Client host rejected: sender address does not match client hostname
in [Postfix]
|
Prev: Fast 5xx-exit before HELO is just a temporary failure?
Next: smtpd_recipient_restrictions = check_recipient_access & sendmail
From: "Voytek Eymont" on 5 Apr 2010 10:27 I just noticed this in the logs, which might be from a valid sender to a valid user on this server: Apr 5 11:03:31 postfix/smtpd[31021]: NOQUEUE: reject: RCPT from fep06.mfe.bur.connect.com.au[203.63.86.26]: 554 5.7.1 <fep06.mfe.bur.connect.com.au[203.63.86.26]>: Client host rejected: sender address does not match client hostname; from=<xxxxxx(a)yahoo.com> to=<yyyy(a)zzz.org.au> proto=ESMTP helo=<fep06.mfe.bur.connect.com.au> is this rejected because the sender must have 'from' in his mail client set to ISP's, somename(a)connect.com.au and, reply-to to his desired xxxxxx(a)yahoo.com email ? -- Voytek
From: Wietse Venema on 5 Apr 2010 10:38 Voytek Eymont: > I just noticed this in the logs, which might be from a valid sender to a > valid user on this server: > > Apr 5 11:03:31 postfix/smtpd[31021]: NOQUEUE: reject: RCPT from > fep06.mfe.bur.connect.com.au[203.63.86.26]: 554 5.7.1 > <fep06.mfe.bur.connect.com.au[203.63.86.26]>: Client host rejected: sender > address does not match client hostname; from=<xxxxxx(a)yahoo.com> > to=<yyyy(a)zzz.org.au> proto=ESMTP helo=<fep06.mfe.bur.connect.com.au> > > is this rejected because the sender must have 'from' in his mail client > set to ISP's, somename(a)connect.com.au and, reply-to to his desired > xxxxxx(a)yahoo.com email ? This is is not built into Postfix, so it is something that you added. Perhaps a policy daemon, or an access map that matches the client name against the sender domain. Wietse
From: Noel Jones on 5 Apr 2010 14:22 On 4/5/2010 1:10 PM, brian moore wrote: > On Tue, 6 Apr 2010 00:27:57 +1000 (EST) > "Voytek Eymont"<lists(a)sbt.net.au> wrote: > >> I just noticed this in the logs, which might be from a valid sender to a >> valid user on this server: >> >> Apr 5 11:03:31 postfix/smtpd[31021]: NOQUEUE: reject: RCPT from >> fep06.mfe.bur.connect.com.au[203.63.86.26]: 554 5.7.1 >> <fep06.mfe.bur.connect.com.au[203.63.86.26]>: Client host rejected: sender >> address does not match client hostname; from=<xxxxxx(a)yahoo.com> >> to=<yyyy(a)zzz.org.au> proto=ESMTP helo=<fep06.mfe.bur.connect.com.au> >> >> is this rejected because the sender must have 'from' in his mail client >> set to ISP's, somename(a)connect.com.au and, reply-to to his desired >> xxxxxx(a)yahoo.com email ? > > Maybe, > > The person who runs fep06.mfe.bur.connect.com.au would know more, > since it is that server which rejected the mail. My guess is that > he does not allow yahoo envelopes from non-yahoo servers. He may > be more strict in his match and not allow 'example.com' envelopes from servers > whose dns does not include 'example.com'. > > Postfix just reports what the other mail server had in its reply: > whoever set that reply string would have more information on what it means. > > > No. The log entry clearly shows that fep06.mfe.bur.connect.com.au is the sender and local postfix is the receiver. The local postfix rejects the delivery attempt. This is almost certainly a "spoofed freemail" rule added to the local postfix. Recipes for similar rules have been posted on this list in the past. -- Noel Jones
From: mouss on 5 Apr 2010 19:12
brian moore a �crit : > On Mon, 05 Apr 2010 13:22:44 -0500 > Noel Jones <njones(a)megan.vbhcs.org> wrote: > >> No. The log entry clearly shows that >> fep06.mfe.bur.connect.com.au is the sender and local postfix >> is the receiver. The local postfix rejects the delivery attempt. >> >> This is almost certainly a "spoofed freemail" rule added to >> the local postfix. Recipes for similar rules have been posted >> on this list in the past. > > Ah, you are correct. Very silly rule at any rate, since there are > legitimate people that have certain freemail addresses but don't actually > use the freemail provider for SMTP. To play the devil advocate, many freemail and ISPs specify SPF entries and/or sign mail with DKIM. as a result, some sites will reject mail from such addresses if it fails SPF/DKIM/whatever. Add to that, the client has a "generic hostname": fep\d+.mfe.bur.connect.com.au: $ host 203.63.86.26 26.86.63.203.in-addr.arpa domain name pointer fep06.mfe.bur.connect.com.au. $ host 203.63.86.27 27.86.63.203.in-addr.arpa domain name pointer fep07.mfe.bur.connect.com.au. $ host 203.63.86.29 29.86.63.203.in-addr.arpa domain name pointer fep09.mfe.bur.connect.com.au. > > Guess I need more coffee. (Was wondering why it didn't say, "<somehost> said:"). |