Julian Matz
asked on
Postfix configuration error (451 4.3.5 Server configuration problem)
Hi! Lately, I've been seeing these errors in my log. Some people have reported that mails are being returned undelivered.
Jan 21 00:02:45 localhost postfix/smtpd[28622]: NOQUEUE: reject: RCPT from mail.sunbeam.co.nz[203.167 .253.34]: 451 4.3.5 Server configuration problem; from=<****@aol.com> to=<****@****.ie> proto=ESMTP helo=<quantum.sunbeam.co.n z>
I know this error is very generic, but I couldn't find anything else in my syslog, and I was hoping a Postfix expert or experts could help troubleshoot.
Any research I've done into this error seems to be pointing towards Postfix Policy Daemon - postfix-policyd-spf-perl - for SPF checking. I followed this guide to implement this and up until now it seems to have been working:
http://www.howtoforge.com/postfix_spf
Thanks in advance for any help. My Postfix main.cf is attached below.
Jan 21 00:02:45 localhost postfix/smtpd[28622]: NOQUEUE: reject: RCPT from mail.sunbeam.co.nz[203.167
I know this error is very generic, but I couldn't find anything else in my syslog, and I was hoping a Postfix expert or experts could help troubleshoot.
Any research I've done into this error seems to be pointing towards Postfix Policy Daemon - postfix-policyd-spf-perl - for SPF checking. I followed this guide to implement this and up until now it seems to have been working:
http://www.howtoforge.com/postfix_spf
Thanks in advance for any help. My Postfix main.cf is attached below.
# see /usr/share/postfix/main.cf.dist for a commented, fuller
# version of this file.
# Do not change these directory settings - they are critical to Postfix
# operation.
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
program_directory = /usr/lib/postfix
home_mailbox = Maildir/
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
setgid_group = postdrop
biff = no
smtpd_helo_required = yes
# appending .domain is the MUA's job.
append_dot_mydomain = no
myhostname = mail.localhost.net
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
recipient_delimiter = +
mydestination = $myhostname
relay_domains = $mydestination
smtpd_client_restrictions =
check_client_access hash:/etc/postfix/access
smtpd_sender_restrictions =
hash:/etc/postfix/access, reject_unknown_sender_domain
smtpd_recipient_restrictions = hash:/etc/postfix/access, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_policy_service unix:private/policy, reject_rbl_client bl.spamcop.net
default_privs = mail
#mailbox_size_limit = 0
message_size_limit = 51200000
mailbox_size_limit = 102400000
smtpd_error_sleep_time = 0
#20060923
header_checks = regexp:/etc/postfix/header_checks
### CONFIXX POSTFIX ENTRY ###
virtual_maps = hash:/etc/postfix/confixx_virtualUsers, hash:/etc/postfix/confixx_localDomains
### /CONFIXX POSTFIX ENTRY ###
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
virtual_alias_maps = hash:/etc/postfix/confixx_virtualUsers, hash:/etc/postfix/confixx_localDomains
inet_protocols = ipv4
#smtpd_sasl_path = /etc/postfix/sasl
ASKER
Well, I'm also getting these errors from known service providers like AOL:
postfix/smtpd[10867]: NOQUEUE: reject: RCPT from imo-m25.mx.aol.com[64.12.1 37.6]: 451 4.3.5 Server configuration problem; from=<****@aol.com> to=<***@***.ie> proto=ESMTP helo=<imo-m25.mail.aol.com >
Earlier I removed "check_policy_service unix:private/policy" from smtpd_recipient_restrictio ns in my main.cf and commented out the appropriate lines in my master.cf and the errors are no longer appearing in my logs. So I'm guessing it has something to do with Perl or SPF - postfix-policyd-spf-perl or one of the Perl modules it depends on like Mail::SPF and NetAddr::IP.
I had to do something to fix this so this is just a workaround but would still love to figure this out.
postfix/smtpd[10867]: NOQUEUE: reject: RCPT from imo-m25.mx.aol.com[64.12.1
Earlier I removed "check_policy_service unix:private/policy" from smtpd_recipient_restrictio
I had to do something to fix this so this is just a workaround but would still love to figure this out.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I think this error started after I tried to upgrade some Perl modules via the CPAN shell.
I'll give this another shot when I have some more time. In the meantime though, Spamassassin still checks SPF records so at least that's something.
Thanks for your help.
I'll give this another shot when I have some more time. In the meantime though, Spamassassin still checks SPF records so at least that's something.
Thanks for your help.
I telnet to the IP address to get the HELO name,
Then try to lookup the HELO name in the DNS.
Server configuration problem is the DNS server at remote end.
Open in new window