Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 15th November 2007, 16:01
Ovidiu Ovidiu is offline
Senior Member
 
Join Date: Sep 2005
Posts: 1,266
Thanks: 82
Thanked 24 Times in 20 Posts
Default regarding rejected incoming mail - how to find out which "rule" is responsible

hello,

here is the mail log for a legitimate mail that my server rejected:

Quote:
Nov 15 13:48:12 h898552 postfix/smtpd[26215]: connect from mail.contiteves.com[213.69.169.147]
Nov 15 13:48:12 h898552 postfix/smtpd[26215]: NOQUEUE: reject: RCPT from mail.contiteves.com[213.69.169.147]: 554 5.7.1 <frgw002.contiteves.com>: Helo command rejected: Host not found; from=<Nicu.XXXXX@contiautomotive.com> to=<ovidiu@XXXXX.XX> proto=SMTP helo=<frgw002.contiteves.com>
Nov 15 13:48:12 h898552 postfix/smtpd[26215]: disconnect from mail.contiteves.com[213.69.169.147]
Nov 15 14:00:04 h898552 postfix/cleanup[3566]: BCD636283D4: message-id=<OF439858B4.2B14A7C9-ONC2257394.00471C2D-C2257394.004739A1@contiteves.com>
here is a an excerpt from my main.cf:

Quote:
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,
reject_unauth_destination,
reject_invalid_hostname,
reject_unknown_hostname,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
check_policy_service inet:127.0.0.1:60000
smtpd_data_restrictions = reject_unauth_pipelining,permit

###testing

smtpd_helo_restrictions = permit_tls_clientcerts,
permit_sasl_authenticated,
permit_mynetworks,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_unauth_pipelining,
regexp:/etc/postfix/helo.regexp

smtp_client_restrictions = reject_unauth_destination,
reject_unauth_pipelining
smtp_sender_restrictions = reject_unauth_destination,
reject_unauth_pipelining,
reject_unknown_sender_domain,
reject_non_fqdn_sender
### Checks to remove badly formed email
smtpd_helo_required = yes
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
unknown_address_reject_code = 554
unknown_hostname_reject_code = 554
unknown_client_reject_code = 554
##testend

is this line what causes the above mail to be rejected? unknown_hostname_reject_code = 554

anything else potentially dangerous? I have read about all these helo restrictions and that they are not really mandatory, so I am cleaning up my main.cf
Reply With Quote
Sponsored Links
  #2  
Old 16th November 2007, 17:23
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,743 Times in 2,577 Posts
Default

I think it's reject_unknown_hostname in your smtpd_recipient_restrictions.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
Tenaka (19th November 2007)
  #3  
Old 17th November 2007, 14:09
Ovidiu Ovidiu is offline
Senior Member
 
Join Date: Sep 2005
Posts: 1,266
Thanks: 82
Thanked 24 Times in 20 Posts
Default

I took it out, restarted postfix, and will ask that guy to resend his email :-) to see it its ok now.
Reply With Quote
  #4  
Old 19th November 2007, 13:20
Ovidiu Ovidiu is offline
Senior Member
 
Join Date: Sep 2005
Posts: 1,266
Thanks: 82
Thanked 24 Times in 20 Posts
 
Default

you were right. that was the offending rule.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Not receiving any incoming mail. Jcorrea920 General 11 3rd April 2010 13:08
Postfix reject connections gabrix Server Operation 27 25th January 2007 08:37
Core 4: Error Messages on Fresh Install re CTX/SSL jjw Installation/Configuration 30 6th September 2006 12:16
Can not recieve mail with de virtual mail adress Mounir Installation/Configuration 9 24th July 2006 23:16
Virtual Users And Domains With Postfix, Courier And MySQL (+ SMTP-AUTH, Quota, SpamAs ebbay Installation/Configuration 9 4th March 2006 11:47


All times are GMT +2. The time now is 11:04.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.