BearTM
September 30, 2022, 5:30pm
1
NethServer Version: 7.9.2009Module: Postfix
I’ve tried to set the SMTP HELO message to my domain, but none of the settings appear to be working when being checked by MX Toolbox:
Reverse DNS from IP Address returns:
Checked in Cockpit Relay settings:
Custom HELO: mail.domain .net
Checked in console Configuration:
postfix=service
HeloHost=mail.domain .net
Checked in /etc/postfix/main.cf
smtp_helo_name = mail.domain .net
Checking with MXToolboxTranscript : 220 domain .mail.local ESMTP Postfix [137 ms]Transcript : EHLO keeper-us-east-1d.mxtoolbox.com Transcript : 250-domain .mail.local
Which fails the MX Toolbox HELO match check.
Does anyone have any ideas why the HELO setting (confirmed correct) in main.cf is not being applied in the Postfix HELO response?
Andy_Wismer
September 30, 2022, 6:06pm
2
@BearTM
Hi Rob
And welcome to the Nethserver community!
Additionally, this seems to be needed in /etc/postfix/main.cf:myhostname = example.com
I have this in my notes:
————————————————————
Custom Template addition for Postfix:
mkdir -p /etc/e-smith/templates-custom/etc/postfix/main.cf
cp /etc/e-smith/templates/etc/postfix/main.cf/40helo /etc/e-smith/templates-custom/etc/postfix/main.cf/40helo
nano /etc/e-smith/templates-custom/etc/postfix/main.cf/40host
Add in:
myhostname = example.com
Save with CTRL-x y ENTER
expand-template /etc/postfix/main.cf
signal-event nethserver-mail-server-update
systemctl restart postfix
systemctl status postfix
Hope this helps…
My 2 cents
2 Likes
davidep
September 30, 2022, 6:28pm
3
Hi Rob!
Some good guy added the custom helo setting to the Cockpit UI at some point, according to the manual page
https://docs.nethserver.org/en/v7/mail.html#custom-helo
IIUC it’s under Email > Relay
To Andy: update your notes!
1 Like
BearTM
September 30, 2022, 6:42pm
4
@davidep … well, the issue is that I’ve already followed that guide, and set the Email > Relay > HELO Host … verified that in the console db postfix settings, checked the generated postfix/main.cf file, and verified the reverse DNS. It’s all correct!
@Andy_Wismer , I’ll try adding in a custom template for “myhostname”, but the explicit override in postfix/main.cf should be taking care of that already … will update shortly.
Andy_Wismer
September 30, 2022, 6:44pm
5
@davidep
Salutti Davide
I did use the custom-helo, but wasn’t enough in my case.helohost directive in in /etc/postfix/main.cf (using template
Adding the myhostname directive helped.
My 2 cents
Andy_Wismer
September 30, 2022, 6:51pm
6
I fully agree, and I did report in the forum that it wasn’t enough (or not the right directive?), but it seemed to work for some users here.
It did not work for my mail tests.
Not all mail tests were created equal, some are really good, others are a waste of time…
To manually verify, use a simple telnet (Or PuTTY in telnet mode)
telnet yourmailserver.domain.tld 25
You should see the helo displayed…
My 2 cents
BearTM
September 30, 2022, 7:01pm
7
@Andy_Wismer - Sweet! The addition of the custom template solved it.
As you said, I needed to create the file:/etc/e-smith/templates-custom/etc/postfix/main.cf/40hostname
but instead of hard-coding in the domain name, I instead added in:{ $postfix{'HeloHost'} ? "" : "# " }myhostname = { $postfix{'HeloHost'} }
Then:expand-template /etc/postfix/main.cf
And checked the main.cf contents (to be absolutely sure):smtp_helo_name = mail.domain.netmyhostname = mail.domain.net
Restart the mail server:signal-event nethserver-mail-server-update
And everything is now working 100% from MX Toolbox:Transcript : 220 mail.domain.net ESMTP Postfix [111 ms]Transcript : EHLO keeper-us-east-1d.mxtoolbox.com Transcript : 250-mail.domain.net
Thank you!
I think we need to update the generation templates (in the future) to handle this correctly:
/etc/e-smith/templates/etc/postfix/main.cf/40helo
#
# 40helo -- Customizable SMTP HELO value #2767
#
{ $postfix{'HeloHost'} ? "" : "# " }smtp_helo_name = { $postfix{'HeloHost'} }
{ $postfix{'HeloHost'} ? "" : "# " }myhostname = { $postfix{'HeloHost'} }
So that this will work “out of the box” for everyone.
2 Likes
Andy_Wismer
September 30, 2022, 7:03pm
8
@BearTM
See this:
Now we have an amazing feature on our community platform which helps to mark a topic as SOLVED
As the OP (topic creator) you will have a button that allows you to accept an answer
[image]
Accepted answers are highlighted in the topic list:
[image]
Accepted answers are highlighted on the initial topic:
[image]
This kind of action is enabled only for topic into the Support category
Happy support!
Helps the next dude…
My 2 cents
I also use mxtoolbox.com (among others…), mail-tester.com is another good one
BearTM
September 30, 2022, 7:11pm
9
@Andy_Wismer
I gave mail-tester.com a go, and received a “Wow! Perfect, you can send 10/10 score”, with it warning only that I didn’t send a “List-Unsubscribe header”.
Thanks for your quick and comprehensive answer!
Andy_Wismer
September 30, 2022, 7:12pm
10
And thanks for that!
We are proud of our little forum here…
mail-tester.com is focused on Spam (For mass mailers?).
Andy_Wismer
September 30, 2022, 7:17pm
11
I’d suggest adding the templates as suggested, right from the dev side.
2 Likes
BearTM
September 30, 2022, 7:21pm
12
Yes - I edited my earlier comment to the following:
Create the custom template file:/etc/e-smith/templates-custom/etc/postfix/main.cf/40hostname
but instead of hard-coding in the domain name, I instead added in:{ $postfix{'HeloHost'} ? "" : "# " }myhostname = { $postfix{'HeloHost'} }
Then:expand-template /etc/postfix/main.cf
Restart the mail server:signal-event nethserver-mail-server-update
And everything is now working 100%.
2 Likes
davidep
September 30, 2022, 8:18pm
13
OMG …I’m sorry guys! I completely missed the point
https://www.postfix.org/postconf.5.html#myhostname
The default is helo = hostname, not the contrary.
The proposed change would alter the semantics of the existing setting: I tend to disagree with it.
Andy_Wismer
September 30, 2022, 8:46pm
14
@davidep
Further down you can see:
smtp_helo_name (default: $myhostname )
What we’re using is actually NOT the correct way, as it seems.
However: this is somewhat stupid, as it violates RFCs about the requirement to use “A” records, NOT CNAMEs for DNS Mail server records.
smtp_cname_overrides_servername (default: version dependent)
When the remote SMTP servername is a DNS CNAME,
It also results in a (nowadays) hardly usable mail smtp server…
My 2 cents
davidep
October 3, 2022, 11:40am
15
Yes IIUC it is not fully consitent with RFCs.
Good news are that for NS8 the Mail module allows to set $myhostname to a free host FQDN value: there shouldn’t be the need of the custom HELO any longer.
3 Likes
