postfix/mail: server blacklisted -- what have I done wrong?

[Robert Slade]

On Fri, 2006-03-24 at 11:03 -0500, Matt Price wrote: 
> On Fri, 2006-03-24 at 16:37 +0100, Lea Gris wrote:
> > Matt Price a écrit :
> > > Hi folks,
> > > 
> > > On a very small server running postfix and apache under breezy, I seem
> > > to have gotten into some kind of trouble.  A mail sent this morning from
> > > the system was bounced back from gmx.de with the following message:
> > > 
> > > host mx0.gmx.net[213.165.64.100] said: 550-5.7.1 {mx016}
> > >     The IP address of the server you are using to connect to GMX is
> > > listed in
> > >     550-5.7.1 the Composite Blocking List (CBL). 550-5.7.1  550-5.7.1For
> > >     additional information, please visit 550-5.7.1
> > >     http://cbl.abuseat.org/lookup.cgi?ip=128.100.34.8  and 550 5.7.1 (
> > >     http://www.gmx.net/serverrules ) (in reply to RCPT TO command)
> > > 
> > > -----------------
> > > so, I followed the link, which ultimately led me to this page about HELO
> > > misconfiguration:
> > > http://cbl.abuseat.org/lh.html
> > > 
> > > Still wish I knew what "HELO" was about, but at least it helps.
> > > Turns out that I I had been having some trouble in the last few weeks
> > > with rejected mail complaining about "localhost.localdomain".  Finally
> > > fixed it a few days ago by editing /etc/postfix/main.cf 
> > > ----
> > > # myhostname = localhost.localdomain
> > > myhostname = a.legitimate.domain.name
> > > ----
> > > 
> > > so a couple of questions follow for me:
> > > 
> > > 1 - is this the likely cause of the problem?  THat is, have I already
> > > fixed a problem that has only just now arisen?
> > > 2 - If localhost.localdomain is ALWAYS a broken value for myaddress, how
> > > does it come about that this is even a configuration option?  SHould I
> > > for instance file a bug?
> > 
> > not a bug.
> > 
> > Either you have a dynamic IP address or an address listed as such in the
> > related RBLs.
> > 
> > Either the distination MX check for proper FQDN which can not be with
> > dynamic IP address from internet providers that may not have proper
> > reverse DNS either.
> > 
> > The right thing to do is configure a Postfix RelayHost to your Internet
> > Provider smtp relay such as smtp.myprovider.tld
> > 
> > sudo dpkg-reconfigure postfix and choose satellite system and provide
> > the smtp relay name.
> > 
> > or
> > 
> > edit
> > /etc/postfix/main.cf
> > relayhost = smtp.whateveryourispmailrelayis.tld
> > 
> 
> in my case there is no relay, so I use an address which has been
> assigned to this machine (which is directly visible on the internet --
> an unusual situation I know).  I'm hoping this is the right solution.  
> 
> What I still don't understand is, under what circumstances is
> localhost.localdomain actually a permissible setting?
> 
> matt
> > 
> > -- 
> > Léa Gris

Matt,


Running a mail server is not an easy job. Unless you are conversant with
what responsibilities you are taking on then you shouldn't do it. In
particular there is the issue of spammers using it to send out their
payloads, worms, fraud attempts etc

Let me try and answer the questions you posed and some you should have
asked.

A HELO is what a mail server uses to identify itself if you look at the
header of a mail you sent to this list you will see:

pc08.hist.utoronto.ca ([128.100.34.8] helo=www.racesci.org)

sent the mail now there is a couple of things still wrong with this:

1. www says that there should be a web server at 128.100.34.8, but the
dns entry for that IP is pc08.hist.utoronto.ca which I guess is the name
allocated to your machine by your ISP. You should get the reverse DNS to
point to the same name. Some ISPs will not accept mail from mail servers
whoes DNS entries don't match. 

2. The mail records for racesci.org say your mail should be handled by
racesci.org not www.raceci.org which indicates a misconfiguration - you
could use www.racesci.org.

3. Are you sure that your server is secure? That is not an open relay so
it will send on mail from any address? 

4. Lea suggested that you use a relay to send your mail. This is your
ISPs mail server are you sure they do not run one?

5. the localhost.localdomain is a default setting it means that you have
not set the name & domain on  your ubuntu box and when postfix was
configured it looked up the name and domain etc it got localhost etc.

6. One further though have you set your firewall correctly? the
questions you are asking are so naive that they makes me think that the
setup of your machine is not as it should be.

I suggest that you really need to do some reading up on mail servers
etc, they can get you thrown off the Internet by your ISP.

Sorry to sound so negative but your mail worried me.

Rob