NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2005-10

"cannot find your hostname", but DNS lookups are fine

From: Ben Finney (benbenfinney.id.au)
Date: Wed Oct 12 2005 - 01:51:37 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Howdy all,

I use 'smtpd_recipient_restrictions = reject_unknown_hostname'. I get
mail from most places I expect to work, but one particular
correspondent is being rejected:

=====
Oct 12 14:37:37 protea postfix/smtpd[32733]: NOQUEUE: reject: RCPT from unknown[150.101.164.6]: 450 Client host rejected: cannot find your hostname, [150.101.164.6]; from=<squawkcorax.com.au> to=<benbenfinney.id.au> proto=ESMTP helo=<nest.corax.com.au>
=====

Yet the host reverse-map seems fine:

=====
$ host 150.101.164.6
6.164.101.150.in-addr.arpa domain name pointer eth164-6.vic.adsl.internode.on.net.
=====

It even works from all the listed NS hosts:

=====
$ host -t ns 164.101.150.in-addr.arpa.
164.101.150.in-addr.arpa name server ns2.on.net.
164.101.150.in-addr.arpa name server ns3.on.net.
164.101.150.in-addr.arpa name server ns4.on.net.
164.101.150.in-addr.arpa name server ns1.on.net.

$ for ns in ns{1,2,3,4}.on.net. ; do host 150.101.164.6 $ns ; done
Using domain server:
Name: ns1.on.net.
Address: 216.200.145.64#53
Aliases:

6.164.101.150.in-addr.arpa domain name pointer eth164-6.vic.adsl.internode.on.net.
Using domain server:
Name: ns2.on.net.
Address: 192.231.203.2#53
Aliases:

6.164.101.150.in-addr.arpa domain name pointer eth164-6.vic.adsl.internode.on.net.
Using domain server:
Name: ns3.on.net.
Address: 192.83.231.19#53
Aliases:

6.164.101.150.in-addr.arpa domain name pointer eth164-6.vic.adsl.internode.on.net.
Using domain server:
Name: ns4.on.net.
Address: 192.231.203.3#53
Aliases:

6.164.101.150.in-addr.arpa domain name pointer eth164-6.vic.adsl.internode.on.net.
=====

If these DNS lookups work fine, why is Postfix rejecting this host
with "cannot find your hostname"?

=====
$ cat /etc/debian_version
3.1

$ aptitude show postfix | grep Version:
Version: 2.2.4-1

$ postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases hash:/etc/postfix/aliases-mailman
append_dot_mydomain = no
biff = no
body_checks = pcre:/etc/postfix/map-pcre/body_checks
canonical_maps = hash:/etc/postfix/canonical
config_directory = /etc/postfix
default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain{$rbl_reason?; $rbl_reason}. See <URL:http://www.benfinney.id.au/contact/nospam/>.
header_checks = pcre:/etc/postfix/map-pcre/header_checks
home_mailbox = Maildir/
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
masquerade_domains = !$myhostname $myorigin whitetree.org finney.id.au
masquerade_exceptions = root
mime_header_checks = regexp:/etc/postfix/map-regexp/mime_header_checks
mydestination = $myhostname localhost.$mydomain localhost.localdomain localhost protea.dmz.polar.local
myhostname = mail.benfinney.id.au
mynetworks = 127.0.0.0/8 192.168.0.0/24 192.168.1.0/24
myorigin = /etc/mailname
recipient_delimiter = +
relay_domains = polar.local
relayhost =
setgid_group = postdrop
smtpd_banner = $myhostname ESMTP $mail_name (GNU/Linux)
smtpd_data_restrictions = reject_unauth_pipelining permit
smtpd_error_sleep_time = 5
smtpd_hard_error_limit = 10
smtpd_helo_required = yes
smtpd_junk_command_limit = 5
smtpd_recipient_restrictions = reject_invalid_hostname reject_non_fqdn_hostname reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_hostname reject_unknown_client reject_unknown_sender_domain reject_unknown_recipient_domain reject_unauth_pipelining permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_recipient_access regexp:/etc/postfix/map-regexp/recipient_checks check_helo_access regexp:/etc/postfix/map-regexp/helo_checks check_sender_access regexp:/etc/postfix/map-regexp/sender_checks check_client_access regexp:/etc/postfix/map-regexp/client_checks check_client_access cidr:/etc/postfix/map-cidr/client_addr_checks check_helo_mx_access cidr:/etc/postfix/map-cidr/mx_addr_checks check_sender_mx_access cidr:/etc/postfix/map-cidr/mx_addr_checks check_recipient_mx_access cidr:/etc/postfix/map-cidr/mx_addr_checks reject_rbl_client sbl-xbl.spamhaus.org. reject_rbl_client list.dsbl.org. reject_rbl_client bogusmx.rfc-ignorant.org. reject_rbl_client dsn.rfc-ignorant.org. permit
smtpd_soft_error_limit = 3
strict_rfc821_envelopes = yes
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 450
virtual_alias_maps = hash:/etc/postfix/virtual regexp:/etc/postfix/map-regexp/virtual-mailman
=====

--
\ "Outside of a dog, a book is man's best friend. Inside of a |
`\ dog, it's too dark to read." -- Groucho Marx |
_o__) |
Ben Finney <benbenfinney.id.au>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iEYEARECAAYFAkNMsnkACgkQt6wuUb1BcUsoyQCguUSqox70JAohbtRX6Qb4CUcJ
vv4AninrjAVFIykAGbuQ6leY9/BFx8nb
=0vLa
-----END PGP SIGNATURE-----

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]