Re: [trinity-devel] bugs.pearsoncomputing.net - DNS entry causing confirmation email to be rejected by postfix 'reject_unknown_client'

On 02/28/2011 05:22 PM, Timothy Pearson wrote: <snip> <snip> Tim, my postfix setup is: [17:35 nirvana:/home/david/Documents/law/clients-rlf] # postconf -n alias_database = $alias_maps alias_maps = hash:/etc/postfix/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/lib/postfix data_directory = /var/lib/postfix debug_peer_level = 2 html_directory = no inet_interfaces = all mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/bin/procmail -a "$EXTENSION" mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man message_size_limit = 10240000 mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain myhostname = nirvana.3111skyline.com mynetworks_style = subnet myorigin = $mydomain newaliases_path = /usr/bin/newaliases proxy_interfaces = 66.76.63.120 queue_directory = /var/spool/postfix readme_directory = no relay_domains = rlfpllc.com, rbpllc.com, rankinfirm.com, rankinlawfirm.com, drrankin.com sample_directory = /etc/postfix/sample sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_client_restrictions = reject_rbl_client zen.spamhaus.org <** I had to remove reject_unknown_client from the line above **> smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname, reject_non_fqdn_hostname smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination unknown_local_recipient_reject_code = 550 Before removing 'reject_unknown_client' from smtpd_client_restrictions, the confirmation email was rejected with (note I've removed the @ signs below and replaced them with ' at '): Feb 28 16:22:22 nirvana postfix/smtpd[6858]: NOQUEUE: reject: RCPT from unknown[74.84.118.181]: 450 4.7.1 Client host rejected: cannot find your hostname, [74.84.118.181]; from=&lt;bugs(a)pearsoncomputing.net&gt; to=<trin at 3111skyline.com> proto=ESMTP helo=<vali.starlink.edu> Feb 28 16:22:22 nirvana postfix/smtpd[6858]: disconnect from unknown[74.84.118.181] After removing 'reject_unknown_client' the confirmation came through no problem: Feb 28 16:32:05 nirvana postfix/smtpd[6966]: warning: 74.84.118.181: address not listed for hostname pearsoncomputing.net Feb 28 16:32:05 nirvana postfix/smtpd[6966]: connect from unknown[74.84.118.181] Feb 28 16:32:05 nirvana postfix/smtpd[6966]: 8E24D5FBCD: client=unknown[74.84.118.181] Feb 28 16:32:05 nirvana postfix/cleanup[6968]: 8E24D5FBCD: message-id=&lt;201102282222.p1SMMIkD004700(a)thor.starlink.edu&gt; Feb 28 16:32:05 nirvana postfix/smtpd[6966]: disconnect from unknown[74.84.118.181] Feb 28 16:32:05 nirvana postfix/qmgr[6945]: 8E24D5FBCD: from=&lt;bugs(a)pearsoncomputing.net&gt;et>, size=2878, nrcpt=1 (queue active) Feb 28 16:32:05 nirvana postfix/local[6971]: 8E24D5FBCD: to=<me at 3111skyline.com>, orig_to=<trin at 3111skyline.com>, relay=local, delay=0.4, delays=0.31/0.01/0/0.07, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -a "$EXTENSION") Feb 28 16:32:05 nirvana postfix/qmgr[6945]: 8E24D5FBCD: removed I wish I could tell you the reason why postfix was rejecting the messages with 'reject_unknown_client' set as a smtpd_client_restrictions entry, but alas, my postfix knowledge doesn't extend that far... But, I can confirm the behavior and let you know what caused the rejection. I can see the lookup for pearsoncomputing.net just fine as well: [17:48 nirvana:/home/david/Documents/law/clients-rlf] # nslookup 74.84.118.181 Server: 192.168.6.17 Address: 192.168.6.17#53 Non-authoritative answer: 181.118.84.74.in-addr.arpa name = pearsoncomputing.net. Authoritative answers can be found from: 118.84.74.in-addr.arpa nameserver = ns2.mcomdc.com. 118.84.74.in-addr.arpa nameserver = ns1.mcomdc.com. However, I think postfix doesn't like the fact that there is no "hostname.pearsoncomputing.net', provided, just a domainname. Fox example, when I do a lookup on my office server, I get: [17:48 nirvana:/home/david/Documents/law/clients-rlf] # nslookup 66.76.63.60 Server: 192.168.6.17 Address: 192.168.6.17#53 Non-authoritative answer: 60.63.76.66.in-addr.arpa name = mail.rbpllc.com. Authoritative answers can be found from: 63.76.66.in-addr.arpa nameserver = ns2.suddenlink.net. 63.76.66.in-addr.arpa nameserver = ns1.suddenlink.net. ns2.suddenlink.net internet address = 66.76.2.133 Notice the "name =" difference. I have a hostname, you just have your domain. Like I said, I'm no postfix expert, but I think that (or something along those lines) is what is happening.