My primary outbound relay cluster connects through a load balancer NAT so when it gives "helo host1.services.domain.tld" it actually reverses to the hostname assigned to the load balancer (relay.domain.tld). there are multiple nodes that all lookup with the single NAT IP when connecting outbound.
RobertC (Sorry for top-posting, I can't find any options in Outlook Web to change the reply thread settings!) ________________________________ From: owner-postfix-us...@postfix.org <owner-postfix-us...@postfix.org> on behalf of Viktor Dukhovni <postfix-us...@dukhovni.org> Sent: Wednesday, February 10, 2021 18:39 To: postfix-users@postfix.org Subject: Re: client and ehlo hostname mismatch > On Feb 10, 2021, at 9:38 PM, Eugene Podshivalov <yauge...@gmail.com> wrote: > > Are there any wise cases for a legitimate client to provide a valid ehlo > hostname (which maps to some address) but that address will differ from > the address it connects from? I don't know about "wise", but this is not uncommon. As an example of a less blatant mismatch, today I received a legitimate newsletter from Cornell: Received: from mm.list.cornell.edu (vs-01.mm.list.cornell.edu [128.253.150.167]) The EHLO name resolves to the same IP as the connecting client, but the PTR is a variant of that name. Here the sort of mismatch you're asking about: Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2072c.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe5a::72c]) The EHLO name (presently) resolves to: $ getent hosts NAM12-MW2-obe.outbound.protection.outlook.com 2a01:111:f400:fe5a::200 NAM12-MW2-obe.outbound.protection.outlook.com $ getent hosts mail-mw2nam12on2072c.outbound.protection.outlook.com 2a01:111:f400:fe5a::72c mail-mw2nam12on2072c.outbound.protection.outlook.com $ getent hosts 2a01:111:f400:fe5a::72c 2a01:111:f400:fe5a::72c mail-mw2nam12on2072c.outbound.protection.outlook.com -- Viktor.