[Postfixbuch-users] OT: Helo command rejected: Invalid name

Sandy Drobic postfixbuch-users at japantest.homelinux.com
Mo Jul 10 21:14:20 CEST 2006 

Joachim Sturm wrote:
>  
> 
>> -----Ursprüngliche Nachricht-----
>> Von: postfixbuch-users-bounces at listi.jpberlin.de 
>> [mailto:postfixbuch-users-bounces at listi.jpberlin.de] Im 
>> Auftrag von Ralf Hildebrandt
>> Gesendet: Montag, 10. Juli 2006 19:26
>> An: postfixbuch-users at listi.jpberlin.de
>> Betreff: Re: [Postfixbuch-users] OT: Helo command rejected: 
>> Invalid name
>>
>> * Joachim Sturm <joachim-sturm at web.de>:
>>
>>> ---> schnipp
>>> Jul 10 13:25:31 mailserver postfix/smtpd[17966]: connect from 
>>> unknown[10.20.5.51] Jul 10 13:25:31 mailserver 
>> postfix/smtpd[17966]: 
>>> NOQUEUE: reject: RCPT from
>>> unknown[10.20.5.51]: 501 <1020551>: Helo command rejected: Invalid 
>>> name; from=<asturm at example.com> to=<jsturm at exampelcom> proto=ESMTP 
>>> helo=<1020551> Jul 10 13:25:33 mailserver postfix/smtpd[17966]: 
>>> disconnect from unknown[10.20.5.51]
>>> ---> schnapp
>> Seine eigenen Hosts den Antispam Regeln zu unterwerfen ist nicht gut.
>>
>> postconf -n
>> bitte...
> 
> alias_maps = hash:/etc/aliases
> append_dot_mydomain = no
> biff = no
> broken_sasl_auth_clients = yes
> canonical_maps = mysql:/etc/postfix/mysql-canonical.cf
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> content_filter = smtp-amavis:[127.0.0.1]:10024
> daemon_directory = /usr/lib/postfix
> delay_warning_time = 48h
> mail_name = Mail-Daemon
> mailbox_size_limit = 0
> mailbox_transport = lmtp:unix:public/lmtp
> mydestination = localhost, localhost.$mydomain, $myhostname,
> mysql:/etc/postfix/mysql-mydestination.cf
> myhostname = mailserver.example.com
> mynetworks = 127.0.0.0/8, 10.20.0.0/16
> mynetworks_style = host
> recipient_delimiter = +
> relay_domains = mysql:/etc/postfix/mysql-relay.cf
> sender_canonical_maps = mysql:/etc/postfix/mysql-canonical.cf
> setgid_group = postdrop
> smtpd_banner = $myhostname ESMTP $mail_name.
> smtpd_delay_reject = yes
> smtpd_helo_required = yes
> smtpd_helo_restrictions = permit_sasl_authenticated,	
> 	permit_mynetworks,	
> 	reject_unauth_destination,	
> 	reject_non_fqdn_sender,	
> 	reject_non_fqdn_recipient,	
> 	reject_unknown_recipient_domain,	
> 	reject_non_fqdn_hostname,	
> 	reject_invalid_hostname,	
> 	reject_unauth_pipelining
> smtpd_recipient_restrictions = check_recipient_access
> hash:/etc/postfix/access_recipient        
> 	reject_non_fqdn_sender,        
> 	reject_non_fqdn_recipient,        
> 	reject_unknown_sender_domain,        
> 	reject_unknown_recipient_domain,        
> 	reject_invalid_hostname,        
         ^^^^^^^^^^^^^^^^^^^^^^^^

Hier ist dein Problem. Aber du kannst alle Checks, die du schon in 
smtpd_helo_restrictions aufgeführt hast, hier weglassen. Es macht keinen 
Sinn, den Check zweimal durchzuführen.

> 	check_helo_access hash:/etc/postfix/helo_access        
> 	check_client_access hash:/etc/postfix/access_client,        
> 	check_sender_access hash:/etc/postfix/access_sender,        
> 	permit_sasl_authenticated,        
> 	permit_mynetworks,		
> 	reject_rbl_client ix.dnsbl.manitu.net	
> 	reject_rbl_client zombie.dnsbl.sorbs.net,	
> 	reject_rbl_client relays.ordb.org,	
> 	reject_rbl_client opm.blitzed.org,	
> 	reject_rbl_client list.dsbl.org,	
> 	reject_rbl_client sbl.spamhaus.org,	
> 	reject_rbl_client unconfirmed.dsbl.org,	
> 	reject_rbl_client dynablock.njabl.org,	
> 	reject_rbl_client dialup.blacklist.jippg.org,	
> 	reject_rbl_client cbl.abuseat.org        
> 	permit_mx_backup,        
> 	reject_unauth_destination,        
> 	permit	
> body_check = regexp:/etc/postfix/body_checks	
> header_checks = regexp:/etc/postfix/header_checks
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain = 
> smtpd_sasl_security_options = noanonymous
> smtpd_sender_restrictions = permit_sasl_authenticated,	
> 	permit_mynetworks,	
> 	reject_unauth_destination,	
> 	reject_non_fqdn_sender,	
> 	reject_non_fqdn_recipient,	
> 	reject_unknown_recipient_domain,	
> 	reject_unauth_pipelining

Diese Restrictions kannst du komplett weglassen. Sie sind oben bereits 
geprüft worden (zum dritten Mal).

> smtpd_tls_auth_only = no
> smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
> smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
> smtpd_tls_loglevel = 1
> smtpd_tls_received_header = yes
> smtpd_use_tls = yes
> strict_rfc821_envelopes = yes
> tls_random_source = dev:/dev/urandom
> transport_maps = hash:$config_directory/transport
> virtual_alias_domains = mysql:/etc/postfix/mysql-virtual.cf
> virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf
> 
> --------------
> Mein Problem muß an Outlook einiger PCs liegen. Mit den gleichen
> Einstellungen auf einem anderen PC oder unter Thunderbird klappt es ( Helo
> command rejected: Invalid name )

Wie Ralf schon gesagt hatte, unterwerfe deine authentifizierten Clients 
nicht diesen Prüfungen.

Sandy

Mehr Informationen über die Mailingliste Postfixbuch-users