NOQUEUE: reject: RCPT from unknown

Thu Aug 19 11:21:41 UTC 2021

dig mx mijnders-transport.nl
;mijnders-transport.nl.         IN      MX

;; ANSWER SECTION:
mijnders-transport.nl.  3600    IN      MX      10 mail.mijnders-transport.nl.
mijnders-transport.nl.  3600    IN      MX      20 mailcluster01.ic-cloud.nl.
mijnders-transport.nl.  3600    IN      MX      15 smtp.mijnders-transport.nl.

dig a mail.mijnders-transport.nl
;; ANSWER SECTION:
mail.mijnders-transport.nl. 3600 IN     A       95.97.58.162

dig a mailcluster01.ic-cloud.nl.
;; ANSWER SECTION:
mailcluster01.ic-cloud.nl. 3600 IN      A       5.200.9.229
mailcluster01.ic-cloud.nl. 3600 IN      A       80.113.12.211

dig a smtp.mijnders-transport.nl
;; ANSWER SECTION:
smtp.mijnders-transport.nl. 3600 IN     A       80.101.110.162

dig -x 95.97.58.162
;; ANSWER SECTION:
162.58.97.95.in-addr.arpa. 86400 IN     PTR     smtp.mijnders-transport.nl.

dig -x 80.101.110.162
;; ANSWER SECTION:
162.110.101.80.in-addr.arpa. 86400 IN   PTR     a80-101-110-162.adsl.xs4all.nl.

dig -x 5.200.9.229
;; ANSWER SECTION:
229.9.200.5.in-addr.arpa. 3600  IN      PTR     smtp2.ic-cloud.nl.

dig -x 80.113.12.211
;; ANSWER SECTION:
211.12.113.80.in-addr.arpa. 14400 IN    PTR     smtp1.ic-cloud.nl.

So far, this look good but now this.. 

helo=<mijnders-transport.nl>
dig a mijnders-transport.nl
;; ANSWER SECTION:
mijnders-transport.nl.  3600    IN      A       157.97.171.171

Do you see what you did wrong? 

The hint is : 
mail.mijnders-transport.nl. 3600 IN     A       95.97.58.162
162.58.97.95.in-addr.arpa. 86400 IN     PTR     smtp.mijnders-transport.nl.

Remove the A DNS record for mail.mijnders-transport.nl and add CNAME to smtp.mijnders-transport.nl
That should fix part 1. 

Also, change the helo name to : mail.mijnders-transport.nl

Dont use "DOMAINNAMES" anywhere, use FQDN's.. 
mijnders-transport.nl != FQDN 

Repeat my steps as shown above, if your output is diffent, 
then maybe you "just" adjusted the dns and its not fully ready? 

I hope this helps you a bit.
If not, start reading here.
https://datatracker.ietf.org/doc/html/rfc5321#section-2.3.4 

Greetz, 

Louis

> -----Oorspronkelijk bericht-----
> Van: MailScanner 
> [mailto:mailscanner-bounces+belle=bazuin.nl at lists.mailscanner.
info] Namens mailscanner at barendse.to
> Verzonden: donderdag 19 augustus 2021 11:17
> Aan: MailScanner mailing list
> Onderwerp: NOQUEUE: reject: RCPT from unknown
> 
> I'm trying to figure out why some cannot send email.
> 
> In my postfix main.cf I have :
> 
> smtpd_relay_restrictions = permit_mynetworks 
> permit_sasl_authenticated 
> defer_unauth_destination
> 
> smtpd_helo_required = yes
> smtpd_helo_restrictions =
>      permit_mynetworks
>      permit_sasl_authenticated
>      check_helo_access hash:/etc/postfix/helo_access
>      reject_invalid_helo_hostname
>      reject_non_fqdn_helo_hostname
>      reject_unknown_helo_hostname
> 
> smtpd_sender_restrictions =
>     permit_mynetworks
>     permit_sasl_authenticated
>     reject_unknown_sender_domain
>     reject_unknown_client_hostname
>     reject_unknown_reverse_client_hostname
> 
> Some mail gets rejected with :
> 
> Aug 18 14:01:26 gw1 postfix/smtpd[171903]: NOQUEUE: reject: RCPT from 
> unknown[95.97.58.162]: 450 4.7.25 Client host rejected: 
> cannot find your 
> hostname, [95.97.58.162]; from=<xxxxxxx at mijnders-transport.nl> 
> to=<xxxxxxxx at xxxx.com> proto=ESMTP helo=<mijnders-transport.nl>
> 
> But then when I do :
> host 95.97.58.162 
> 162.58.97.95.in-addr.arpa domain name pointer 
> smtp.mijnders-transport.nl.
> 
> I already added the domain to helo_access, where am I going wrong?
> 
> 
> -- 
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> 
> 