Helo command rejected: Host not found

GuidoD

we are using mailcow-dockerized already now for three years. DKIM, SPF, DMARC all working fine.
But to some destinations (only very few ones) mails cannot be transmitted because their mail servers are checking if the HELO is a valid host. But the HELO that mailcow is using is for whatever reason not the name of our mail server (i.e mail.example.com) but a unique string followed by localdomain, for example helo=5036e8a19602.localdomain and that is of course not a valid server name and the other mailserver is then rejecting it with …said: 450 4.7.1
<5036e8a19602.localdomain>: Helo command rejected: Host not found (in reply to RCPT TO command)

No problems with the big mail providers (google, yahoo, gmx, outlook, …) because they are checking if the sender IP is valid as an authenitcated sender.

Authentication-Results: spf=pass (sender IP is 81.xxx.xxx.xxx)
smtp.mailfrom=example1.com; example2.com; dkim=pass (signature was verified)
header.d=example1.com;example2.com; dmarc=pass action=none
header.from=example1.com;compauth=pass reason=100
Received-SPF: Pass (protection.outlook.com: domain of example1.com
designates 81.xxx.xxx.xxx as permitted sender)
receiver=protection.outlook.com; client-ip=81.xxx.xxx.xxx;
helo=5036e8a19602.localdomain;
Received: from 5036e8a19602.localdomain (81.xxx.xxx.xxx) by
DB5EUR01FT022.mail.protection.outlook.com (10.152.4.244) with Microsoft SMTP
Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.20.3784.11 via Frontend Transport; Fri, 22 Jan 2021 17:18:39 +0000

How can I fix it that the name of our mail server is used in the HELO and not a unique string with localdomain?
In the mailcow.conf the variable MAILCOW_HOSTNAME is set (MAILCOW_HOSTNAME=mail.example1.com)
In data/conf/postfix/main.cf I do see a line:
mydestination = localhost.localdomain, localhost

adding a extra.cf in data/conf/postfix with
mydestination = mail.example1.com, localhost.example1.com, localhost
did not help to solve the problem.
After a restart (docker-compose down, docker-compose up -d) just the unique string has changed:
helo=b3c1c839e19b.localdomain;
Received: from b3c1c839e19b.localdomain

In the logs I do see that a replace is done:
root@xyz:/var/abc/mailcow-dockerized# docker-compose logs |grep b3c1c839e19b.localdomain

postfix-mailcow_1 | Jan 22 20:14:18 b3c1c839e19b postfix/cleanup[392]: 6922B464124: replace: header Received: from bad5accc21aa (mailcowdockerized_sogo-mailcow_1.mailcowdockerized_mailcow-network [172.22.1.248])??(Authenticated sender: guido@example1.com)??by b3c1c839e19b.localdomain (Postcow) wit from mailcowdockerized_sogo-mailcow_1.mailcowdockerized_mailcow-network[172.22.1.248]; from=guido@example1.com to=guido@example2.com proto=ESMTP helo=<bad5accc21aa>: Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPA id 6922B464124??for guido@example2.com; Fri, 22 Jan 2021 20:14:18 +0100 (CET)

karimelc

I don’t know the answer to your question but the unique string above is, at least in my setup the container id for sogo. I can’t say I understand this either.

diekuh

Hi,

09:40:35.278658 IP mx.mailcow.email.53698 > hosted.mailcow.de.smtp: Flags [P.], seq 1:24, ack 24, win 502, options [nop,nop,TS val 3726326184 ecr 1824668924], length 23: SMTP: EHLO mx.mailcow.email

It does not use that local name.

Please check (or checkout) data/conf/postfix against master and also any docker-compose.override.yml or changes to docker-compose.yml.

diekuh

To check:

root@mx:/opt/mailcow-dockerized# docker-compose exec postfix-mailcow postconf | grep -iE 'smtp_helo_name|myhostname'
lmtp_lhlo_name = $myhostname
local_transport = local:$myhostname
milter_macro_daemon_name = $myhostname
==> myhostname = mx.mailcow.email <==
myorigin = $myhostname
==> smtp_helo_name = $myhostname <==
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_proxy_ehlo = $myhostname

karimelc

Thanks @diekuh, all is good on my installation. I checked an email at outlook.com and there helo=mail.myserver.com At first I was looking on my server and there I found: postfix/cleanup etc. helo=<sogocontainerid>.

diekuh

Ahh. 🙂

GuidoD

using your command above I do see that myhostname = 4a9276d2adfa.localdomain
root@xyz:/var/abc/mailcow-dockerized# docker-compose exec postfix-mailcow postconf | grep -iE 'smtp_helo_name|myhostname' lmtp_lhlo_name = $myhostname local_transport = local:$myhostname milter_macro_daemon_name = $myhostname myhostname = 4a9276d2adfa.localdomain myorigin = $myhostname smtp_helo_name = $myhostname smtpd_banner = $myhostname ESMTP $mail_name smtpd_proxy_ehlo = $myhostname
I noticed that until December 12th when I did an update the name had been filled correctly with the mailserver name in the reject messages, since then the reject messages had a localdomain name.

I found the error, there had been some inconsistencies in the docker-compose.yml and not all versions had been on the versions that were in the docker-compose.yml on github.
I corrected this now, did another ./update.sh and now the HELO is correct.
Thanks for pointing me to the right direction.
I do not know when and why the inconsistencies had happened but now everything is fine.