On 02/02/12 10:01, Rob Kampen wrote:
Hi list, I have been getting the following types of log messages
Jan 30 08:22:33 ndgonline postfix/smtpd[30538]: NOQUEUE: reject: RCPT from unknown[71.46.229.50]: 450 4.7.1 Client host rejected: cannot find your hostname, [71.46.229.50]; from=DWoodman@orangebankfl.com to=rkampen@ndgonline.net proto=ESMTP helo=<mail.floridianbank.com>
a rdns check shows all is well with 71.46.229.50 - it belongs to the from senders domain name.
;; ANSWER SECTION: 50.229.46.71.in-addr.arpa. 777 IN PTR mail2.orangebankfl.com.
It seems it is being rejected due to the helo domain name - which does not have a correct rdns.
No, the error is:
Client host rejected: cannot find your hostname, [71.46.229.50]
<snip>
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_client, reject_unauthenticated_sender_login_mismatch, permit
and you have reject_unknown_client above.
Postfix is attempting a rDNS lookup against the client IP [71.46.229.50], it temp failed for whatever reason (not that uncommon) so the client is "unknown" and you rejected it accordingly.
See the Postfix documentation entry for more info:
reject_unknown_client_hostname (with Postfix < 2.3: reject_unknown_client) Reject the request when 1) the client IP address->name mapping fails, 2) the name->address mapping fails, or 3) the name->address mapping does not match the client IP address. This is a stronger restriction than the reject_unknown_reverse_client_hostname feature, which triggers only under condition 1) above. The unknown_client_reject_code parameter specifies the response code for rejected requests (default: 450). The reply is always 450 in case the address->name or name->address lookup failed due to a temporary problem.
I would recommend removing reject_unknown_client from your smtpd_sender_restrictions.
Hope that helps.