Spam passing postfix config "hostname does not resolve to address: No address associated with hostname"
From #postfix@freenode IRC, I've gotten the helpful hint (thanks, JPT) that the connecting IP/hostname is, of course, checked in smtpd_client_restrictions
.
smtpd_client_restrictions =
[...]
reject_unknown_reverse_client_hostname,
[...]
My existing reject_unknown_reverse_client_hostname
entry only checks for a missing client IP address address->name mapping!
I've now replaced it with the stricter reject_unknown_reverse_client_hostname
check which should "eliminate" the first warning:
reject_unknown_client_hostname: Reject the request when 1) the client IP address->name mapping fails, or 2) the name->address mapping fails, or 3) the name->address mapping does not match the client IP address.
Postfix doesn't seem to provide a reject option for the second warning:
postfix/smtpd: warning: Unable to look up MX host mail.intrcomm.net for Helo command eldoark.com: No address associated with hostname
.
Perhaps that makes sense, I can't say off the top of my hat. (To be clear: If there is no MX host, only an A record, that is valid and acceptable to me, but an MX host that points to nirvana shouldn't be accepted? If someone knows a config to enforce that, I'd love to know.)
edit: main Issue resolved:
postfix/smtpd[13599]: warning: hostname extremetech.com does not resolve to address 23.94.113.133
postfix/smtpd[13599]: connect from unknown[23.94.113.133]
postfix/smtpd[13599]: NOQUEUE: reject: RCPT from unknown[23.94.113.133]: 450 4.7.25 Client host rejected: cannot find your hostname, [23.94.113.133]; from=<[email protected]> to=<hidden> proto=ESMTP helo=<lapolla.com>
postfix/smtpd[13599]: disconnect from unknown[23.94.113.133] ehlo=1 mail=1 rcpt=0/1 data=0/1 quit=1 commands=3/5