postfix/mail: server blacklisted -- what have I done wrong?

Tony Arnold tony.arnold at manchester.ac.uk
Fri Mar 24 16:06:43 UTC 2006


Matt,

Matt Price wrote:

> On a very small server running postfix and apache under breezy, I seem
> to have gotten into some kind of trouble.  A mail sent this morning from
> the system was bounced back from gmx.de with the following message:
> 
> host mx0.gmx.net[213.165.64.100] said: 550-5.7.1 {mx016}
>     The IP address of the server you are using to connect to GMX is
> listed in
>     550-5.7.1 the Composite Blocking List (CBL). 550-5.7.1  550-5.7.1For
>     additional information, please visit 550-5.7.1
>     http://cbl.abuseat.org/lookup.cgi?ip=128.100.34.8  and 550 5.7.1 (
>     http://www.gmx.net/serverrules ) (in reply to RCPT TO command)
> 
> -----------------
> so, I followed the link, which ultimately led me to this page about HELO
> misconfiguration:
> http://cbl.abuseat.org/lh.html
> 
> Still wish I knew what "HELO" was about, but at least it helps.
> Turns out that I I had been having some trouble in the last few weeks
> with rejected mail complaining about "localhost.localdomain".  Finally
> fixed it a few days ago by editing /etc/postfix/main.cf 
> ----
> # myhostname = localhost.localdomain
> myhostname = a.legitimate.domain.name
> ----
> 
> so a couple of questions follow for me:
> 
> 1 - is this the likely cause of the problem?  THat is, have I already
> fixed a problem that has only just now arisen?

Yes, I think so. The previosuly malformed HELO has caused you IP address
to be blacklisted and hence mail is rejected eve though you have fixed
the problem. It looks like the address has been cleared from the
blacklist now, so it should all be OK.

> 2 - If localhost.localdomain is ALWAYS a broken value for myaddress, how
> does it come about that this is even a configuration option?  SHould I
> for instance file a bug?

I guess it depends on how picky your mail router is. Not all mail
routers take any notice of the address given in the HELO smtp command,
so some will work and others won't. My view is that putting
'localhost.localdomain' there can never be correct, so something ought
to force it to be changed.

Regards,
Tony.
-- 
Tony Arnold, IT Security Coordinator, University of Manchester,
IT Services Division, Kilburn Building, Oxford Road, Manchester M13 9PL.
T: +44 (0)161 275 6093, F: +44 (0)870 136 1004, M: +44 (0)773 330 0039
E: tony.arnold at manchester.ac.uk, H: http://www.man.ac.uk/Tony.Arnold




More information about the ubuntu-users mailing list