Projekt

Allgemein

Profil

Aktionen
Historie

Wiki » IRedMail » Iredmail troubleshoot »

Postfix rejects bad configured server

For a unknown reason a customer couldn't send mails to our iRedMail-Server. When looking into the maillog we realised that the customer-mail-server was sending a illegal HELO.

Nov  1 10:33:40 mail postfix/smtpd[3169]: NOQUEUE: reject: RCPT from unknown[178.23.101.244]: 554 5.7.1 <A1EXMX01.moresun.local>: Helo command rejected: Go away, bad guy (.local).; from=<J.Hille@moresuncorp.no> to=<k@keihsler.com> proto=ESMTP helo=<A1EXMX01.moresun.local>
Nov  1 10:54:58 mail postfix/smtpd[3306]: NOQUEUE: reject: RCPT from unknown[178.23.101.244]: 554 5.7.1 <A1EXMX01.moresun.local>: Helo command rejected: Go away, bad guy (.local).; from=<J.Hille@moresuncorp.no> to=<k@keihsler.com> proto=ESMTP helo=<A1EXMX01.moresun.local>
Nov  2 08:31:05 mail amavis[13858]: (13858-06) Passed CLEAN, MYUSERS LOCAL [194.209.123.2] [194.209.123.2] <k@keihsler.com> -> <J.Hille@moresuncorp.no>, Message-ID: <001901cdb8cc$03ec0110$0bc40330$@keihsler.com>, mail_id: IbpXr-Z3YK2E, Hits: -9.999, size: 26285, queued_as: D916E3F94, 1822 ms
Nov  2 08:31:05 mail postfix/smtp[14108]: E1EF73F90: to=<J.Hille@moresuncorp.no>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.1, delays=1.2/0.01/0/1.8, dsn=2.0.0, status=sent (250 2.0.0 from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as D916E3F94)
Nov  2 08:31:06 mail postfix/smtp[14120]: D916E3F94: to=<J.Hille@moresuncorp.no>, relay=mx1.moresuncorp.no[178.23.101.244]:25, delay=0.83, delays=0.02/0.01/0.52/0.28, dsn=2.0.0, status=sent (250 OK: <c8d2fbda00007083@mx1.moresuncorp.no>)

Unfortunately the customer didn't fix this issue on their side, so we needed a solution on our side.

After some research we found that /etc/postfix/helo_access.pcre holds regex to filter out unwanted @HELO@s. As deactivating of this particular rule was no option we decided to modify the existing rule to allow this particular wrongly configured server.

vim /etc/postfix/helo_access.pcre

/^(?:(?!.*\.moresun\.local))(.*\.local$)/                  REJECT Go away, bad guy (.local but .moresun.local).

Don't forget to reload the postfix-configuration after doing this change

/etc/init.d/postfix reload

Von Jeremias Keihsler vor mehr als 7 Jahren aktualisiert · 1 Revisionen