0

We have VPS and hosting two sites (2 domains). We are facing the problem when sending mail to configured domain name. For example, example.com configured on the postfix, the same configured on the other mail services for the mailbox. Now the problem is when the application sends the mail from VPS to user1@example.com it bounces back to the server with

550 Local CT IP Reputation Policy (Reject) - https://community.mimecast.com/docs/DOC-1369#550".

What will be the issue? what i need to configure?

This is my Postfix configuration.

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
html_directory = no
inet_interfaces = localhost
inet_protocols = ipv4
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
milter_default_action = accept
milter_protocol = 2
mydestination =
mydomain = example.com
myhostname = example.com
mynetworks = 127.0.0.0/8
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = $smtpd_milters
queue_directory = /var/spool/postfix
relay_domains = $mydestination
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_milters = inet:127.0.0.1:8891
unknown_local_recipient_reject_code= 550
Esa Jokinen
  • 46,944
  • 3
  • 83
  • 129
Muthu
  • 3
  • 3
  • On a quick look I noticed you did not add your network public IP addresses in the mynetworks section. Doing that helps in many scenarios, it may be related to this too. Also, I don't see a snmp sender policy or snmp sender restrictions. Also, you should look into SMTP authentication. – Overmind May 29 '17 at 12:50

1 Answers1

0

Should Postfix handle mail for example.com locally or send it to external MX?

If locally, this isn't happening. That's because you have empty mydestination =. While it defaults to mydestination = $myhostname, localhost.$mydomain, localhost, already including the myhostname = example.com, you are now forcing it empty. This results in MX for example.com being used instead of local delivery, and the error is generated by the MX server, which seems to be Mimecast.

The SMTP error procided by the Mimecast server, probably Mimecast Email Security Gateway, is quite informative, as it already leads us to the page where more specific descriptions and recommended solutions for different errors are listed:

550 Local CT IP Reputation - (reject)

Description: This error is based on ongoing reputation checks, which have resulted in the email being rejected due to poor IP reputation (this could be subsequent to temporary failures).

Recommended Resolution: This rejection can be bypassed with an Auto Allow entry, or by creating a Permitted Senders Policy.

If Postfix should deliver mail for example.com to local mailboxes, fix your mydestination. (Because your local_recipient_maps is default roxy:unix:passwd.byname $alias_maps, hash:/etc/aliases from alias_maps is already included and everything should work fine.)

If the mails are supposed to go through Mimecast, you need to Create a Policy for adding your VPS server to the trusted list, i.e. Create a Permitted Senders Policy.

Esa Jokinen
  • 46,944
  • 3
  • 83
  • 129