Prev-20 Home Next-20 4 msg Forwards vs aliases ? 4 msg no content-filter for authed users 2 msg postfix does not flush queued mails 1 msg Re: [dkim-milter-beta] mlfi_negotiate() problem 2 msg newby Q 14 msg PAM 'smtp' file question 5 msg Cyrus SASL2 + Postfix + PAM - part 3 9 msg transport error? Can't figure out if this rejection is coming fr... \ GT4NE1 (14 Nov 2007) . \ Noel Jones (15 Nov 2007) . \ Noel Jones (15 Nov 2007) 8 msg Alias with check_recipient_access: /etc/ppostfi... 2 msg NDR reports 7 msg Sender-ID and the Hotmail devil... 2 msg Postifx with IMAP 2 msg Postfix and procmail 4 msg destination limits - what is 'destination' 1 msg Redirect message based on Conditions 1 msg Cyrus SASL2 + Postfix + PAM - part 2 6 msg Cyrus SASL2 + Postfix + PAM 5 msg header_checks and content_filter documentation ... 2 msg Some problem configuring postfix/procmail with ... Prev-20 Home Next-20

Prev-Msg Prev-Thread Postfix-users Nov-2007 Next-Thread Next-Msg Subject: Can't figure out if this rejection is coming from SPF checking or another reject_unknown_sender Group: Postfix-users From: GT4NE1 Date: 14 Nov 2007 Here is a log entry for mail that is being rejected: Nov 14 10:28:35 mailserver01 postfix/smtpd[666]: connect from sl6exchfe2.savvis.net[64.242.52.11] Nov 14 10:29:59 mailserver01 postfix/policy-spf[726]: : Policy action=DEFER_IF_PERMIT SPF-Result=sl6smtp2.savvis.ad.savvis.net: 'SERVFAIL' error on DNS 'SPF' lookup of 'sl6smtp2.savvis.ad.savvis.net' Nov 14 10:29:59 mailserver01 postfix/smtpd[666]: NOQUEUE: reject: RCPT from sl6exchfe2.savvis.net[64.242.52.11]: 450 <dude.man>: Recipient address rejected: SPF-Result=sl6smtp2.savvis.ad.savvis.net: 'SERVFAIL' error on DNS 'SPF' lookup of 'sl6smtp2.savvis.ad.savvis.net'; from=<guy.person> to=<dude.man> proto=ESMTP helo=<sl6smtp2.savvis.ad.savvis.net> Nov 14 10:29:59 mailserver01 postfix/smtpd[666]: lost connection after RSET from sl6exchfe2.savvis.net[64.242.52.11] Nov 14 10:29:59 mailserver01 postfix/smtpd[666]: disconnect from sl6exchfe2.savvis.net[64.242.52.11] I'm trying to figure out why it is being rejected. Is it because of the SPF SERVFAIL error when trying to do a DNS lookup on a non-existent HELO hostname, or is it because of one of the following checks I have in /etc/postfix/main.cf? smtpd_helo_required = yes disable_vrfy_command = yes smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_destination, check_sender_access hash:/etc/postfix/sender_access, check_policy_service unix:private/policy, reject_rbl_client zen.spamhaus.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client list.dsbl.org policy_time_limit = 3600 show_user_unknown_table_name = no smtpd_data_restrictions = reject_unauth_pipelining, permit 1. It's my understanding that because I have reject_unknown_sender_domain in the smtpd_recipient_restrictions and not smtpd_helo_restrictions, it shouldn't reject email from a HELO hostname that doesn't have a DNS record, correct? For that I would use reject_unknown_hostname in the smtpd_helo_restrictions list. 2. I know this isn't the OpenSPF list, but I guess OpenSPF checks for a published record for the HELO hostname then? And if it doesn't find one or can't resolve the hostname at all, it rejects it? /etc/postfix/master.cf entry for SPF policy unix - n n - - spawn user=nobody argv=/usr/bin/perl /usr/libexec/postfix/policyd-spf-perl I'm running on RHEL 4 Update 4, postfix 2.2.10. I'm trying to figure out whether this is my problem with a poorly configured postfix and/or OpenSPF check or it is there problem for not issuing a proper HELO hostname that matches the connecting hostname. Thanks, -GT Prev-Msg Prev-Thread Postfix-users Nov-2007 Next-Thread Next-Msg

© 2004-2008 readlist.com