I have a gateway that get "Client host rejected: Access denied" only when a specific server behind this gateway send a mail.
The log NOQUEUE: reject: RCPT from hostname.domain.com[xxx.xxx.xxx.xx]: 554 5.7.1 <hostname.domain.com[xxx.xxx.xxx.xx]>: Client host rejected: Access denied; from=<address@domain.com> to=<otheraddress@domain.com> proto=ESMTP helo=<SRV-SAGE2>
At first I thought about the helo name that is not FQDN compliant, but because I don't have access to thi server I can't change the hostname.
So I setted up an allow list following this https://wiki.zimbra.com/wiki/King0770-N ... ALLOW-HELO
Code: Select all
cat /opt/zimbra/conf/allow_helo
SRV-SAGE2 OK
Code: Select all
zmprov -l gacf zimbraMtaRestriction
zimbraMtaRestriction: reject_invalid_helo_hostname
zimbraMtaRestriction: reject_non_fqdn_sender
zimbraMtaRestriction: check_helo_access lmdb:/opt/zimbra/conf/allow_helo
Code: Select all
postconf | grep ^smtpd_recipient_restrictions
smtpd_recipient_restrictions = check_helo_access lmdb:/opt/zimbra/conf/allow_helo, reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unlisted_recipient, reject_invalid_helo_hostname, reject_non_fqdn_sender, permit
But no luck, I still can't send mail from this server... Any other sender (outlook, thunderbird, windows server) can send trought the gateway..
Does anyone have a clue on what i've missed ?
Regards