I'm getting email rejected -- well, at least it never makes it through beyond this -- from a legitimate host:
Code:
	Mar  3 09:17:38 zimbra postfix/smtpd[32248]: warning: hostname mail.ultratools.com does not resolve to address 199.58.208.118
	Mar  3 09:17:38 zimbra postfix/smtpd[32248]: connect from unknown[199.58.208.118]
	Mar  3 09:17:38 zimbra postfix/smtpd[32248]: disconnect from unknown[199.58.208.118]
	Mar  3 09:18:07 zimbra postfix/smtpd[32248]: warning: hostname mail.ultratools.com does not resolve to address 199.58.208.118
	Mar  3 09:18:07 zimbra postfix/smtpd[32248]: connect from unknown[199.58.208.118]
	Mar  3 09:18:07 zimbra postfix/smtpd[32248]: disconnect from unknown[199.58.208.118]
Checking I get
Code:
	host 199.58.208.118
		118.208.58.199.in-addr.arpa domain name pointer mail.ultratools.com.
	host mail.ultratools.com 
		mail.ultratools.com has address 199.58.208.117
So I need to turn OFF the check&reject that's happening. IIUC, it's not even recommended by RFC

Afaict, one of the settings at
Code:
	https://mydom.com:7071/zimbraAdmin/
		Home -> Configure -> Global Settings -> MTA
is supposed to do it. But my current config, with the descriptions from postfix docs for each of the items listed there, is:
Code:
	Protocol checks
		[X]	Hostname in greeting violates RFC (reject_invalid_helo_hostname)
			"Reject the request when the HELO or EHLO hostname is malformed"
		[X]	Client must greet with a fully qualified hostname (reject_non_fqdn_helo_hostname)	
			"Reject the request when the HELO or EHLO hostname is not in fully-qualified domain form"
		[X]	Sender address must be fully qualified (reject_non_fqdn_sender)	
			"Reject the request when the MAIL FROM address is not in fully-qualified domain form"
		
	DNS checks
		[ ]	Client's IP address (reject_unknown_client_hostname)
			"Reject the request when
				1) the client IP address->name mapping fails,
				2) the name->address mapping fails,
				or
				3) the name->address mapping does not match the client IP address."
		[ ]	Hostname in greeting (reject_unknown_helo_hostname)
			"Reject the request when the HELO or EHLO hostname has no DNS A or MX record"
		[X]	Sender's domain (reject_unknown_sender_domain)
			"Reject the request when Postfix is not final destination for the sender address, and the MAIL FROM domain has
				1) no DNS A or MX record,
				or
				2) a malformed MX record such as a record with a zero-length MX hostname (Postfix version 2.3 and later)."
and already *HAS* The "reject_unknown_client_hostname" DNS check *UN-CHECKED*.

If I check gacf for all of these settings, only two seem to show up:
Code:
	zmprov gacf | egrep "reject_invalid_helo_hostname|reject_non_fqdn_helo_hostname|reject_non_fqdn_sender|reject_unknown_client_hostname|reject_unknown_helo_hostname|reject_unknown_sender_domain"
		zimbraMtaRestriction: reject_non_fqdn_sender
		zimbraMtaRestriction: reject_unknown_sender_domain
and, specifically, NOT the one I'm looking for, reject_unknown_client_hostname

Have I missed something in the required config? Is there some additional/other setting/config I need to stop the rejections on this check?

darx