Client host rejected server configuration error

Добрый день.
Делал почтовый сервер по этому гайду Вроде все запустилось.
Захожу в squirrelmai, отправляю письмо и мне пишут

ОШИБКА:
Сообщение не было отправлено. Ответ сервера:
Запрос прерван: ошибка при выполнении
451 4.3.5 <localhost[127.0.0.1]>: Client host rejected: Server configuration errorКогда пробую через телнет, то:

telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 syakov.com ESMTP Postfix (Ubuntu)
EHLO testing
250- <имя домена>
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
MAIL FROM <адрес почты>
501 5.5.4 Syntax: MAIL FROM:<address>
MAIL FROM: <адрес почты>
250 2.1.0 Ok
RCPT TO: <адрес почты>
451 4.3.5 <localhost[127.0.0.1]>: Client host rejected: Server configuration error
421 4.4.2 <имя домена> Error: timeout exceeded
/var/log/mail.log

Sep 14 12:28:01 <домен> dovecot: auth-worker: mysql(localhost): Connected to database dbispconfig
Sep 14 12:28:01 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7178, secured
Sep 14 12:28:01 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=117/1401
Sep 14 12:28:01 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7180, secured
Sep 14 12:28:01 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687
Sep 14 12:28:31 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7187, secured
Sep 14 12:28:31 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687
Sep 14 12:28:46 <домен> postfix/smtpd[7189]: connect from localhost[127.0.0.1]
Sep 14 12:29:01 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7196, secured
Sep 14 12:29:01 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687
Sep 14 12:29:20 <домен> postfix/trivial-rewrite[7198]: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
Sep 14 12:29:20 <домен> postfix/trivial-rewrite[7198]: warning: mysql:/etc/postfix/mysql-virtual_relaydomains.cf: table lookup problem
Sep 14 12:29:20 <домен> postfix/trivial-rewrite[7198]: warning: relay_domains lookup failure
Sep 14 12:29:32 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7202, secured
Sep 14 12:29:32 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687
Sep 14 12:29:34 <домен> postfix/smtpd[7189]: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
Sep 14 12:29:34 <домен> postfix/smtpd[7189]: warning: mysql:/etc/postfix/mysql-virtual_client.cf: table lookup problem
Sep 14 12:29:34 <домен> postfix/smtpd[7189]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 451 4.3.5 <localhost[127.0.0.1]>: Client host rejected: Server configuration error; from=<адрес почты> to=<адрес почты> proto=SMTP helo=<test>
Sep 14 12:30:01 <домен> dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Sep 14 12:30:01 <домен> postfix/smtpd[7229]: lost connection after CONNECT from localhost[127.0.0.1]
Sep 14 12:30:01 <домен> postfix/smtpd[7229]: disconnect from localhost[127.0.0.1]
Sep 14 12:30:02 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7252, secured
Sep 14 12:30:02 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687
Sep 14 12:30:05 <домен> postfix/trivial-rewrite[7198]: warning: do not list domain example.com in BOTH mydestination and virtual_mailbox_domains
Sep 14 12:30:05 <домен> postfix/smtpd[7189]: warning: mysql:/etc/postfix/mysql-virtual_client.cf: table lookup problem
Sep 14 12:30:05 <домен> postfix/smtpd[7189]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 451 4.3.5 <localhost[127.0.0.1]>: Client host rejected: Server configuration error; from=<адрес почты> to=<admin@example.com> proto=SMTP helo=<test>
Sep 14 12:30:25 <домен> postfix/smtpd[7229]: connect from localhost[127.0.0.1]
Sep 14 12:30:25 <домен> postfix/trivial-rewrite[7198]: warning: do not list domain example.com in BOTH mydestination and virtual_mailbox_domains
Sep 14 12:30:25 <домен> postfix/trivial-rewrite[7198]: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
Sep 14 12:30:25 <домен> postfix/trivial-rewrite[7198]: warning: mysql:/etc/postfix/mysql-virtual_relaydomains.cf: table lookup problem
Sep 14 12:30:25 <домен> postfix/trivial-rewrite[7198]: warning: relay_domains lookup failure
Sep 14 12:30:25 <домен> postfix/smtpd[7229]: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
Sep 14 12:30:25 <домен> postfix/smtpd[7229]: warning: mysql:/etc/postfix/mysql-virtual_client.cf: table lookup problem
Sep 14 12:30:25 <домен> postfix/smtpd[7229]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 451 4.3.5 <localhost[127.0.0.1]>: Client host rejected: Server configuration error; from=<admin@example.com> to=<адрес почты> proto=ESMTP helo=<example.com>
Sep 14 12:30:25 <домен> postfix/smtpd[7229]: lost connection after RCPT from localhost[127.0.0.1]
Sep 14 12:30:25 <домен> postfix/smtpd[7229]: disconnect from localhost[127.0.0.1]
Sep 14 12:30:32 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7255, secured
Sep 14 12:30:32 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687
Sep 14 12:30:46 <домен> postfix/smtpd[7189]: disconnect from localhost[127.0.0.1]
Sep 14 12:31:02 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7262, secured
Sep 14 12:31:02 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687
Sep 14 12:31:32 <домен> dovecot: imap-login: Login: user=<admin@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=7285, secured
Sep 14 12:31:32 <домен> dovecot: imap(admin@example.com): Disconnected: Logged out bytes=79/687В чем проблема никак понять не могу…

Hello everyone, I have issues to receive external emails to my zimbra emails accounts. in the example I sent an email from Hotmail (Outlook), gmail, etc to my zimbra domain imagenti.mx, but it was reject, this happens with all external emails.
Is important to say, I can send emails to external domains but can not receive; and I can Send and receive from internal emails accounts :

Message ID ‘[reject:NOQUEUE:www]’

dream-theater_beny@hotmail.com

—>

francisco.martinez@imagenti.mx

Recipient

francisco.martinez@imagenti.mx

Aug 26 10:50:17 — mail-oln040092010063.outbound.protection.outlook.com (40.92.10.63) status reject
451 4.3.5 <mail-oln040092010063.outbound.protection.outlook.com[40.92.10.63]>: Client host rejected: Server configuration error

Message ID ‘[reject:NOQUEUE:www]’

sermita193@gmail.com

—>

info@imagenti.mx

Recipient

info@imagenti.mx

Aug 26 11:07:32 — mail-ot1-f45.google.com (209.85.210.45) status reject
451 4.3.5 <mail-ot1-f45.google.com[209.85.210.45]>: Client host rejected: Server configuration error

I updated to last 8.8.15 Zimbra version and its Open Source.

su zimbra:
895 190603 10:31:10 zmamavisdctl restart
896 190603 10:33:59 vi /opt/zimbra/conf/amavisd.conf.in
897 190603 10:37:33 zmamavisdctl restart
900 190618 16:35:41 zmproxyctl restart
902 190703 10:18:11 zmprov mcf +zimbraMtaRestriction ‘check_client_access lmdb:/opt/zimbra/conf/postfix_blacklist’
903 190708 12:16:32 zmprov mcf +zimbraMtaRestriction “reject_rbl_client b.barracuracentral.org”
907 190801 11:20:42 zmprov ms ‘www.correocorp.mx’ +zimbraMtaSmtpdSenderRestrictions «check_sender_access lmdb:/opt/zimbra/common/conf/postfix_reject_sender»
908 190801 11:21:14 /opt/zimbra/common/sbin/postmap
909 190801 11:22:01 /opt/zimbra/common/conf/postfix_reject_sender
911 190801 12:01:33 zmprov md

http://www.correocorp.mx

+amavisBlacklistSender

palomnd@gmail.com

912 190801 12:02:06 zmprov md

http://www.correocorp.mx

+amavisBlacklistSender

dreamtheaterbeny@gmail.com

913 190802 18:36:07 zmprov ms ‘www.correocorp.mx’ +zimbraMtaSmtpdSenderRestrictions «check_sender_access lmdb:/opt/zimbra/common/conf/postfix_reject_sender»
914 190802 18:36:29 /opt/zimbra/common/sbin/postmap /opt/zimbra/common/conf/postfix_reject_sender
915 190802 18:36:42 zmmtactl restart
916 190802 18:40:22 nano /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf
932 190812 10:18:36 zmlocalconfig antispam_enable_rule_updates
933 190812 10:18:55 zmlocalconfig -e antispam_enable_rule_updates=true
934 190812 10:19:13 zmlocalconfig -e antispam_enable_restarts=true
935 190812 10:19:35 zmamavisdctl restart
936 190812 10:20:34 zmmtactl restart
946 190812 10:28:12 pyzor
948 190812 11:39:34 pyzor —homedir /opt/zimbra/data/amavisd/.pyzor discover
950 190812 11:42:21 razor-admin -home=/opt/zimbra/data/amavisd/.razor -create
951 190812 11:42:50 razor-admin -home=/opt/zimbra/data/amavisd/.razor -discover
952 190812 11:47:21 razor-admin -home=/opt/zimbra/data/amavisd/.razor -register -user

postmaster@www.correocorp.mx

954 190812 11:49:43 zmamavisdctl restart
955 190812 11:50:25 zmmtactl restart
966 190823 14:16:39 zmprov mcf +zimbraMtaRestriction ‘check_client_access lmdb:/opt/zimbra/conf/postfix_rbl_override’
967 190823 16:59:34 zmlocalconfig antispam_false_rule_update
968 190823 17:00:00 zmlocalconfig antispam_disable_rule_update
969 190823 17:01:05 zmlocalconfig -e antispam_enable_rule_updates=false
970 190823 17:01:18 zmlocalconfig -e antispam_enable_restarts=false
971 190823 17:01:24 reboot
973 190823 17:36:47 zmprov ms `www.correocorp.mx` -zimbraServiceEnabled amavis
974 190823 17:37:08 zmprov ms

http://www.correocorp.mx

-zimbraServiceEnabled amavis
975 190823 17:37:30 zmcontrol restart
976 190823 17:54:08 cd
977 190823 17:54:13 exit
978 190823 19:21:46 postconf mynetworks
979 190823 19:22:23 zmprov gs

http://www.correocorp.mx

zimbraMtaMyNetworks
980 190823 19:25:12 zmprov ms

http://www.correocorp.mx

zimbraMtaMyNetworks ‘127.0.0.0/8 216.245.210.0/24’
981 190823 19:25:52 exit
982 190823 19:31:30 zmantispamctl restart
983 190823 19:31:51 zmamavisdctl restart
984 190823 19:33:12 zmcontrol restart
985 190823 19:49:39 nano /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf
986 190823 19:50:48 reboot
987 190823 19:50:53 exit
988 190826 09:38:09 zmlocalconfig -e postfix_lmtp_host_lookup=native
989 190826 09:38:20 zmmtactl restart
990 190826 09:41:40 nano /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf
991 190826 09:43:54 nano /opt/zimbra/conf/postfix_rbl_override
992 190826 09:53:21 cd
993 190826 09:53:23 exit
994 190826 10:46:49 zmcontrol restart

So I’m running mail on my VPS, using Postfix + Dovecot. I am able to send, but not all mail comes in.

Note: DOMAIN = my domain, but I blocked it for security reasons.

The case: I want to use my mail on Twitter, but the verification email never arrived. I checked the log and I found the following:

Aug 20 22:20:51 DOMAIN postfix/smtpd[32679]: warning: unknown smtpd restriction: "ACCEPT"
Aug 20 22:20:51 DOMAIN postfix/smtpd[32679]: NOQUEUE: reject: RCPT from spring-chicken-ae.twitter.com[199.16.156.144]: 451 4.3.5 Server configuration error; from=<b0398d9890aadmin=DOMAIN.nl@bounce.twitter.com> to=<admin@DOMAIN.nl> proto=ESMTP helo=<spring-chicken-ae.twitter.com>
Aug 20 22:20:56 DOMAIN postfix/cleanup[32684]: DE1291BFC5E: message-id=<20170820202056.DE1291BFC5E@DOMAIN.nl>
Aug 20 22:20:56 DOMAIN postfix/qmgr[27377]: DE1291BFC5E: from=<double-bounce@DOMAIN.nl>, size=1344, nrcpt=1 (queue active)
Aug 20 22:20:56 DOMAIN postfix/smtpd[32679]: disconnect from spring-chicken-ae.twitter.com[199.16.156.144] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6
Aug 20 22:20:56 DOMAIN postfix/virtual[32685]: DE1291BFC5E: to=<postmaster@DOMAIN.nl>, orig_to=<postmaster>, relay=virtual, delay=0.02, delays=0.01/0/0/0, dsn=2.0.0, status=sent (delivered to maildir)
Aug 20 22:20:56 DOMAIN postfix/qmgr[27377]: DE1291BFC5E: removed

My main.cf is as follows:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

home_mailbox = Maildir/
virtual_mailbox_domains = /etc/postfix/vhosts
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = hash:/etc/postfix/vmaps
virtual_minimum_uid = 1000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000

milter_protocol = 2
milter_default_action = accept
smtpd_milters = inet:localhost:12301
non_smtpd_milters = inet:localhost:12301

smtp_tls_security_level = encrypt

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
#smtpd_sasl_security_options = noanonymous
#smtpd_sasl_local_domain = $myhostname
#smtpd_sasl_application_name = smtpd
#broken_sasl_auth_clients = yes
#smtpd_tls_received_header = yes

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = DOMAIN.nl
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, mail.DOMAIN.nl, localhost.nl, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
local_transport = virtual
local_recipient_maps = $virtual_mailbox_maps
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,check_recipient_access hash:/etc/postfix/filtered_domains
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth-client

The question: What causes this error?

Собсвтенно имеется Posftix + Dovecot + Postgrey
Проверяю почту через telnet

Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 carcam.ru ESMTP
helo darling
250 carcam.ru
mail from: gh@web-site.ru
250 2.1.0 Ok
rcpt to: it2@web-site.ru
451 4.3.5 Server configuration problem

В логах

NOQUEUE: reject: RCPT from localhost.localdomain[127.0.0.1]: 451 4.3.5 Server configuration problem; from=<gh@web-site.ru> to=<it2@web-site.ru> proto=SMTP helo=<darling>

и c варнингом

Oct  4 11:56:52 web-site postfix/trivial-rewrite[13612]: warning: do not list domain web-site.ru in BOTH mydestination and virtual_alias_domains
Oct  4 11:57:11 web-site postfix/smtpd[13604]: warning: connect to 127.0.0.1:10023: Connection refused
Oct  4 11:57:11 web-site postfix/smtpd[13604]: warning: problem talking to server 127.0.0.1:10023: Connection refused

Конфиги такие
postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = no
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debug_peer_list = 127.0.0.1
default_privs = nobody
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
mail_owner = postfix
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/local/man
message_size_limit = 71200000
mydestination = $myhostname,localhost.$myhostname,localhost
mydomain = localdomain
myhostname = web-site.ru
mynetworks = 123.45.67.89/32
myorigin = web-site.ru
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = inet:127.0.0.1:8891
queue_directory = /var/spool/postfix
relay_domains =
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_generic_maps = hash:/etc/mail/generic
smtp_tls_CAfile = etc/postfix/postfix.pem
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions = permit_sasl_authenticated, check_client_access hash:/etc/mail/access
smtpd_milters = inet:127.0.0.1:8891
smtpd_recipient_restrictions = permit_sasl_authenticated, check_sender_access hash:/etc/mail/access, check_client_access hash:/etc/mail/access, check_recipient_access hash:/etc/mail/access, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_unverified_recipient, reject_unknown_client, check_policy_service inet:127.0.0.1:10023
smtpd_reject_unlisted_sender = yes
smtpd_sender_restrictions = permit_sasl_authenticated, check_sender_access hash:/etc/mail/access
smtpd_tls_CAfile = etc/postfix/postfix.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = etc/postfix/postfix.pem
smtpd_tls_key_file = etc/postfix/postfix.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_use_tls = yes
soft_bounce = no
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_domains = /etc/mail/local-host-names
virtual_alias_maps = hash:/etc/mail/virtusertable

Возникла следующая проблема: postfix не принимает почту. В логах отправляющего сервера

postfix/smtp[56770]: 229F226D344: to=<user@domain>, relay=mail.domain[ip]:25, delay=18, delays=0.18/0.01/0.12/17, dsn=4.3.5, status=deferred (host domain[ip] said: 451 4.3.5 Server configuration problem (in reply to RCPT TO command))

Конфиг принимающего сервера
main.cf

queue_directory = /var/spool/postfix
command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix
mail_owner = postfix
default_privs = nobody
myhostname = host.domain
mydomain = domain
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain
unknown_local_recipient_reject_code = 550
mynetworks_style = host
mynetworks = 192.168.0.0/24, 127.0.0.0/8, 192.168.1.0/24
transport_maps = mysql:/usr/local/etc/postfix/sql/transport.cf
virtual_mailbox_base = /var/mail/virtual
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/sql/users.cf
virtual_alias_maps = mysql:/usr/local/etc/postfix/sql/aliases.cf
virtual_uid_maps = mysql:/usr/local/etc/postfix/sql/uids.cf
virtual_gid_maps = mysql:/usr/local/etc/postfix/sql/gids.cf
proxy_read_maps = $virtual_alias_maps $virtual_uid_maps $virtual_gid_maps  $virtual_mailbox_maps  $transport_maps $relay_recipient_maps
virtual_mailbox_limit = 2048000000
message_size_limit = 20480000
local_recipient_maps = $virtual_mailbox_maps
relay_domains = $transport_maps
disable_dns_lookups = no
smtp_always_send_ehlo = yes
smtpd_sasl_auth_enable = no
smtp_sasl_security_options = noanonymous
enable_sasl_authentication = no
smtpd_client_restrictions = permit_mynetworks,
        reject_unknown_client_hostname,
        regexp:/usr/local/etc/postfix/dsl_stoplist.txt,
        check_client_access cidr:/usr/local/etc/postfix/chinese-spammer-networks,
        check_client_access mysql:/usr/local/etc/postfix/sql/helo_access.cf
maps_rbl_reject_code = 550
smtpd_recipient_restrictions = check_recipient_access mysql:/usr/local/etc/postfix/sql/access.cf,
        reject_invalid_hostname,
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        reject_unauth_pipelining,
        permit_mynetworks,
        reject_unknown_client_hostname,
        reject_unauth_destination,
        check_client_access mysql:/usr/local/etc/postfix/sql/client_access.cf,
        reject_rbl_client bl.spamcop.net,
        reject_rbl_client spamsrc.rbl.ukr.net,
        reject_rbl_client dyna.rbl.ukr.net,
        reject_rbl_client dnsbl.njabl.org,
        reject_rbl_client list.dsbl.org,
        reject_rbl_client sbl.spamhaus.org,
        reject_rbl_client dul.ru,
        reject_rbl_client cbl.abuseat.org,
        reject_rbl_client dsn.rfc-ignorant.org,
        reject_rbl_client dialups.mail-abuse.org,
        reject_rbl_client blackholes.mail-abuse.org,
        reject_rbl_client combined.njabl.org,
        reject_rbl_client dynablock.njabl.org,
        reject_rbl_client dul.dnsbl.sorbs.net,
        permit
disable_vrfy_command = yes
strict_mime_encoding_domain = yes
strict_rfc821_envelopes = yes
smtpd_helo_required = yes
smtpd_helo_restrictions =
        permit_mynetworks,
        reject_unknown_client_hostname,
        reject_invalid_hostname,
        reject_non_fqdn_hostname,
        reject_unknown_helo_hostname,
        regexp:/usr/local/etc/postfix/dsl_stoplist.txt,
        check_helo_access mysql:/usr/local/etc/postfix/sql/helo_access.cf
smtpd_sender_restrictions = reject_unknown_sender_domain, check_sender_access mysql:/usr/local/etc/postfix/sql/sender_access.cf,  reject_unverified_sender, permit_mynetworks
address_verify_map = btree:/var/mail/verify
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtp_use_tls = no
smtpd_use_tls = no
smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /usr/local/etc/postfix/ssl/post.pem
smtpd_tls_cert_file = $smtpd_tls_key_file
smtpd_tls_CAfile = $smtpd_tls_key_file
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
hopcount_limit = 20
disable_vrfy_command = yes
in_flow_delay = 1s
mail_spool_directory = /var/spool/postfix
header_checks = regexp:/usr/local/etc/postfix/header_checks
header_checks = pcre:/usr/local/etc/postfix/header_checks
smtpd_banner = $myhostname ESMTP service ready
debug_peer_level = 3
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/local/sbin/sendmail
newaliases_path = /usr/local/bin/newaliases
mailq_path = /usr/local/bin/mailq
setgid_group = maildrop
manpage_directory = /usr/local/man
sample_directory = /usr/local/etc/postfix
readme_directory = no
html_directory = no
notify_classes =
bounce_notice_recipient = badmail@domain
smtpd_data_restrictions = reject_unauth_pipelining
relay_recipient_maps = mysql:/usr/local/etc/postfix/sql/relay_user_maps.cf
sender_access_cf = check_sender_access mysql:/usr/local/etc/postfix/sql/sender_access.cf,reject_unknown_sender_domain,reject_unverified_sender,reject
sender_bcc_maps = mysql:/usr/local/etc/postfix/sql/sender_bcc_maps.cf

master.cf

192.168.0.1:25      inet  n       -       n       -       -       smtpd  -o content_filter=smtp-clamsmtp:[localhost]:10026
<ip>:25           inet  n       -       n       -       -        smtpd  -o content_filter=smtp-clamsmtp:[localhost]:10026
pickup    fifo  n       -       n       60      1       pickup
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       2       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}

old-cyrus unix  -       n       n       -       -       pipe
  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
cyrus     unix  -       n       n       -       -       pipe
  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
discard   unix  -       -       n       -       -       discard
smtp-amavis unix -  - n - 2  smtp
  -o smtp_data_done_timeout=1200
  -o smtp_send_xforward_command=yes
  -o disable_dns_lookups=yes
  -o max_use=20
smtp-clamsmtp unix -  - n - 2  smtp
  -o smtp_data_done_timeout=1200
  -o smtp_send_xforward_command=yes
  -o disable_dns_lookups=yes
  -o max_use=20
127.0.0.1:10025 inet n  - n - -  smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=reject_unauth_pipelining
    -o smtpd_end_of_data_restrictions=
    -o mynetworks=127.0.0.0/8
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
                -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
192.168.0.1:10025 inet n  - n - -  smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=reject_unauth_pipelining
    -o smtpd_end_of_data_restrictions=
    -o mynetworks=192.168.1.1,127.0.0.1,192.168.0.1
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
                -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
127.0.0.1:25 inet n  - n - -  smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=reject_unauth_pipelining
    -o smtpd_end_of_data_restrictions=
    -o mynetworks=192.168.1.1,127.0.0.1,192.168.0.1
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
                -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
tlsmgr    unix  -       -       n       1000?   1       tlsmgr

/usr/local/etc/clamsmtpd.conf

OutAddress: 10025
Listen: 127.0.0.1:10026
Bounce: off
User: clamav

Здравствуйте. Прошу помощи в решении проблемы.

Шлюз, AD Win2008, Exchange 2010 — отдельные машины. Интернет — белый IP с постоянным подключением к интернет. Все необходимые зоны DNS (A, MX, SPF, PTR) прописаны, как на локальном DNS  так и на DNS провайдера. Через nslookup и сторонние тесты (например
http://www.intodns.com) это подтверждается.

Сервер обслуживает 4 внешних домена. Локальный домен firma.local.
Внешние домены firma1.com, firma2.com, firma3.com,firma4.com.  Все домены указывают на одну MX запись mail.firma1.com, у всех доменов одинаковая PTR (IP.in-addr.arpa ->  mail.firma1.com)

Проблема в том, что при отправке письма на некоторые сервера приходит ошибка «450 4.7.1 Client host rejected: cannot find your hostname [мой_внешний_IP]». Поиск по инету говорит о непрописанной PTR, но это не подходит т.к. с PTR всё в порядке. Проблем с
крупными (mail.ru, gmail.com и т.д.) почтовыми серверами нет.

Кусок SmtpSend лога

2010-06-01T23:50:45.378Z,Соединитель отправки всей почты,08CCCF378C49048A,0,,195.82.145.229:25,*,,attempting to connect
2010-06-01T23:50:45.496Z,Соединитель отправки всей почты,08CCCF378C49048A,1,10.0.1.4:20787,195.82.145.229:25,+,,
2010-06-01T23:50:45.614Z,Соединитель отправки всей почты,08CCCF378C49048A,2,10.0.1.4:20787,195.82.145.229:25,<,220 ******************************,
2010-06-01T23:50:45.614Z,Соединитель отправки всей почты,08CCCF378C49048A,3,10.0.1.4:20787,195.82.145.229:25,>,EHLO mail.firma1.com,
2010-06-01T23:50:45.732Z,Соединитель отправки всей почты,08CCCF378C49048A,4,10.0.1.4:20787,195.82.145.229:25,<,250-novosibirsk-km57.neta.ru,
2010-06-01T23:50:45.732Z,Соединитель отправки всей почты,08CCCF378C49048A,5,10.0.1.4:20787,195.82.145.229:25,<,250-PIPELINING,
2010-06-01T23:50:45.732Z,Соединитель отправки всей почты,08CCCF378C49048A,6,10.0.1.4:20787,195.82.145.229:25,<,250-SIZE 11534336,
2010-06-01T23:50:45.732Z,Соединитель отправки всей почты,08CCCF378C49048A,7,10.0.1.4:20787,195.82.145.229:25,<,250-ETRN,
2010-06-01T23:50:45.732Z,Соединитель отправки всей почты,08CCCF378C49048A,8,10.0.1.4:20787,195.82.145.229:25,<,250 8BITMIME,
2010-06-01T23:50:45.733Z,Соединитель отправки всей почты,08CCCF378C49048A,9,10.0.1.4:20787,195.82.145.229:25,*,2433,sending message
2010-06-01T23:50:45.733Z,Соединитель отправки всей почты,08CCCF378C49048A,10,10.0.1.4:20787,195.82.145.229:25,>,MAIL FROM:<test@firma1.com> SIZE=4446,
2010-06-01T23:50:45.733Z,Соединитель отправки всей почты,08CCCF378C49048A,11,10.0.1.4:20787,195.82.145.229:25,>,RCPT TO:<USER@nvkz.neta.ru>,
2010-06-01T23:50:55.849Z,Соединитель отправки всей почты,08CCCF378C49048A,12,10.0.1.4:20787,195.82.145.229:25,<,250 Ok,
2010-06-01T23:50:55.849Z,Соединитель отправки всей почты,08CCCF378C49048A,13,10.0.1.4:20787,195.82.145.229:25,<,»450 Client host rejected: cannot find your hostname, [мой_внешний_IP]»,
2010-06-01T23:50:55.850Z,Соединитель отправки всей почты,08CCCF378C49048A,14,10.0.1.4:20787,195.82.145.229:25,>,QUIT,
2010-06-01T23:50:55.968Z,Соединитель отправки всей почты,08CCCF378C49048A,15,10.0.1.4:20787,195.82.145.229:25,<,221 Bye,