1

Topic: How to add the ip or hostname whitelist list in the helo_access.pcre ?

==== Required information ====
- iRedMail version: iRedAdmin-Pro-MySQL 1.7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySQL
- Linux/BSD distribution name and version: CentOS Linux 6.4 64bit
- Related log if you're reporting an issue:

Oct  4 04:13:21 mail postfix/smtpd[3830]: NOQUEUE: reject: RCPT from unknown[184.106.34.8]: 504 5.5.2 <484070-app3>: Helo command rejected: need fully-qualified hostname; from=<acuitivesolutions@acuitivesolutions.com> to=<xxx@xxx.com> proto=ESMTP helo=<484070-app3>

====

Hi Everyboday,

One of the email reject by the helo command because not the fully-qualified hostname.

How to add the ip or hostname whitelist list in the helo_access.pcre ?

Thanks.

Steve

Thanks.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: How to add the ip or hostname whitelist list in the helo_access.pcre ?

steveting wrote:

One of the email reject by the helo command because not the fully-qualified hostname.
How to add the ip or hostname whitelist list in the helo_access.pcre ?

*) Non-FQDN hostname in HELO command is invalid according to RFC document.
*) Are you sure this sender (either IP or sender address) is not a spam?

3

Re: How to add the ip or hostname whitelist list in the helo_access.pcre ?

Hi Zhang,

1) yes. I know that but it is difficult push customer change their setting...
2) I know the IP/hostname or the sender address is not spam.

Thanks your help.

4

Re: How to add the ip or hostname whitelist list in the helo_access.pcre ?

steveting wrote:

1) yes. I know that but it is difficult push customer change their setting…

Did you try it? This is the better way.

steveting wrote:

2) I know the IP/hostname or the sender address is not spam.

Default HELO restriction setting in Postfix is:

smtpd_helo_restrictions=permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, check_helo_access pcre:/etc/postfix/helo_access.pcre

You can try to move "check_helo_access pcre:/etc/postfix/helo_access.pcre" before "reject_non_fqdn_helo_hostname", the final result looks like this:

smtpd_helo_restrictions=permit_mynetworks, permit_sasl_authenticated, check_helo_access pcre:/etc/postfix/helo_access.pcre, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname

Restarting Postfix is required.

Then add HELO access rule to bypass this sender's HELO identity in file /etc/postfix/helo_access.pcre:

/^484070-app3$/ OK

Reference: http://www.postfix.org/access.5.html