NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2007-10

RE: "Recipient address rejected: Policy" - What Policy ?

From: ALFREDO GONZALEZ (got2gomsn.com)
Date: Mon Oct 22 2007 - 19:37:18 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > Hello all,
> >
> >
> > We have a problem with emails being rejected from a specific remote domain
> >-/users.
> >
> > They report getting this from their mail server when trying to email us:
> >
> >
> >-Remote mail server at 123.123.123.123 replied: 450 4.7.1 <mailboxdomain.net
> >: Recipient
> >
> >-address rejected: Policy
> >
> >
> > I looked at our Postfix logs, and it shows the same.
> > It just says 'Policy;' but there is no other indication as to why it was r
> >-ejected.
> >
> > Any ideas on what/where to look for ?

Sorry about that...

Log and postconf info below.

Is it possible that it is being rejected because remotehost.remotedomain.net does not point to the <remote IP> ?
But, some emails do get through from them...hmmm

From maillog:

Oct 22 12:31:56 cyrus postfix/smtpd[24284]: warning: <remote IP>: address not listed for hostname remotehost.remotedomain.net
Oct 22 12:31:56 cyrus postfix/smtpd[24284]: connect from unknown[<remote IP>]
Oct 22 12:31:56 cyrus postfix/smtpd[24284]: NOQUEUE: hold: RCPT from unknown[<remote IP>]: <remoteuserremotedomain.net>: Sender address triggers HOLD action; from=<remoteuserremotedomain.net> to=<localuserlocaldomain.com> proto=SMTP helo=<REMOTEDOMAIN2.COM>
Oct 22 12:31:56 cyrus postfix/smtpd[24284]: NOQUEUE: reject: RCPT from unknown[<remote IP>]: 450 4.7.1 <localuserlocaldomain.com>: Recipient address rejected: Policy; from=<remoteuserremotedomain.net> to=<localuserlocaldomain.com> proto=SMTP helo=<REMOTEDOMAIN2.COM>
Oct 22 12:31:56 cyrus postfix/smtpd[24284]: disconnect from unknown[<remote IP>]
Oct 22 12:41:29 cyrus postfix/anvil[5098]: statistics: max connection rate 1/60s for (smtp:<remote IP>) at Oct 22 12:31:56
Oct 22 12:41:29 cyrus postfix/anvil[5098]: statistics: max connection count 1 for (smtp:<remote IP>) at Oct 22 12:31:56

postconf -n
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
allow_min_user = yes
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
disable_vrfy_command = yes
html_directory = /usr/share/doc/postfix-2.4.5-documentation/html
local_recipient_maps =
mail_owner = postfix
mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 20480000
mydestination = $myhostname, localhost.$mydomain, localhost, domain.net, host.domain.net, mysql:/etc/postfix/mysql-mydestination.cf
mydomain = domain.net
myhostname = host.domain.net
mynetworks = <our interneal IP ranges>
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.4.5-documentation/readme
sample_directory = /usr/share/doc/postfix-2.1.5/samples
sender_canonical_maps = mysql:/etc/postfix/mysql-canonical.cf
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_invalid_hostname, reject_rbl_client zen.spamhaus.org, reject_rbl_client list.dsbl.org, reject_rbl_client dul.dnsbl.sorbs.net, permit
smtpd_data_restrictions = reject_unauth_pipelining, permit
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_hostname, reject_invalid_hostname, permit
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_pipelining, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, reject_rbl_client list.dsbl.org, reject_rbl_client dul.dnsbl.sorbs.net, check_policy_service inet:127.0.0.1:10023, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = permit_sasl_authenticated check_sender_access static:hold
smtpd_tls_CAfile = /etc/postfix/ssl/smtpd.pem
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
soft_bounce = no
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf, mysql:/etc/postfix/mysql-virtualdomain.cf

Thanks!

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]