Re: Don't see why I have Client host rejected: cannot find your hostname problem
- On 07/26/2010 10:48 AM, Bernard T. Higonnet wrote:
> I'm having a terrible problem withThat means the connecting IP has no PTR record and you have included
> Client host rejected: cannot find your hostname
reject_unknown_client_hostname in your restrictions.
A simple "dig - x 126.96.36.199" shows this to be the case.
>Because you're running postfix -v; don't do that, then.
> First trivial question: Why is the rejection message printed three
> times? (I am running postfix -v)
>Define "isn't working"; the reason your mail is rejected is due to your
> Second, important question: I do not understand why my
> check_helo_access isn't working
client hostname check.
Since this occurs before any HELO checks, postfix never gets there.
> Jul 26 08:59:36 freebsd postfix/smtpd: warning: 188.8.131.52:Correct.
> address not listed for hostname WXYZ.com.cn
> smtpd_client_restrictions = reject_rbl_client sbl-xbl.spamhaus.orgSee ? I told you :)
> and here's what DNS has to say:
> freebsd# host WXYZ.com.cn
> WXYZ.com.cn has address 184.108.40.206
wxyz.com.cn. 600 IN CNAME at.domainsky.com.
at.domainsky.com. 600 IN A 220.127.116.11
Nobody ever tell you that an MX should never, ever be a CNAME ?
> WXYZ.com.cn mail is handled by 10 mail8.WXYZ.com.cn.Again, incorrect.
> WXYZ.com.cn mail is handled by 15 mail.WXYZ.com.cn.
> freebsd# host mail.WXYZ.com.cn
> mail.WXYZ.com.cn has address 18.104.22.168
I don't know what kind of DNS you have, but those addresses are not in
the global namespace.
>Incorrect. That IP does not have a PTR record.
> freebsd# host 22.214.171.124126.96.36.199.in-addr.arpa domain name
> pointer ip198.hichina.com.
> freebsd# host 188.8.131.52
> 184.108.40.206.in-addr.arpa domain name pointer WXYZ.com.cn.
>Irrelevant. Postfix never gets to evaluate that file.
> and, finally, here is /usr/local/etc/postfix/helo_access (I have not
> forgotten to run postmap or to reload postfix)
> freebsd# cat /usr/local/etc/postfix/helo_access
> mail.WXYZ.com.cn PERMIT