How to not use "localhost.localdomain" in outgoing HELO/EHLO?

user1721724 picture user1721724 · Oct 29, 2013 · Viewed 16.7k times · Source

I've tried just about everything I could and I can't get "localhost" to get out of my email headers. I ended up on the CBL list at Spamhaus, so I'm trying to fix this before I apply to get delisted.

I have setup DKIM, SPF, Sender-ID auth. The problem is PHP or NGINX is passing the email to Postfix from localhost.

I get these "Received:" headers inserted on outgoing mail:

Received: from mydomain.com (unknown [127.0.0.1]) by mail.mydomain.com (Postfix) with ESMTP id 452762A068
Received: (from nginx@localhost) by mydomain.com (8.14.4/8.14.4/Submit) id r9THAQAP002693;

I think I need to clear up the unknown and 127.0.0.1, as well as the localhost with the nginx username. I'm running CentOS 6.3. Thanks in advance for your help.

Answer

AnFi picture AnFi · Oct 30, 2013

CBL "localhost.localdomain" listing

Your host had been listed for name "localhost.localdomain" it had send out in helo/ehlo command.

You can fix name used in outgoing helo/ehlo command using one of the following:

  • changing hostname as reported by hostname --fqdn
    (FQDN = Fully Qualified Domain Name)
    It may be OS/distribution dependent. It fixes similar problems in most MTAs.

  • smtp_helo_name option in postfix configuration

Quote from the CBL page:

This IP address is HELO'ing as "localhost.localdomain" which violates the relevant standards (specifically: RFC5321).
The CBL does not list for RFC violations per-se. This particular behaviour, however, correlates strongly to spambot infections. In other words, out of thousands upon thousands of IP addresses HELO'ing this way, all but a handful are infected and spewing junk.