Hello, it looks like the postfix.cf has changed my settings after updating 3.1 to the newest version. ( at least there was no postfix updates for months) i had removed the settings: reject_invalid_helo_hostname, reject_unknown_helo_hostname The reasen is that i see a lot of bounced emails from legitim emailadresses but with companys that has his helo adres not set correct. But todasy i noticed that the settings are back in the main.cf is there a way to prefent this?
Code: chattr +i filename makes it immune against modifications Code: chattr -i filename makes it editable again.
yes i know that way but that also gives this problems when updating postfix i was wondering why these settings are getting set back?
ISPConfig updates settings on update in services that are configured by ISPConfig. If you want to use a custom config, then copy the matching config file template from install/tpl/ of the ispconfig tar.gz to the folder /usr/local/ispconfig/server/conf-custom/install/
so you prefer reject_invalid_helo_hostname, reject_unknown_helo_hostname to be on... when this check is on a lot of legimit emails in holland are getting bloocked from big companys that af wrong settings in there mailserver. Not my problem as a provider a provider but it is for my costumers: here is a example Helo command rejected: Host not found; from=<[email protected]>
that does look like an issue with the response time or filtering of their network. you might need to increase the timeout for your lookups and run a local dns cache / increase dns cache to reduce impact. just tried to load and ping the page ... ugh awful initial response time for me right now.
i dont see a timeout in the maillog Oct 15 07:51:42 mail01 postfix/smtpd[22993]: connect from mail03.vivatverzekeringen.nl[80.113.33.9] Oct 15 07:51:42 mail01 postfix/smtpd[22993]: NOQUEUE: reject: RCPT from mail03.vivatverzekeringen.nl[80.113.33.9]: 450 4.7.1 <mail01.vivatverzekeringen.nl>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail01.vivatverzekeringen.nl> What i see is that the helo is different from the reverse dns nslookup mail03.vivatverzekeringen.nl Server: 208.67.220.220 Address: 208.67.220.220#53 Non-authoritative answer: Name: mail03.vivatverzekeringen.nl Address: 80.113.33.9 [root@mail01 /]# nslookup mail01.vivatverzekeringen.nl Server: 208.67.220.220 Address: 208.67.220.220#53 ** server can't find mail01.vivatverzekeringen.nl: NXDOMAIN
