Reverse lookup 4.7.1 reject

NethServer 7.9.2009
postfix

Hello,

i have a serious problem receiving emails from xxx.gr. The error message as is written below is 4.7.1 and of course i cannot receive any email from xxx.

Oct 24 15:41:24 mail postfix/smtpd[7333]: NOQUEUE: reject: RCPT from unknown[10.5.225.10]: 450 4.7.1 Client host rejected: cannot find your hostname, [10.5.225.10]; from=info@xxx.gr to=mine@mine.gr proto=ESMTP helo=<mailhost.xxx.gr>

Unfortunately i cannot have a reverse lookup for the specified ip so i added that to access.cidr file, as i already made for other IPs, but i still cannot accept messages from xxx.gr. I also tried to add 10.5.255.10 mailhost.xxx.gr to the hosts file.
Do you have any idea why the problem persist?

Hi @iomasm

I can’t quite understand what you’re trying to do.
You talk about recieving mail from xxx.gr…

But first of all, which is your NethServer, and what does the IP 10.5.225.10 have to do with it?

The IP 10.5.225.10 is an Internal IP, so not valid over the Internet.

You’re probably missing out on several things which fail all tests for a sending server / or recieving server.

  • Using IP…
  • No reverse lookups (PTR records in DNS)
  • smtphelo not adapted…

and probably a lot more.

Check

to see how well your mailserver matches the tests…

My 2 cents
Andy

2 Likes

Thank you for your answer.

My mail server works internally with a 10.x.x.x IP and externally with a 84.x.x.x IP. We have an intranet with many organizations and that’s why we have this implementation.

The most significant problem is that I use public DNS to resolve the IPs and that’s why 10.x.x.x cannot be resolved. We have an 10.x.x.x DNS server but this one cannot resolve both 10.x.x.x IPs and public IPs.

The solution that suits better to me is to ask a DNS server and if it cannot resolve an IP to ask a second DNS server. As I know this is not possible, that’s why I have so many problems.

Hi

A lot of devices / servers, including NethServer, use a so called forwarding DNS server, not a full DNS server like eg BIND.
NethServer uses DNSmasq, another commonly used DNS forwarder is Unbound…

A forwarding DNS server forwards all queries which do not have a local entry will be forwarded to the next level DNS (Your provider or Google or Cloudflare, whatever).
Any entries which are locally available, will be provided to clients.

This means, that ALL external queries will be resolved, but also internal queries, if you have some entries. I’d add in all your internal hosts, servers, printers.

One other Tip: Using a forwarding DNS allows you to easily block eg Facebook.
Create an entry *.facebook.com, and eg point it to an empty IP, localhost, or to a virtual host on your NethServer with a simple html page saying WHY facebook can’t be reached…

→ Use the DNS of your NethServer for all internal hosts, your NethServer can use Cloudflare (1.1.1.1).

My 2 cents
Andy

1 Like