E-MailRelay / Support Requests / #99 HELO/EHLO does not include FQDN

#99 HELO/EHLO does not include FQDN

Milestone: v1.0 (example)

Status: closed

Owner: nobody

Labels: None

Priority: 5

Updated: 2024-09-18

Created: 2024-07-05

Creator: Jon Ward

Private: No

I've been using e-mailrelay for quite a number of years. I recently upgraded from 2.4. Both 2.5 and 2.5.2 exhibit the following issue -- the host name in the HELO/EHLO command is not fully-qualified. Only the host name part is used. I have the FQDN specified in the DOMAIN option. This works in 2.4 but not in 2.5 or 2.5.2.

Jul 04 03:50:09 istanbul postfix/smtpd[288023]: connect from athens.example.com[1.2.3.4]
Jul 04 03:50:09 istanbul postfix/smtpd[288023]: Anonymous TLS connection established from athens.example.com[1.2.3.4]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
Jul 04 03:50:09 istanbul postfix/smtpd[288023]: NOQUEUE: reject: RCPT from athens.example.com[1.2.3.4]: 550 5.5.2 <athens>: Helo command rejected: need fully-qualified hostname; from=<queenstown@example.com> to=<noc@example.com> proto=ESMTP helo=<athens>
Jul 04 03:50:09 istanbul postfix/smtpd[288023]: disconnect from athens.example.com[1.2.3.4] ehlo=2 starttls=1 mail=1 rcpt=0/1 rset=1 quit=1 commands=6/7

I have confirmed that the config file (with the appropriate domain setting) was used.

After downgrading back to 2.4, I get the following (correct connection) from my relay server.

Jul 04 23:52:59 istanbul postfix/smtpd[9412]: connect from athens.example.com[1.2.3.4]
Jul 04 23:52:59 istanbul postfix/smtpd[9412]: Anonymous TLS connection established from athens.example.com[1.2.3.4]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
Jul 04 23:52:59 istanbul postfix/smtpd[9412]: DC0362E26064: client=athens.example.com[1.2.3.4]
Jul 04 23:52:59 istanbul postfix/cleanup[9422]: DC0362E26064: message-id=<20240704235256.269283@athens.example.com>
Jul 04 23:52:59 istanbul postfix/qmgr[5761]: DC0362E26064: from=<noc@example.com>, size=1756, nrcpt=1 (queue active)

I hope this helps. I can perform other tests if needed.
JW

Discussion

Graeme Walker - 2024-07-05

What o/s is the emailrelay client running on?

The EHLO parameter is the canonical name returned from a DNS lookup of the hostname, Could there be DNS changes between your tests?

It looks like v2.4 (and therefore 2.5) unintentionally lost the capability of overriding the client EHLO parameter from the "--domain" option, but there are no obvious changes between 2.4 and 2.5.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Graeme Walker - 2024-09-18

status: open --> closed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Graeme Walker - 2024-09-18

Thanks for the bug report. This is fixed in v2.6.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

HELO/EHLO does not include FQDN

SMTP email proxy and relay server

Group

Searches

Help

#99 HELO/EHLO does not include FQDN

Discussion