Postfix/smtpd: Client host rejected: cannot find your hostname

I'm trying to set-up a mail server, using postfix and dovecot. Everything works fine, and I can connect in IMAP using Mozilla Thunderbird. But when I'm trying to send emails using the smtp server, I run into the following cannot find your hostname error from the logs, and the sending the mail fails:

mail postfix/smtpd[15822]: NOQUEUE: reject: RCPT from unknown[xxx.xxx.xxx.xxx]: 550 5.7.1 Client host rejected: cannot find your hostname, [xxx.xxx.xxx.xxx]; from=<me@domain.com> to=<me@gmail.com> proto=ESMTP helo=<[192.168.10.47]>

xxx.xxx.xxx.xxx is the IP address of the client (not the server). I've google around a little for cannot find your hostname error, and it seems to be related to the PTR DNS record. But the PTR DNS record of my server seems correctly configured:

Here is the result of dig -x yyy.yyy.yyy.yyy, where yyy.yyy.yyy.yyy is the IP address of my server:

;; QUESTION SECTION:
;yyy.yyy.yyy.yyy.in-addr.arpa.       IN      PTR

;; ANSWER SECTION:
yyy.yyy.yyy.yyy.in-addr.arpa. 86400  IN      PTR     mail.domain.com.

In my /etc/postfix/main.cf, I've the following lines about the smtp restrictions:

## Customized smtpd paramters
smtpd_banner = $myhostname ESMTP
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,
    reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname,
    reject_unknown_helo_hostname, permit
smtpd_recipient_restrictions = reject_unknown_client_hostname,
    reject_unknown_sender_domain, reject_unknown_recipient_domain,
    reject_unauth_pipelining, permit_mynetworks,
    permit_sasl_authenticated, reject_unauth_destination,
    reject_invalid_hostname, reject_non_fqdn_sender
smtpd_sender_restrictions = reject_unknown_sender_domain,
    reject_sender_login_mismatch
smtpd_sender_login_maps = $virtual_mailbox_maps

And in my /etc/postfix/master.cf, I've only the default, without any restrictions:

smtp      inet  n       -       -       -       -       smtpd

I can also add that I'm using sasl authentification with a not self-signed certificate, and that my server is a Debian Wheezy, but I don't think it's relevant to my problem.

Any clues on how to fix my problem, or where to look?

Best Answer

You've set your server to reject invalid and unknown hostnames used in HELO.

smtpd_helo_restrictions = permit_mynetworks,
    reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname,
    reject_unknown_helo_hostname, permit

(Also that line there is ending with permit; you're missing some part of the configuration.)

If you want to be able to send email from clients that don't issue a proper HELO with a valid hostname, then remove reject_invalid_helo_hostname and reject_unknown_helo_hostname.

Best Answer

Related Solutions

Iptables – cannot send mail to postfix /w iptables linux proxy

Postfix rejects all incoming mail (Client host rejected: Access denied)

Related Topic