On 02/02/12 10:01, Rob Kampen wrote: > Hi list, > I have been getting the following types of log messages > > Jan 30 08:22:33 ndgonline postfix/smtpd[30538]: NOQUEUE: reject: RCPT > from unknown[71.46.229.50]: 450 4.7.1 Client host rejected: cannot find > your hostname, [71.46.229.50]; from=<DWoodman at orangebankfl.com> > to=<rkampen at ndgonline.net> proto=ESMTP helo=<mail.floridianbank.com> > > a rdns check shows all is well with 71.46.229.50 - it belongs to the > from senders domain name. > > ;; ANSWER SECTION: > 50.229.46.71.in-addr.arpa. 777 IN PTR mail2.orangebankfl.com. > > It seems it is being rejected due to the helo domain name - which does > not have a correct rdns. > No, the error is: Client host rejected: cannot find your hostname, [71.46.229.50] <snip> > > smtpd_sender_restrictions = > permit_mynetworks, > permit_sasl_authenticated, > reject_non_fqdn_sender, > reject_unknown_client, > reject_unauthenticated_sender_login_mismatch, > permit > and you have reject_unknown_client above. Postfix is attempting a rDNS lookup against the client IP [71.46.229.50], it temp failed for whatever reason (not that uncommon) so the client is "unknown" and you rejected it accordingly. See the Postfix documentation entry for more info: reject_unknown_client_hostname (with Postfix < 2.3: reject_unknown_client) Reject the request when 1) the client IP address->name mapping fails, 2) the name->address mapping fails, or 3) the name->address mapping does not match the client IP address. This is a stronger restriction than the reject_unknown_reverse_client_hostname feature, which triggers only under condition 1) above. The unknown_client_reject_code parameter specifies the response code for rejected requests (default: 450). The reply is always 450 in case the address->name or name->address lookup failed due to a temporary problem. I would recommend removing reject_unknown_client from your smtpd_sender_restrictions. Hope that helps.