Dec 29, 2023: iRedMail-1.6.8 has been released.

**mikekgr** · 2021-02-26 20:18:08

mikekgr
Member
Offline

Registered: 2020-05-30
Posts: 73

Topic: Rejected emails because of different DNS and Reverse DNS

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version: 1.3.2
- Deployed with iRedMail Easy or the downloadable installer? Downloadable installer
- Linux/BSD distribution name and version: Ubuntu server 20.04.2
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MariaDB
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
====

Dear Sirs, recently I have email receiving emails rejection from some senders that they trying to send email to my server (iRedMail 1.3.2, Ubuntu 20.04.2 MariaDB) possible because the sender have different IP to hostname and hostname to IP resuls (possible Bad DNS registration?). Please help me to permit to allow reception of these type of incoming emails for all or for particular senders? MANY THANKS, the log is following :
===== START of LOG =====
Feb 26 13:10:40 mx postfix/postscreen[2015966]: CONNECT from [85.72.38.140]:49979 to [207.180.246.2]:25
Feb 26 13:10:46 mx postfix/postscreen[2015966]: PASS OLD [85.72.38.140]:49979
Feb 26 13:10:46 mx postfix/smtpd[2015969]: connect from ekka1.static.otenet.gr[85.72.38.140]
Feb 26 13:10:46 mx postfix/smtpd[2015969]: Anonymous TLS connection established from ekka1.static.otenet.gr[85.72.38.140]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
Feb 26 13:11:02 mx postfix/smtpd[2015969]: NOQUEUE: reject: RCPT from ekka1.static.otenet.gr[85.72.38.140]: 450 4.7.1 <mail.ekka.gr>: Helo command rejected: Host not found; from=<vicky.tsiachri@ekka.gr> to=<biofarm@biofarm.gr> proto=ESMTP helo=<mail.ekka.gr>
Feb 26 13:11:02 mx postfix/smtpd[2015969]: disconnect from ekka1.static.otenet.gr[85.72.38.140] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=6/8
===== END of LOG ====

Looking at the DNS and Reverse DNS I got:
Lookup Hostname: mail.ekka.gr
Lookup IPv4 Address: 85.72.38.140

Lookup IP Address: 85.72.38.140
Lookup Hostname: ekka1.static.otenet.gr

P.S. The same sender does not have any problem to get received to gmail accounts

Thanks and Best Regards,
Mike Kranidis

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

**ZhangHuangbin** · 2021-02-27 11:29:24

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 30,788

Re: Rejected emails because of different DNS and Reverse DNS

mikekgr wrote:

Feb 26 13:11:02 mx postfix/smtpd[2015969]: NOQUEUE: reject: RCPT from ekka1.static.otenet.gr[85.72.38.140]: 450 4.7.1 <mail.ekka.gr>: Helo command rejected: Host not found; from=<vicky.tsiachri@ekka.gr> to=<biofarm@biofarm.gr> proto=ESMTP helo=<mail.ekka.gr>

This smtp session was rejected due to sender server's HELO hostname "mail.ekka.gr" is not resolvable by DNS query. It's sender-side error, not your iRedMail server.

You can "fix" it on your side by whitelisting this HELO hostname, by prepending this line in /etc/postfix/helo_access.pcre:

/^mail\.ekka\.gr$/ OK

**mikekgr** · 2021-02-27 14:42:46

mikekgr
Member
Offline

Registered: 2020-05-30
Posts: 73

Re: Rejected emails because of different DNS and Reverse DNS

ZhangHuangbin wrote:

mikekgr wrote:
Feb 26 13:11:02 mx postfix/smtpd[2015969]: NOQUEUE: reject: RCPT from ekka1.static.otenet.gr[85.72.38.140]: 450 4.7.1 <mail.ekka.gr>: Helo command rejected: Host not found; from=<vicky.tsiachri@ekka.gr> to=<biofarm@biofarm.gr> proto=ESMTP helo=<mail.ekka.gr>
This smtp session was rejected due to sender server's HELO hostname "mail.ekka.gr" is not resolvable by DNS query. It's sender-side error, not your iRedMail server.
You can "fix" it on your side by whitelisting this HELO hostname, by prepending this line in /etc/postfix/helo_access.pcre:
/^mail\.ekka\.gr$/ OK

Dear Huangbin, thanks a lot for your answer. The strange thing is that mail.ekka.gr has DNS entry, I mean there is IP associated with the host. If you try to resolve you will get it so it is mystery for me this rejection and the IP ban from fail2ban...

Best Regards,
Mike Kranidis

**Fastidious** · 2021-02-28 00:27:58

Fastidious
Member
Offline

Registered: 2021-02-28
Posts: 40

Re: Rejected emails because of different DNS and Reverse DNS

mikekgr wrote:

Dear Huangbin, thanks a lot for your answer. The strange thing is that mail.ekka.gr has DNS entry, I mean there is IP associated with the host. If you try to resolve you will get it so it is mystery for me this rejection and the IP ban from fail2ban...

That host name has an A record, but it’s PTR do not match:

dreadnought:~ david$ dig +short mail.ekka.gr
85.72.38.140
dreadnought:~ david$ dig +short -x 85.72.38.140
ekka1.static.otenet.gr.

mail.ekka.gr != ekka1.static.otenet.gr

Furthermore, the MX does’t match either:

dreadnought:~ david$ dig mx +short ekka.gr
5 mail2016.ekka.gr.

**mikekgr** · 2021-02-28 01:11:45

mikekgr
Member
Offline

Registered: 2020-05-30
Posts: 73

Re: Rejected emails because of different DNS and Reverse DNS

Dear @Fastidious thanks for your reply, I appreciate it.
Actually, in my first message I clearly mentioned that mail.ekka.gr != ekka1.static.otenet.gr (I keep your notation) and yes obviously they have problems in the DNS declarations.
What I can't understand is why Gmail, that all we know they have strong antispam and senders validations,. In this case, the sender can send email without any problem the emails received well and I am wondering why in my setup (described in my first message) cannot accept.

Best Regards,
Mike Kranidis

Fastidious wrote:

mikekgr wrote:
Dear Huangbin, thanks a lot for your answer. The strange thing is that mail.ekka.gr has DNS entry, I mean there is IP associated with the host. If you try to resolve you will get it so it is mystery for me this rejection and the IP ban from fail2ban...
That host name has an A record, but it’s PTR do not match:
dreadnought:~ david$ dig +short mail.ekka.gr
85.72.38.140
dreadnought:~ david$ dig +short -x 85.72.38.140
ekka1.static.otenet.gr.
mail.ekka.gr != ekka1.static.otenet.gr
Furthermore, the MX does’t match either:
dreadnought:~ david$ dig mx +short ekka.gr
5 mail2016.ekka.gr.

**ZhangHuangbin** · 2021-02-28 14:04:01

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 30,788

Re: Rejected emails because of different DNS and Reverse DNS

Different ISPs have different anti-spam policies, it's normal that email rejected by ISP A but accepted by ISP B.

Dec 29, 2023: iRedMail-1.6.8 has been released.

Rejected emails because of different DNS and Reverse DNS

Posts: 6

1 Topic by mikekgr 2021-02-26 20:18:08 (edited by mikekgr 2021-02-26 20:35:06)

Topic: Rejected emails because of different DNS and Reverse DNS

2 Reply by ZhangHuangbin 2021-02-27 11:29:24

Re: Rejected emails because of different DNS and Reverse DNS

3 Reply by mikekgr 2021-02-27 14:42:46

Re: Rejected emails because of different DNS and Reverse DNS

4 Reply by Fastidious 2021-02-28 00:27:58 (edited by Fastidious 2021-02-28 00:29:28)

Re: Rejected emails because of different DNS and Reverse DNS

5 Reply by mikekgr 2021-02-28 01:11:45

Re: Rejected emails because of different DNS and Reverse DNS

6 Reply by ZhangHuangbin 2021-02-28 14:04:01

Re: Rejected emails because of different DNS and Reverse DNS

Posts: 6