1

Topic: Client host rejected

==== Required information ====
- iRedMail version: 0.8.3
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: CentOS 6.3
- Related log if you're reporting an issue:
====

Hi community

Got this Client host rejection from a user, that I cannot solve!


Dec  9 15:15:48 server postfix/smtpd[1643]: NOQUEUE:
reject: RCPT from 62.169.86.129.rev.optimus.pt[62.169.86.129]: 554 5.7.1<62.169.86.129.rev.optimus.pt [62.169.86.129]>: 
Client host rejected: Access denied; from=<user1@domain.com> to=<user2@domain.com> proto=ESMTP helo=<10.50.106.233>

(emails are fake! the rest is real)


Got an average of 50 to 70 emails rejected only from this single user (sender).


Debugging ...

#1 - This user user1@domain.com is not sending anymore any emails to this user2@domain.com

#2 - He is using an email client (thunderbird) and his machine has no Virus or Trojans what so ever!

#3 - I've temporary disabled his account in iredadmin panel, but rejects still happen.

#4 - I've clean all mail queue (mailq is empty)

#5 - I've created a hash in main.cf smtpd_recipient_restrictions = .... check_sender_access hash:/etc/postfix/sender_access
     
domain.com  OK
user2@domain.com OK

#6 - in /etc/mail/spamassassin/local.cf I've added whitelist_from_spf *@domain.com



Here's my postconf -n output: http://tny.cz/13d22dfa

Here's my master.cf output: http://tny.cz/9ace4e31

Any more info to debug it, let me know !

Thanks for helping and support  smile

2

Re: Client host rejected

Could you please post full, original log related to this smtp session in postfix log file?

3

Re: Client host rejected

#> grep "Dec 10" maillog | grep -n 4994


950:Dec 10 10:43:29 server postfix/smtpd[4994]: warning: 62.169.67.134: address not listed for hostname 62-169-67-134.rev.optimus.pt

951:Dec 10 10:43:29 server postfix/smtpd[4994]: connect from unknown[62.169.67.134]

952:Dec 10 10:43:30 server postfix/smtpd[4994]: NOQUEUE: reject: RCPT from unknown[62.169.67.134]: 554 5.7.1 <unknown[62.169.67.134]>: Client host rejected: Access denied; from=<user1@domain.com> to=<user2@domain.com> proto=ESMTP helo=<10.50.45.121>

1046:Dec 10 10:53:30 server postfix/smtpd[4994]: timeout after RCPT from unknown[62.169.67.134]

1047:Dec 10 10:53:30 server postfix/smtpd[4994]: disconnect from unknown[62.169.67.134]


Thank you very much for the support !

4

Re: Client host rejected

digitalbit wrote:

950:Dec 10 10:43:29 server postfix/smtpd[4994]: warning: 62.169.67.134: address not listed for hostname 62-169-67-134.rev.optimus.pt

Is this hostname your local host? Or do you own this domain name?
Do you have IP 62.169.67.134 in /etc/hosts?

5

Re: Client host rejected

Hi ZhangHuangbin!


Noup! This IP 62.169.67.134 it's not my local host and I don't own this domain name!

This IP belongs to user2@domain.com.

user1@domain.com (belongs to my domain, only got one domain!)

user2@domain.com (belongs to other different domain that has nothing to do with mine)



if it's more clear this way:

NOQUEUE: reject:

RCPT from 62.169.86.129.rev.optimus.pt[62.169.86.129]: 554 5.7.1<62.169.86.129.rev.optimus.pt [62.169.86.129]>:

Client host rejected: Access denied; from=<user1@mydomain.com> to=<user2@otherdomain.com> proto=ESMTP helo=<10.50.106.233>



More debug:

Try this morning to ping 62.169.67.134 ... Request time out !


I've tried this online tool:   https://www.wormly.com/test_smtp_server

The output :

--------------------------------------------------------------------------------------------------------
Resolving hostname...
Connecting...
SMTP -> FROM SERVER:
220 smtp.xxxxx.com ESMTP Postfix
SMTP -> FROM SERVER:
250-myserver.mydomain.com
250-PIPELINING
250-SIZE 20480000
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
MAIL FROM: user1@mydomain.com
SMTP -> FROM SERVER:
250 2.1.0 Ok
RCPT TO: user2@otherdomain.com
SMTP -> FROM SERVER:
553 5.7.1 : Sender address rejected: not logged in
SMTP -> ERROR: RCPT not accepted from server: 553 5.7.1 : Sender address rejected: not logged in

Message sending failed.
--------------------------------------------------------------------------------------------------------


Any ideas ?

Thanks for the support wink

6

Re: Client host rejected

Hi digitalbit,

If sender/recipient are not under same domain, you MUST clearly explain it. It guided me to a wrong direction.

digitalbit wrote:

SMTP -> ERROR: RCPT not accepted from server: 553 5.7.1 : Sender address rejected: not logged in

Did you configure your mail client (Outlook, Thunderbird, etc) to perform SMTP authentication before sending email?

7

Re: Client host rejected

Sorry for miss information !

Yes, mail clients perform SMTP authentication before sending email !

Got more debug info:

today I did this:

#1 - access to webmail and login with <user1@mydomain.com>
#2 - sent an hello world email to <user2@otherdomain.com>
#3 - and kept my webmail session open !

heres the output:

------------------------------------------------------------------------------------------------------------------------------------------------
Dec 11 15:45:04 server postfix/smtpd[19974]: 9007640058: client=localhost[127.0.0.1], sasl_method=LOGIN, sasl_username=user1@mydomain.com
Dec 11 15:45:04 server postfix/cleanup[19979]: 9007640058: message-id=<56e36a627ecddcc599fc8f68f88bc0a1@softinsa.pt>
Dec 11 15:45:04 server postfix/qmgr[1469]: 9007640058: from=<user1@mydomain.com>, size=535, nrcpt=1 (queue active)
Dec 11 15:45:04 server roundcube: User user1@mydomain.com [172.31.20.44]; Message for user2@otherdomain.com; 250: 2.0.0 Ok: queued as 9007640058
Dec 11 15:45:04 server postfix/smtpd[19974]: disconnect from localhost[127.0.0.1]
Dec 11 15:45:05 server postfix/smtpd[19990]: connect from localhost[127.0.0.1]
Dec 11 15:45:05 server postfix/smtpd[19990]: 6BF5F40089: client=localhost[127.0.0.1]
Dec 11 15:45:05 server postfix/cleanup[19979]: 6BF5F40089: message-id=<56e36a627ecddcc599fc8f68f88bc0a1@mydomain.com>
Dec 11 15:45:05 server postfix/qmgr[1469]: 6BF5F40089: from=<user1@mydomain.com>, size=1479, nrcpt=1 (queue active)
Dec 11 15:45:05 server postfix/smtpd[19990]: disconnect from localhost[127.0.0.1]
Dec 11 15:45:05 server amavis[17959]: (17959-07) Passed CLEAN, MYNETS/MYUSERS LOCAL [127.0.0.1] [127.0.0.1] <user1@mydomain.com> -> <user2@otherdomain.com>, Message-ID: <56e36a627ecddcc599fc8f68f88bc0a1@mydomain.com>, mail_id: YQte8Zfw98oy, Hits: -10, size: 535, queued_as: 6BF5F40089, 791 ms
Dec 11 15:45:05 server postfix/smtp[19983]: 9007640058: to=<user2@otherdomain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.98, delays=0.15/0.02/0.01/0.8, dsn=2.0.0, status=sent (250 2.0.0 from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 6BF5F40089)
Dec 11 15:45:05 server postfix/qmgr[1469]: 9007640058: removed
Dec 11 15:45:05 server postfix/smtp[19992]: 6BF5F40089: to=<user2@otherdomain.com>, relay=mx1.tap.pt[91.198.90.27]:25, delay=0.36, delays=0.02/0.02/0.22/0.1, dsn=2.0.0, status=sent (250 Ok: queued as BD5641C2E2)
------------------------------------------------------------------------------------------------------------------------------------------------

Using web mail ... it looks good ! Works (no rejections) ...


But still i'm getting more than 20 rejected emails today !

------------------------------------------------------------------------------------------------------------------------------------------------
Dec 11 11:34:35 server postfix/smtpd[15753]: warning: 62.169.67.134: address not listed for hostname 62-169-67-134.rev.optimus.pt
Dec 11 11:34:35 server postfix/smtpd[15753]: connect from unknown[62.169.67.134]
Dec 11 11:34:36 server postfix/smtpd[15753]: NOQUEUE: reject: RCPT from unknown[62.169.67.134]: 554 5.7.1 <unknown[62.169.67.134]>: Client host rejected: Access denied; from=<user1@mydomain.com> to=<user2@otherdomain.com> proto=ESMTP helo=<10.50.45.121>
Dec 11 11:44:36 server postfix/smtpd[15753]: timeout after RCPT from unknown[62.169.67.134]
Dec 11 11:44:36 server postfix/smtpd[15753]: disconnect from unknown[62.169.67.134]
------------------------------------------------------------------------------------------------------------------------------------------------


# - i'm a bit suspicious about this:
smtpd_sender_restrictions = permit_mynetworks, reject_sender_login_mismatch , permit_sasl_authenticated

#- Why the persistence of sending over and over this email without the sender action on the email client ?
    Is this a default persistence action on postfix for email delivery ?

Still any ideas ?

Thanks.

8

Re: Client host rejected

digitalbit wrote:

Dec 11 15:45:05 server postfix/smtp[19992]: 6BF5F40089: to=<user2@otherdomain.com>, relay=mx1.tap.pt[91.198.90.27]:25, delay=0.36, delays=0.02/0.02/0.22/0.1, dsn=2.0.0, status=sent (250 Ok: queued as BD5641C2E2)

This mail (sent from webmail) was relayed to server: relay=mx1.tap.pt[91.198.90.27]:25.

9

Re: Client host rejected

hummmm ... help me out here ! So that means the relay server mx1.tap.pt[91.198.90.27]:25 is rejecting user1@mydomain.com from sending emails to user2@otherdomain.com ? And that's the reason from this rejection ?

10

Re: Client host rejected

digitalbit wrote:

Dec 11 11:34:35 server postfix/smtpd[15753]: warning: 62.169.67.134: address not listed for hostname 62-169-67-134.rev.optimus.pt

Still no idea yet, sorry.
But I guess this is caused by incorrect DNS records (or DNS query cache) of domain name 62-169-67-134.rev.optimus.pt.

11

Re: Client host rejected

But why the persistence of sending over and over this email without the sender action ? Should postfix have a sending limit with DNS errors ? Why postfix can just quit this email from his delivery queue ?!

12

Re: Client host rejected

Hi  ZhangHuangbin! Thanks for the support smile


Got more debug info today !


by adding my public email IP and FQDN to /etc/hosts and /var/spool/postfix/etc/hosts
------------------------------------------------------------
xxx.xxx.xxx.xxx  mail.server.com  mail
------------------------------------------------------------

the above line is gone !
server postfix/smtpd[15753]: warning: 62.169.67.134: address not listed for hostname 62-169-67-134.rev.optimus.pt



#> grep "Dec 14" maillog | grep -in 4360

--------------------------------------------------------------------------------------------------------------------------------------------------------
689:Dec 14 10:15:31 mdserver postfix/smtpd[4360]: connect from 62.169.86.132.rev.optimus.pt[62.169.86.132]

690:Dec 14 10:15:33 mdserver postfix/smtpd[4360]: NOQUEUE: reject: RCPT from 62.169.86.132.rev.optimus.pt[62.169.86.132]: 554 5.7.1 <62.169.86.132.rev.optimus.pt[62.169.86.132]>: Client host rejected: Access denied; from=<user1@domain.com> to=<user2@otherdomain.com> proto=ESMTP helo=<10.150.184.226>

741:Dec 14 10:25:33 mdserver postfix/smtpd[4360]: timeout after RCPT from 62.169.86.132.rev.optimus.pt[62.169.86.132]

742:Dec 14 10:25:33 mdserver postfix/smtpd[4360]: disconnect from 62.169.86.132.rev.optimus.pt[62.169.86.132]
--------------------------------------------------------------------------------------------------------------------------------------------------------

Today (14) I've notice that they (otherdomain.com Reverse DNS) have changed:

62.169.86.129.rev.optimus.pt[62.169.86.129]   to this  62.169.86.132.rev.optimus.pt[62.169.86.132]


Why postfix persistence of sending over and over this email without the sender action,  why can postfix just quit this email from his delivery queue ?!

Thanks for your support again ! smile

13

Re: Client host rejected

let's blame the client host for the rejection (as an example)!

Got this on my main.cf:


delay_warning_time = 0h
maximal_queue_lifetime = 1d
bounce_queue_lifetime = 1d


Why postfix persistence of sending over and over this email (30 min in 30 min) without the sender action,  why can postfix just quit this email from his delivery queue ?!

Is there any option to quit at once this persistence sending ?

Thanks for helping out wink

14

Re: Client host rejected

digitalbit wrote:

Why postfix persistence of sending over and over this email (30 min in 30 min) without the sender action,  why can postfix just quit this email from his delivery queue ?!

Usually, it's just a temporary (recipient) server-side issue, so Postfix keeps retrying. it's usual, i guess all MTA work this way.

digitalbit wrote:

Is there any option to quit at once this persistence sending ?

You can delete this message in queue manually with command "postsuper". but, warning here, deleted message cannot be recovery.