - most of the hostnames showing are styled as dynamic addresses - issued to clients by ISPs from their pool.

They probably shouldn't be attempting to connect directly to your server.

Part of anti-spam checks postfix is trying to lookup the hosts that are attempting to connect. This look is failing and thats what postfix is giving you a warning for.

pm2-24.skyweb.net - no forward DNS record exists for that host, although a reverse PTR does seem to exist for 66.6.131.88.

Here's a transcript off one of mine:

Code:
May 27 13:43:35 server1 postfix/smtpd[9717]: warning: 2.83.18.167: hostname bl22-18-167.dsl.telepac.pt verification failed: Name or service not known
May 27 13:43:35 server1 postfix/smtpd[9717]: connect from unknown[2.83.18.167]
May 27 13:43:36 server1 postfix/smtpd[9717]: NOQUEUE: reject: RCPT from unknown[2.83.18.167]: 504 5.5.2 <2.83.18.167>: Helo command rejected: need fully-qualified hostname; from=<> to=<my.email.addy> proto=SMTP helo=<2.83.18.167>
May 27 13:43:36 server1 postfix/smtpd[9717]: lost connection after RCPT from unknown[2.83.18.167]
Postfix tries its reverse lookup and fails. Client tries to connect anyway and whatever spam its trying to push is rejected by the box as reject_non_fqdn_hostname is set.

The warning on its own isn't an issue - have a read of any further postfix hardening to prevent spam that you might not already have in place.
Reply With Quote