1 Topic by tenhi

  • tenhi
  • Member
  • Offline
  • Registered: 2015-10-16
  • Posts: 13

Topic: postfix disconnect, need Help!

- iRedMail version (check /etc/iredmail-release):
Linux mail 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt11-1+deb8u4 (2015-09-19) x86_64 GNU/Linux || Debian Jessie
- Store mail accounts usinf MySQL
- Web server is Nginx
- Manage mail accounts with iRedAdmin-Pro? - no

I have a firewall on Zentyal. All needed ports redirected.
In /var/log/mail.log i see problem:

root@mail:~# tail -f /var/log/mail.log
Oct 16 17:54:30 mail postfix/smtpd[4320]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<jsxvswe@163.com> to=<a17365857@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 16 17:54:30 mail postfix/smtpd[4320]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<jsxvswe@163.com> to=<a0915517158@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 16 17:54:32 mail postfix/smtpd[4320]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<jsxvswe@163.com> to=<a0106@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 16 17:54:33 mail postfix/smtpd[4320]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<jsxvswe@163.com> to=<0gft@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 16 17:54:35 mail postfix/smtpd[4320]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<jsxvswe@163.com> to=<angel20001033@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 16 17:54:36 mail postfix/smtpd[4320]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<jsxvswe@163.com> to=<meilu92@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 16 17:54:38 mail postfix/smtpd[4320]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<jsxvswe@163.com> to=<bhiet@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 16 17:54:39 mail postfix/smtpd[4320]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<jsxvswe@163.com> to=<aajn57@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 16 17:54:41 mail postfix/smtpd[4320]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<jsxvswe@163.com> to=<ciamp10@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 16 17:54:42 mail postfix/smtpd[4320]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<jsxvswe@163.com> to=<rickyhaung2@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 16 17:54:44 mail postfix/smtpd[4320]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<jsxvswe@163.com> to=<0tjd@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 16 17:54:46 mail postfix/smtpd[4320]: too many errors after RCPT from gw.vec36.lan[172.21.0.254]
Oct 16 17:54:46 mail postfix/smtpd[4320]: disconnect from gw.vec36.lan[172.21.0.254]
Oct 16 17:54:47 mail postfix/smtpd[4320]: connect from gw.vec36.lan[172.21.0.254]

gw is my router.
What about this disconnect? Is it important for mail? Maybe i`ll lost some mail?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,790

Re: postfix disconnect, need Help!

Append '172.21.0.254' in Postfix parameter 'mynetworks=' in /etc/postfix/main.cf, restart Postfix service.

3 Reply by tenhi

  • tenhi
  • Member
  • Offline
  • Registered: 2015-10-16
  • Posts: 13

Re: postfix disconnect, need Help!

nothing has changed.

root@mail:~# tail -f /var/log/mail.log
Oct 17 17:40:54 mail amavis[1326]: No decoder for       .jar
Oct 17 17:40:54 mail amavis[1326]: No decoder for       .lha
Oct 17 17:40:54 mail amavis[1326]: No decoder for       .lrz
Oct 17 17:40:54 mail amavis[1326]: No decoder for       .lz4
Oct 17 17:40:54 mail amavis[1326]: No decoder for       .swf
Oct 17 17:40:54 mail amavis[1326]: Using primary internal av scanner code for ClamAV-clamd
Oct 17 17:40:54 mail amavis[1326]: Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan
Oct 17 17:40:54 mail amavis[1326]: Deleting db files __db.002,__db.003,nanny.db,snmp.db,__db.001 in /var/lib/amavis/db
Oct 17 17:40:54 mail amavis[1326]: Creating db in /var/lib/amavis/db/; BerkeleyDB 0.54, libdb 5.3
Oct 17 17:40:55 mail postfix/master[1417]: daemon started -- version 2.11.3, configuration /etc/postfix
Oct 17 17:41:32 mail postfix/smtpd[1537]: connect from gw.vec36.lan[172.21.0.254]
Oct 17 17:41:33 mail postfix/smtpd[1537]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<qyfawzi@163.com> to=<hugo2000@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 17 17:41:34 mail postfix/smtpd[1537]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<qyfawzi@163.com> to=<kejixie@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 17 17:41:34 mail postfix/smtpd[1537]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<qyfawzi@163.com> to=<gtoro3228@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 17 17:41:35 mail postfix/smtpd[1537]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<qyfawzi@163.com> to=<hothwtkjhe@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 17 17:41:35 mail postfix/smtpd[1537]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<qyfawzi@163.com> to=<hsaiki@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 17 17:41:36 mail postfix/smtpd[1537]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<qyfawzi@163.com> to=<j2135492000@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 17 17:41:36 mail postfix/smtpd[1537]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<qyfawzi@163.com> to=<h8571316@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 17 17:41:37 mail postfix/smtpd[1537]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<xgyarlz@163.com> to=<holdpmc@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 17 17:41:38 mail postfix/smtpd[1537]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<xgyarlz@163.com> to=<james-wei6813@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 17 17:41:38 mail postfix/smtpd[1537]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<xgyarlz@163.com> to=<hello4913@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>
Oct 17 17:41:39 mail postfix/smtpd[1537]: too many errors after RCPT from gw.vec36.lan[172.21.0.254]
Oct 17 17:41:39 mail postfix/smtpd[1537]: disconnect from gw.vec36.lan[172.21.0.254]
Oct 17 17:41:40 mail postfix/smtpd[1537]: connect from gw.vec36.lan[172.21.0.254]
mynetworks = 172.21.0.249/32, 127.0.0.0/8

4 Reply by tenhi

  • tenhi
  • Member
  • Offline
  • Registered: 2015-10-16
  • Posts: 13

Re: postfix disconnect, need Help!

sorry. enter wrong ip.
I`ve correct it. But i think it`s wrong causr my host now help spammers to tranfer their mail. Thanks for "GOOD" advice!!

                                         q123041@yahoo.com.tw

C6B532E00D5     8281 Sat Oct 17 17:49:09  aflscilyrh@163.com
(delivery temporarily suspended: lost connection with mx-tw.mail.gm0.yahoodns.net[27.123.206.55] while sending RCPT TO)
                                         otza@yahoo.com.tw

CB7F22E0087     8289 Sat Oct 17 17:48:04  aflscilyrh@163.com
(host mx-tw.mail.gm0.yahoodns.net[27.123.206.55] said: 421 4.7.0 [TS01] Messages from 194.186.97.6 temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html (in reply to MAIL FROM command))
                                         matsul55@yahoo.com.tw

B9BE22E0082     8290 Sat Oct 17 17:48:04  ejmcohy@163.com
(host mx-tw.mail.gm0.yahoodns.net[203.188.197.111] said: 421 4.7.0 [TS01] Messages from 194.186.97.6 temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html (in reply to MAIL FROM command))
                                         ppphilus@yahoo.com.tw

B4D162E0088     8289 Sat Oct 17 17:49:09  aflscilyrh@163.com
(delivery temporarily suspended: lost connection with mx-tw.mail.gm0.yahoodns.net[27.123.206.55] while sending RCPT TO)
                                         oo5318oo@yahoo.com.tw

B1E812E00A5     8291 Sat Oct 17 17:48:19  aflscilyrh@163.com
(delivery temporarily suspended: lost connection with mx-tw.mail.gm0.yahoodns.net[27.123.206.55] while sending RCPT TO)
                                         nkromberg@yahoo.com.tw

B18862E0102     8330 Sat Oct 17 17:49:30  rxczbal@163.com
(delivery temporarily suspended: lost connection with mx-tw.mail.gm0.yahoodns.net[27.123.206.55] while sending RCPT TO)
                                         migo827@yahoo.com.tw

BFEFE2E0126     8328 Sat Oct 17 17:49:46  rxczbal@163.com
(delivery temporarily suspended: lost connection with mx-tw.mail.gm0.yahoodns.net[27.123.206.55] while sending RCPT TO)
                                         q54632@yahoo.com.tw

11A7A2E0109     8330 Sat Oct 17 17:49:35  rxczbal@163.com
(delivery temporarily suspended: lost connection with mx-tw.mail.gm0.yahoodns.net[27.123.206.55] while sending RCPT TO)
                                         nahnsen@yahoo.com.tw

18E152E00E7     8297 Sat Oct 17 17:49:20  aflscilyrh@163.com
(delivery temporarily suspended: lost connection with mx-tw.mail.gm0.yahoodns.net[27.123.206.55] while sending RCPT TO)
                                         rain_feeling@yahoo.com.tw

-- 759 Kbytes in 87 Requests.

5 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,790

Re: postfix disconnect, need Help!

tenhi wrote:

Oct 16 17:54:30 mail postfix/smtpd[4320]: NOQUEUE: reject: RCPT from gw.vec36.lan[172.21.0.254]: 504 5.5.2 <194.186.97.6>: Helo command rejected: need fully-qualified hostname; from=<jsxvswe@163.com> to=<a17365857@yahoo.com.tw> proto=SMTP helo=<194.186.97.6>

HELO "194.186.97.6" is an illegal helo identity, it could be "[194.186.97.6]", or a valid server hostname, but not just IP address without "[]". So please configure your gw to use a proper helo identity.

By the way, it's hard to fight spam if all emails come through this gateway server, because you cannot block it or do other restriction on this IP address...