postfix main.cf updated

Discussion in 'Installation/Configuration' started by Steffan, Oct 16, 2017.

  1. Steffan

    Steffan Member

    Hello,

    it looks like the postfix.cf has changed my settings after updating 3.1 to the newest version.
    ( at least there was no postfix updates for months)

    i had removed the settings: reject_invalid_helo_hostname, reject_unknown_helo_hostname

    The reasen is that i see a lot of bounced emails from legitim emailadresses but with companys that has his helo adres not set correct.
    But todasy i noticed that the settings are back in the main.cf
    is there a way to prefent this?
     
  2. ztk.me

    ztk.me ISPConfig Developer ISPConfig Developer

    Code:
    chattr +i filename
    
    makes it immune against modifications

    Code:
    chattr -i filename
    
    makes it editable again.
     
  3. Steffan

    Steffan Member

    yes i know that way but that also gives this problems when updating postfix

    i was wondering why these settings are getting set back?
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    ISPConfig updates settings on update in services that are configured by ISPConfig. If you want to use a custom config, then copy the matching config file template from install/tpl/ of the ispconfig tar.gz to the folder /usr/local/ispconfig/server/conf-custom/install/
     
  5. Steffan

    Steffan Member

    so you prefer reject_invalid_helo_hostname, reject_unknown_helo_hostname
    to be on...
    when this check is on a lot of legimit emails in holland are getting bloocked from big companys that af wrong settings in there mailserver.
    Not my problem as a provider a provider but it is for my costumers:
    here is a example
    Helo command rejected: Host not found; from=<[email protected]>
     
  6. ztk.me

    ztk.me ISPConfig Developer ISPConfig Developer

    that does look like an issue with the response time or filtering of their network. you might need to increase the timeout for your lookups and run a local dns cache / increase dns cache to reduce impact. just tried to load and ping the page ... ugh awful initial response time for me right now.
     
  7. Steffan

    Steffan Member

    i dont see a timeout in the maillog

    Oct 15 07:51:42 mail01 postfix/smtpd[22993]: connect from mail03.vivatverzekeringen.nl[80.113.33.9]
    Oct 15 07:51:42 mail01 postfix/smtpd[22993]: NOQUEUE: reject: RCPT from mail03.vivatverzekeringen.nl[80.113.33.9]: 450 4.7.1 <mail01.vivatverzekeringen.nl>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail01.vivatverzekeringen.nl>

    What i see is that the helo is different from the reverse dns

    nslookup mail03.vivatverzekeringen.nl
    Server: 208.67.220.220
    Address: 208.67.220.220#53

    Non-authoritative answer:
    Name: mail03.vivatverzekeringen.nl
    Address: 80.113.33.9

    [[email protected] /]# nslookup mail01.vivatverzekeringen.nl
    Server: 208.67.220.220
    Address: 208.67.220.220#53

    ** server can't find mail01.vivatverzekeringen.nl: NXDOMAIN
     

Share This Page