[Postfixbuch-users] warum 450

Matthias Haegele mhaegele at linuxrocks.dyndns.org
Di Mai 29 14:44:13 CEST 2007 

Roland M. Kruggel schrieb:
> Am Dienstag, 29. Mai 2007 14:08 schrieb Matthias Haegele:
>> Roland M. Kruggel schrieb:
>>> Halo Liste
>> Hallo!
>>
>>> Im mail.log
>>> --->
>>> 12:May 29 13:51:17 mail1 postfix/smtpd[5328]: NOQUEUE: reject:
>>> RCPT from unknown[88.204.141.70]: 450 4.7.1 <kiwjaj>: Helo
>>> command rejected: Host not found; from=<snna at roadcyclinguk.com>
>>> to=<rkruggel at bbf7.de> proto=SMTP helo=<kiwjaj>
>>> ---<
>>>
>>> Warum wird das nicht mit einen 5xx Fehlercode quitiert? Ist der
>>> 450 richtig?
>> Und wie sollen wir das wissen ohne deine Konfiguration zu kennen?
> 
> Da ist natürlich was dran. Ich dachte die 450 wären standart
> 
> 
> -->
> mail1:/etc/postfix# postconf -n
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> biff = no
> body_checks = pcre:/etc/postfix/maps/body_checks
> bounce_template_file = /etc/postfix/bounce-templates/bounce.de-DE.cf
> broken_sasl_auth_clients = yes
> canonical_maps = hash:/etc/postfix/maps/canonical
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> content_filter = smtp-amavis:[127.0.0.1]:10024
> daemon_directory = /usr/lib/postfix
> debug_peer_level = 1
> debug_peer_list =
> disable_dns_lookups = no
> disable_vrfy_command = yes
> header_checks = pcre:/etc/postfix/maps/header_checks
> helpful_warnings = yes
> home_mailbox = Maildir/
> local_destination_concurrency_limit = 2
> local_recipient_maps = $alias_maps 
> hash:/etc/postfix/maps/local_recipient
> mail_name = Postfix
> mail_owner = postfix
> mailbox_command = /usr/bin/procmail
> mailbox_size_limit = 0
> mailq_path = /usr/bin/mailq
> manpage_directory = /usr/share/man
> message_size_limit = 15728640
> mime_header_checks = pcre:/etc/postfix/maps/mime_header_checks
> mydestination = $myhostname     localhost.$mydomain     $mydomain       
> localhost       lists.$mydomain alma.$mydomain  sigma.$mydomain 
> xen-ssh.$mydomain xen-app-c1.$mydomain     xen-app-c2.$mydomain    
> xen-db1.$mydomain       xen-db2.$mydomain
> mydomain = bbf7.de
> myhostname = mail1.bbf7.de
> mynetworks = 212.144.119.46, 127.0.0.0/8
> myorigin = $mydomain
> newaliases_path = /usr/sbin/sendmail
> readme_directory = /usr/share/doc/packages/postfix/README_FILES
> recipient_canonical_maps = hash:/etc/postfix/maps/canonical_recipient
> recipient_delimiter = +
> relay_domains = $mydestination
> relayhost =
> relocated_maps = hash:/etc/postfix/maps/relocated
> sample_directory = /etc/postfix
> sender_canonical_maps = pcre:/etc/postfix/maps/canonical_sender
> sendmail_path = /usr/sbin/sendmail
> setgid_group = postdrop
> smtp_sasl_auth_enable = no
> smtp_tls_CAfile = /etc/postfix/certs/CAcert.pem
> smtp_tls_cert_file = /etc/postfix/certs/cert.pem
> smtp_tls_key_file = /etc/postfix/certs/key.pem
> smtp_tls_note_starttls_offer = yes
> smtp_use_tls = yes
> smtpd_banner = $myhostname ESMTP
> smtpd_client_restrictions =
> smtpd_helo_required = yes
> smtpd_helo_restrictions =
> smtpd_recipient_restrictions = permit_mynetworks        
> permit_sasl_authenticated       reject_unauth_destination       
> reject_invalid_helo_hostname    reject_non_fqdn_sender     
> reject_non_fqdn_recipient       reject_unauth_pipelining        
> reject_unknown_sender_domain    reject_unknown_recipient_domain 
> reject_unknown_hostname    check_recipient_access 
> hash:/etc/postfix/maps/access_recipient  permit_mx_backup        
> permit
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain =
> smtpd_sasl_security_options = noanonymous
> smtpd_sender_restrictions = permit_mynetworks   
> permit_sasl_authenticated       reject_unauth_destination       
> check_sender_access hash:/etc/postfix/maps/access_sender   
> check_sender_access pcre:/etc/postfix/maps/access_sender        
> reject_non_fqdn_sender  reject_unknown_sender_domain    permit
> smtpd_tls_CAfile = /etc/postfix/certs/CAcert.pem
> smtpd_tls_auth_only = no
> smtpd_tls_cert_file = /etc/postfix/certs/cert.pem
> smtpd_tls_key_file = /etc/postfix/certs/key.pem
> smtpd_tls_loglevel = 1
> smtpd_tls_received_header = yes
> smtpd_tls_session_cache_timeout = 3600s
> smtpd_use_tls = yes
> strict_rfc821_envelopes = yes
> tls_random_source = dev:/dev/urandom
> transport_maps = hash:/etc/postfix/maps/transport
> unknown_address_reject_code = 550
> unknown_local_recipient_reject_code = 550
> --<
> 
> ps:
> Wenn euch irgend eine Fehlconfiguration auffällt, die auch nichts mit 
> meiner Frage zu tun hat, bin ich für jeden Tip dankbar.


> reject_non_fqdn_hostname

funktioniert bei mir ganz gut ...

> reject_non_fqdn_helo_hostname (with Postfix < 2.3: reject_non_fqdn_hostname)
>     Reject the request when the HELO or EHLO hostname is not in fully-qualified domain form, as required by the RFC.
>     The non_fqdn_reject_code parameter specifies the response code to rejected requests (default: 504)



> 


-- 
Grüsse/Greetings
MH


Dont send mail to: ubecatcher at linuxrocks.dyndns.org
--

Mehr Informationen über die Mailingliste Postfixbuch-users