Search results for software
A better round-robin DNS server
Linux and multimedia
Jesus saves, but Buddha makes incremental backups
How to update your Nokia N80 to the N80 Internet Edition firmware
HOWTO: Linux and iSCSI
Compiling gqrx on CentOS
Of course, there'll always be some mail servers that don't follow the RFCs properly.
Checking the logs, I noticed the following:
Sep 26 03:11:47 hosting postfix/smtpd: connect from mail7.exchange.microsoft.com[184.108.40.206]
Sep 26 03:11:49 hosting postfix/smtpd: NOQUEUE: reject: RCPT from mail7.exchange.microsoft.com[220.127.116.11]: 450 4.7.1 <df-gwy-07.exchange.corp.microsoft.com>: Helo command rejected: Host not found; from=<firstname.lastname@example.org> to=<email@example.com> proto=ESMTP helo=<df-gwy-07.exchange.corp.microsoft.com>
Sep 26 03:11:49 hosting postfix/smtpd: disconnect from mail7.exchange.microsoft.com[18.104.22.168]
Now, according to the SMTP RFC (http://www.ietf.org/rfc/rfc2821.txt):
The domain name given in the EHLO command MUST BE either a primary
host name (a domain name that resolves to an A RR) or, if the host
has no name, an address literal as described in section 22.214.171.124.
So why isn't there a DNS entry for df-gwy-07.exchange.corp.microsoft.com?
Anyway, to allow these broken setups to skip the "reject_unknown_hostname" in "smtpd_helo_restrictions", (as I don't want to disable it - it catches 95% of the spam) - you need to do the following:
* In main.cf, add parent_domain_matches_subdomains = yes
* In the smtpd_helo_restrictions section, add "check_helo_access hash:/etc/postfix/helo_access"
* In that helo_access file, list the offending "HELO/EHLOs" - in this case:
* Finally, run postmap /etc/postfix/helo_access to build the DB file, and restart postfix.
It does appear to be a problem more with some mail server admins than others. (https://www.nearlyfreespeech.net/about/email.php#software)