Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation
Reload this Page regarding rejected incoming mail - how to find out which "rule" is responsible
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 15th November 2007, 16:01
Ovidiu Ovidiu is offline
Senior Member
  
Join Date: Sep 2005
Posts: 1,186
Thanks: 60
Thanked 13 Times in 11 Posts
Default regarding rejected incoming mail - how to find out which "rule" is responsible
hello,

here is the mail log for a legitimate mail that my server rejected:

Quote:
Nov 15 13:48:12 h898552 postfix/smtpd[26215]: connect from mail.contiteves.com[213.69.169.147]
Nov 15 13:48:12 h898552 postfix/smtpd[26215]: NOQUEUE: reject: RCPT from mail.contiteves.com[213.69.169.147]: 554 5.7.1 <frgw002.contiteves.com>: Helo command rejected: Host not found; from=<Nicu.XXXXX@contiautomotive.com> to=<ovidiu@XXXXX.XX> proto=SMTP helo=<frgw002.contiteves.com>
Nov 15 13:48:12 h898552 postfix/smtpd[26215]: disconnect from mail.contiteves.com[213.69.169.147]
Nov 15 14:00:04 h898552 postfix/cleanup[3566]: BCD636283D4: message-id=<OF439858B4.2B14A7C9-ONC2257394.00471C2D-C2257394.004739A1@contiteves.com>
here is a an excerpt from my main.cf:

Quote:
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,
reject_unauth_destination,
reject_invalid_hostname,
reject_unknown_hostname,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
check_policy_service inet:127.0.0.1:60000
smtpd_data_restrictions = reject_unauth_pipelining,permit

###testing

smtpd_helo_restrictions = permit_tls_clientcerts,
permit_sasl_authenticated,
permit_mynetworks,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_unauth_pipelining,
regexp:/etc/postfix/helo.regexp

smtp_client_restrictions = reject_unauth_destination,
reject_unauth_pipelining
smtp_sender_restrictions = reject_unauth_destination,
reject_unauth_pipelining,
reject_unknown_sender_domain,
reject_non_fqdn_sender
### Checks to remove badly formed email
smtpd_helo_required = yes
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
unknown_address_reject_code = 554
unknown_hostname_reject_code = 554
unknown_client_reject_code = 554
##testend

is this line what causes the above mail to be rejected? unknown_hostname_reject_code = 554

anything else potentially dangerous? I have read about all these helo restrictions and that they are not really mandatory, so I am cleaning up my main.cf
Reply With Quote
Sponsored Links
  #2  
Old 16th November 2007, 17:23
falko falko is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,665
Thanks: 1,896
Thanked 2,592 Times in 2,443 Posts
Default
I think it's reject_unknown_hostname in your smtpd_recipient_restrictions.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
Tenaka (19th November 2007)
  #3  
Old 17th November 2007, 14:09
Ovidiu Ovidiu is offline
Senior Member
  
Join Date: Sep 2005
Posts: 1,186
Thanks: 60
Thanked 13 Times in 11 Posts
Default
I took it out, restarted postfix, and will ask that guy to resend his email :-) to see it its ok now.
Reply With Quote
  #4  
Old 19th November 2007, 13:20
Ovidiu Ovidiu is offline
Senior Member
  
Join Date: Sep 2005
Posts: 1,186
Thanks: 60
Thanked 13 Times in 11 Posts
 
Default
you were right. that was the offending rule.
Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Not receiving any incoming mail. Jcorrea920 General 11 3rd April 2010 13:08
Postfix reject connections gabrix Server Operation 27 25th January 2007 08:37
Core 4: Error Messages on Fresh Install re CTX/SSL jjw Installation/Configuration 30 6th September 2006 12:16
Can not recieve mail with de virtual mail adress Mounir Installation/Configuration 9 24th July 2006 23:16
Virtual Users And Domains With Postfix, Courier And MySQL (+ SMTP-AUTH, Quota, SpamAs ebbay Installation/Configuration 9 4th March 2006 11:47


All times are GMT +2. The time now is 02:28.

Contact Us - HowtoForge - Linux Howtos and Tutorials - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.