Hello, I'm getting the following log msg for a user (u...@example.com),
Mar 26 13:22:19 bigben postfix/ps2/smtpd[32481]: NOQUEUE: reject: RCPT from chrelay.taleo.net[68.233.76.14]: 450 4.1.8 <jpmorgan_ch...@jpmcstaffing.com>: Sender address rejected: Domain not found; from=<jpmorgan_ch...@jpmcstaffing.com> to=<u...@example.com> proto=ESMTP helo=<chrelay11.taleo.net> in my Postfix 3.2 logs. I note that JPMCStaffing.com has no legit A/MX record. dig ANY JPMCStaffing.com ;; ANSWER SECTION: JPMCStaffing.com. 1883 IN SOA ns1.jpmorganchase.com. hostmaster.jpmchase.com. 478475997 10800 1800 1209600 3600 JPMCStaffing.com. 1883 IN TXT "v=spf1 include:taleo.net -all" JPMCStaffing.com. 1883 IN NS ns1.jpmorganchase.com. JPMCStaffing.com. 1883 IN NS ns05.jpmorganchase.com. JPMCStaffing.com. 1883 IN NS ns06.jpmorganchase.com. JPMCStaffing.com. 1883 IN NS ns2.jpmorganchase.com. Since (a) it's a legit email (b) it's a legit sender (c) they're too $&^$& big to be able to get anyone to respond, let alone fix their end (Working on it ...) I just want to whitelist past them. My main.cf has ps2 pass - - n - - smtpd -o syslog_name=postfix/ps2 -o smtpd_relay_restrictions=permit_mynetworks,reject_unauth_destination,permit -o smtpd_proxy_filter=127.0.0.1:10001 -o smtpd_authorized_xforward_hosts=127.0.0.0/8 my master.cf includes smtpd_client_restrictions = permit_mynetworks check_client_access lmdb:/etc/postfix/client_whitelist reject_unknown_reverse_client_hostname reject_unauth_pipelining smtpd_sender_restrictions = permit_mynetworks permit_tls_clientcerts reject_non_fqdn_sender reject_unknown_sender_domain permit and cat /etc/postfix/client_whitelist 68.233.76.0/24 OK 68.233.76.14 OK Iiuc, SMTPD 'MUMBLE' RESTRICTIONS get checked in this order client, helo, sender, relay, recipient, data, or end-of-data So I was hoping that my whitelist would prevent that reject. Clearly, not working like I thought :-( What do I need to configure to get Postfix/Postscreen to PASS this sender? Bill