I've got a customer getting emails from the uspto.gov site - and we are rejecting them because Helo is not followed by hostname! --snip-- May 11 11:15:47 ns10 postfix/smtpd[3716044]: NOQUEUE: reject: RCPT from w-e2k16edg-401.uspto.gov[151.207.240.127]: 450 4.7.1 <hybrid.uspto.gov>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<hybrid.uspto.gov> --snip-- I've added the ip address and *.uspto.gov to the postfix whitelist records, (as SENDER) but they still are not getting through! anything I'm missing?? main.cf contains: smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, check_recipient_access proxy:mysql:/etc/postfix/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:/etc/postfix/mysql-virtual_recipient.cf, check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf, check_policy_service unixrivate/quota-status where does the postfix whitelist put its information? have I missed something in the recipient restrictions? thanks! ps. Not at ALL a threatening title!
Sender (email) address restrictions do not apply to the helo hostname; you can add a hostname regex to /etc/postfix/helo_access if you want to whitelist it (be sure to save your changes to a conf-custom template), or change your 'Reject unknown hostnames' setting in server config.
That probably makes sense for a client ip, feel free to create a feature request in the bug tracker for that.