Postfix NOQUEUE: reject: RCPT from unknown

domain-name-system postfix smtp

Solution 1:

You have following restrictions in your config:

smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination
smtpd_sender_restrictions = reject_unknown_sender_domain

permit_sasl_authenticated

Permit the request when the client is successfully authenticated via the RFC 4954 (AUTH) protocol.

reject_unauth_destination

Reject the request unless one of the following is true:

  • Postfix is mail forwarder: the resolved RCPT TO domain matches $relay_domains or a subdomain thereof, and contains no sender-specified routing (user@elsewhere@domain),

  • Postfix is the final destination: the resolved RCPT TO domain matches $mydestination, $inet_interfaces, $proxy_interfaces, $virtual_alias_domains, or $virtual_mailbox_domains, and contains no sender-specified routing (user@elsewhere@domain).

reject_unknown_sender_domain

Reject the request when Postfix is not final destination for the sender address, and the MAIL FROM domain has 1) no DNS MX and no DNS A record, or 2) a malformed MX record such as a record with a zero-length MX hostname (Postfix version 2.3 and later).

The reply is specified with the unknown_address_reject_code parameter (default: 450), unknown_address_tempfail_action (default: defer_if_permit), or 550 (nullmx, Postfix 3.0 and later). See the respective parameter descriptions for details.

So, my guess is: whoever connects from 192.168.3.101 host (is it server itself?) sending mails without authentication (there is nothing about auth in log). So you need the following restriction to do so:

permit_mynetworks

Permit the request when the client IP address matches any network or network address listed in $mynetworks.

Prepend smtpd_recipient_restrictions with permit_mynetworks.

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

Official Docs: ACCESS README

UDP

Sometimes its really bad to permit_mynetworks because any host from $mynetworks can submit mails without authentication.

So its better to submit mails via smtp with auth from your app and dont use sendmail()/mail() functions

Related

Linux Software RAID10: Mysterious renaming /dev/md0 to /dev/md127: Why?
Connection refused HTTPS on Apache
AWS EKS update-kubeconfig does not respect --role-arn flag
Create NTFS symbolic links from within Linux
Why does unpartitioned Hitachi HDS5C3020 drive start consuming 50% more power 15 minutes after boot?
What's the importance of the email address in the DNS SOA lookup?
Restore a versioned S3 bucket to a particular point in time
Why CPU spent time on IO(wa)?
How to find out yum package names
Is it possible/advisable to run VMware Server ESX/ESXi on a laptop?
Error 0x80070570: How to delete corrupted and unreadable file?
Blocking the Apple OS X App Store