[prev in list] [next in list] [prev in thread] [next in thread]
List: postfix-users
Subject: Re: Client host rejected
From: Matus UHLAR - fantomas <uhlar () fantomas ! sk>
Date: 2019-11-19 20:04:42
Message-ID: 20191119200442.GA12361 () fantomas ! sk
[Download RAW message or body]
>>On Mon, 18 Nov 2019 17:23:43 +0100 Matus UHLAR - fantomas
>><uhlar@fantomas.sk> wrote:
>>>seems something is wrong with your (or maybe their) reverse DNS
>>>resolution...
>On Mon, 18 Nov 2019, siefke_listen@web.de wrote:
>>This is what I had:
>>
>>[siefke@sisi-dell ~]$ nslookup 195.128.103.214
>>214.103.128.195.in-addr.arpa name = netcup.silviosiefke.com.
On 18.11.19 21:08, Bernardo Reino wrote:
>The question is whether your resolver can reverse-resolve the IP
>address where the message was coming from, i.e. 81.91.160.182, and not
>your own (of your mail server).
>
>$ dig -x 81.91.160.182
>office.denic.de. 3600 IN A 81.91.160.182
>
>$ dig office.denic.de
>office.denic.de. 3508 IN A 81.91.160.182
and this is, why Silvio (the OP) should not remove important content from
mail replied. I have posted exactly these ;-)
https://marc.info/?l=postfix-users&m=157409426700743&w=2
On 19.11.19 20:13, siefke_listen@web.de wrote:
>I use unbound.
>
>I have stop unbound an use the dns direct with resolv.conf.
>
>cat /etc/resolv.conf
>nameserver 46.182.19.48
>nameserver 80.241.218.68
>nameserver 2a03:b0c0:0:1010::e9a:3001
>nameserver 127.0.0.1
>search silviosiefke.com
1. unbound aka 127.0.0.1 should be the first server in resolv.conf, not the
last one. I think some resolvers don't use more than 3 servers.
2. what are those other IPs? Are they recursive servers provided by your ISP?
>Nov 19 19:58:20 netcup.silviosiefke.com postfix/smtpd[11593]: NOQUEUE:
>reject: RCPT from unknown[212.227.15.4]: 450 4.7.25 Client host rejected:
>cannot find your hostname, [212.227.15.4]; from=<siefke_listen@web.de>
>to=<webmaster@silvio-siefke.de> proto=ESMTP helo=<mout.web.de>
>dig-x 212.227.15.4
>4.15.227.212.in-addr.arpa. 14109 IN PTR mout.web.de.
>dig mout.web.de
...
>mout.web.de. 1800 IN A 212.227.15.4
...
>Self with direct dns contact it will not work. There is a big mistake.
>On Tue, 19 Nov 2019 14:20:43 -0500
>Viktor Dukhovni <postfix-users@dukhovni.org> wrote:
>> Why did you stop unbound? Presumably it provides the recursive
>> service on 127.0.0.1, which is listed below...
On 19.11.19 20:38, siefke_listen@web.de wrote:
>It work not. That's why so a line direct to nameserver and it work
>also not.
sure? "dig -x 212.227.15.4 @127.0.0.1" should show (with running unbound, of
course)
>> > Nov 19 19:58:20 netcup.silviosiefke.com postfix/smtpd[11593]: NOQUEUE:
>> > reject: RCPT from unknown[212.227.15.4]: 450 4.7.25 Client host rejected:
>> > cannot find your hostname, [212.227.15.4]; from=<siefke_listen@web.de>
>> > to=<webmaster@silvio-siefke.de> proto=ESMTP helo=<mout.web.de>
>> Is smtpd(8) chrooted? It may be using a different set of nameservers.
>
>Yes sure I change nothing in master.cf only auth stuff. So maybe this was it.
"maybe" is not enough. if your system uses chorooted smtpd, the
/etc/resolv.conf within that chroot should contain proper
>Nov 19 20:34:13 netcup.silviosiefke.com postfix/lmtp[16735]: 5180881406:
> to=<webmaster@silvio-siefke.de>,
> relay=netcup.silviosiefke.com[private/dovecot-lmtp], delay=1,
> delays=0.91/0.02/0.02/0.05, dsn=2.0.0, status=sent (250 2.0.0
> <webmaster@silvio-siefke.de> J/VlD7VD1F1gQQAAJFpQ3g Saved)
this is lmtp client, not smtp server, completely unrelated.
>So one question I have. Why I must change this on this server, but my
>master mail server running Debian need this change not.
perhaps your master mail server running debian has different configuration.
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The 3 biggets disasters: Hiroshima 45, Tschernobyl 86, Windows 95
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic