Results 1 to 6 of 6

Thread: [SOLVED] NOQUEUE - Helo command rejected: Host not found

  1. #1
    Join Date
    Mar 2008
    Location
    Seattle
    Posts
    52
    Rep Power
    7

    Default [SOLVED] NOQUEUE - Helo command rejected: Host not found

    I just upgraded from 6.0.4 to 6.0.5 today on my Ubuntu 8.04 server. I was not expecting any important emails today, but a potential client decided to send one anyways. Regardless, they ended up contacting me at an alternate address (not on this server) saying that their email was getting bounced back to them. ...But they didnt say what they wanted to talk about. I'd really like to get their original email through soon.

    I keep finding the excerpt below in my log files over and over again. And I need to know if it's because of the update, or because of some misconfiguration on my server or my SPF.

    Prior to upgrading the server today. I had no issues receiving mail that I was aware of. This individual had never emailed me before today, so I don't know if it's something on their end or not. FYI their server appears to be a microsoft server, if it matters.

    Also, the address of mine they are sending to is a Zimbra Persona, if that matters.

    Code:
    Feb 17 06:54:51 rad postfix/smtpd[7235]: 
    NOQUEUE: reject: RCPT from 
    mail.scidpda.org[64.122.100.46]: 
    450 4.7.1 <pdasrv01.scidpda.local>:
     Helo command rejected: Host not found; from=<xxxxxx@scidpda.org> 
    to=<xxxxxx@mydomain.com> 
    proto=ESMTP helo=<pdasrv01.scidpda.local>
    Last edited by tikal; 02-18-2010 at 01:19 AM.

  2. #2
    Join Date
    Mar 2008
    Location
    Seattle
    Posts
    52
    Rep Power
    7

    Default

    I have no idea, if the individual that attempted to contact me today has had issues sending email to other people. ...But is it possible that it's a poorly configured exchange server?

    My Zimbra server is currently configured to reject unknown host names.

    What do you guys think about this idea below?
    pdasrv01.scidpa.local appears to be the FQDN of the exchange server, and since it's not matching the name associated with the IP address Zimbra is bouncing the message.

    This is my zmprov gacf | grep zimbraMtaRestriction

    zimbraMtaRestriction: reject_invalid_hostname
    zimbraMtaRestriction: reject_non_fqdn_sender
    zimbraMtaRestriction: reject_unknown_hostname
    zimbraMtaRestriction: reject_unknown_sender_domain


    Can anyone take a look at these two urls:
    Helo command rejected: Host not found

    450 4.7.1 Client host rejected: cannot find your reverse hostname, [xxx.xxx.xxx.xxx]

    And let me know what you think?
    Last edited by tikal; 02-18-2010 at 04:29 AM.

  3. #3
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Postfix :: reject_unknown_helo_hostname send a email to postmaster@scidpda.org and ask them to make their mail server RFC compliant.

  4. #4
    Join Date
    Mar 2008
    Location
    Seattle
    Posts
    52
    Rep Power
    7

    Default

    Thanks for your reply uxbod!! I will send their postmaster an email about this situation.

    After much research, and getting conformation from uxbod that my mail server is not the problem I decided to remove the reject_unknown_hostname restriction from postfix so I could manage to get this email through. (Their server has been trying all day to get it through.)

    I made changes to my main.cf with zmprov mcf zimbraMtaRestriction

    In case anyone runs into the same or similar situation in the future here was my postfix main.cf smtpd_recipient_restrictions line before:

    cat /opt/zimbra/postfix/conf/main.cf
    smtpd_recipient_restrictions =
    reject_non_fqdn_recipient,
    permit_sasl_authenticated,
    permit_mynetworks,
    reject_unauth_destination,
    reject_unlisted_recipient,
    reject_invalid_hostname,
    reject_non_fqdn_sender,
    reject_unknown_hostname,
    reject_unknown_sender_domain,
    permit lmtp_host_lookup = dns

    and here is the after:

    cat /opt/zimbra/postfix/conf/main.cf
    smtpd_recipient_restrictions =
    reject_non_fqdn_recipient,
    permit_sasl_authenticated,
    permit_mynetworks,
    reject_unauth_destination,
    reject_unlisted_recipient,
    reject_invalid_hostname,
    reject_non_fqdn_sender,
    reject_rbl_client dnsbl.njabl.org,
    reject_rbl_client cbl.abuseat.org,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client dnsbl.sorbs.net,
    reject_rbl_client sbl.spamhaus.org,
    reject_rbl_client relays.mail-abuse.org,
    permit lmtp_host_lookup = dns

    Of course, just removing reject_unknown_hostname is what allowed this one email to come through, but I obviously added a bunch of RBL's too. I'll probably need to turn off some of these, but for now its working.

    I noticed at the bottom of this page of the 6.0 Administrators guide that reject_unknown_hostname is not in the list of possible restrictions, but was working on my server. This server started out in the 5.0 line but I couldn't find that option in the 5.0 line administrators guide either. Is this on by default or what? Perhaps I read about it here on the forum or on a postfix forum so long ago that I don't remember implementing it?? Regardless, Zimbra rocks!!

  5. #5
    Join Date
    Jun 2010
    Location
    Fortaleza- CE - Brazil
    Posts
    1
    Rep Power
    5

    Default

    Hi Guys,

    I don't know if its ok to post in a solved thread, but tell me and I wouldn't do it anymore! :-)

    My question is: is it possible to keep the "Helo command rejection" and have whitelists for specific IP addresses?

    Thanks,
    Eduardo ELlery

  6. #6
    Join Date
    Nov 2010
    Posts
    1
    Rep Power
    4

    Default

    Unfortunately, "reject_unknown_helo_hostname" is not acceptable to use, because too many Exchange Servers are configured to identify themselves with something that only appears in their local DNS.

    Apparently either Microsoft's certification programs only produce people who can point and click and don't know how anything about RFC standards, or their programs don't allow a proper internet routable hostname to be set on the server for some reason, possibly having to do with clustering or other advanced things used in larger networks.

    I'm not sure what it is, but I heard that a few of the issues preventing this sort of thing were removed in Exchange 2007 and 2010, but most Exchange admins will most likely not be aware of them.

    It would be nice if this wasn't an issue, because then we could all reject messages that don't pass this test. For our tiny network, this would be at least 500 messages a day, which is a good chunk of all the spam we receive. Instead, these messages end up making it to Amavis+SpamAssassin where they waste our CPU time.

    Oh well, I suppose it could be much worse...and it usually is with Microsoft Server OSes.

Similar Threads

  1. Replies: 1
    Last Post: 01-13-2009, 07:10 AM
  2. zmclamdctl is not running after upgrade
    By Darren in forum Installation
    Replies: 24
    Last Post: 10-10-2008, 09:10 AM
  3. Fresh Zimbra installation does not work
    By Datax in forum Installation
    Replies: 4
    Last Post: 08-18-2008, 01:18 PM
  4. Replies: 20
    Last Post: 03-18-2008, 05:37 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •