How can I use Postfix to track/log the HELO name that IPs are communicating to it with

linux email postfix email-server

Wietse Venema (author of Postfix) gave this answer to a question asked in 2012 on the postfix-users mailinglist:

warn_if_reject check_helo_access static:reject

It is probably current, give it a try.

Update

I gave it a try:

First of all the configuration needs to be made in the smtpd_helo_restrictions configuration directive.

smtpd_helo_restrictions = warn_if_reject check_helo_access static:reject

This will result in log entries of the following sort:

Oct 16 00:12:45 vega postfix/smtpd[6676]: NOQUEUE: reject_warning: RCPT from unknown[xxxx:xxxx:xxxx::x]: 554 5.7.1 <test>: Helo command rejected: Access denied; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<test>

In this case I used test in the HELO command of the SMTP connection. With this being a reject_warning, pflogsumm will have probably no problem summarizing this.

Related

Delay Windows (member) Server start-up until Domain Controller is available
htop cgroup column widen
Is it worthwhile to setup HTTP 2 reverse proxy in front of HTTP 1 server?
Error with PECL command in PHP7
creating an SPN from a linux build server
Can't start docker daemon—invalid image
Creating multiple Apache instances on CentOS 7 SystemD
Sending mail from inside docker container
Does chef-client use a local cache? If so, can I clear it?
Impact of using thinpool on LVM performance
nginx gzip Vary header together with existing Vary headers
GRE tunnel TTL number