# [solved] iphone sent mails recently rejected

## Elleni

Recently updated iphones trying to send mails through my gentoo mailserver started landing in postfix jail of my fail2ban and even with fail2ban stopped the iphones can not send mails anymore. Looking into my mailserver log, it seems to have to do with helo? 

For mail which was blocked I see: 

450 4.7.1 <smtpclient.apple>: Helo command rejected: Host not found

Tested sending mails with evolution mail client and with android mailclient and they do not seem to send a helo at all. 

How can this be fixed? (Apart from not using shitty iPhones)  :Very Happy: 

The mailclients are connfigured with 993 for imap and 465 for smtp. What would you suggest on howto properly handle this? I don't think change postfix server to not bother with forward and reverse lookups on HELO commands is a good idea?Last edited by Elleni on Fri Apr 30, 2021 10:38 pm; edited 1 time in total

----------

## Banana

what happends if you "simulate" smtpclient.apple by setting it to localhost on your gentoo mailserver?

Maybe the iphone should only send emails through apple and not something else

----------

## Hu

Working solely from the information provided, it looks to me like the iPhone sends a non-existant hostname, and the mail server does not like it.  Configure the iPhone to use a proper hostname, or configure the mailserver to allow bogus hostnames, or configure the mailserver to treat this specific hostname as valid.

----------

## Elleni

Tried adding to hosts file like this

```
127.0.0.1       localhost smtpclient.apple
```

Resulting in

```
LC_ALL=c ping smtpclient.apple

ping: socket: Address family not supported by protocol

PING localhost (127.0.0.1) 56(84) bytes of data.

64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.029 ms

64 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.033 ms
```

But the problem is persisting. 

```
Apr 30 19:00:15 hostname postfix/smtps/smtpd[18547]: NOQUEUE: reject: RCPT from xyz: 450 4.7.1 <smtpclient.apple>: Helo command rejected: Host not found; from=<sending@email.adress> to=<receiving@emailadress> proto=ESMTP helo=<smtpclient.apple>
```

----------

## Elleni

 *Hu wrote:*   

> Working solely from the information provided, it looks to me like the iPhone sends a non-existant hostname, and the mail server does not like it.  Configure the iPhone to use a proper hostname, or configure the mailserver to allow bogus hostnames, or configure the mailserver to treat this specific hostname as valid.

 

That iphone was used to send mails for years with its built-in mail app, but only recently - after an ios update - it starting behaving like this. I don't know how it would be possible to change on the iphone, so I'd like to fix this on the server side without weakening it too much. How can the mailserver be configured to treat this specific hostname as valid? The hosts file idea sounded quite apealing but did aparently not work. Is it somewhere in main.cf where this would be configured?

I read here: *Quote:*   

> 
> 
> If you want to reject HELO with bad hostnames, but still allow your users to be able to send even if their clients don't send FQDNs with HELO, you can leave these lines in place as you have them:
> 
> ```
> ...

 

But how would I correctly modify my main.cf? I hesitate to modify my main.cf as I fear to break the mailserver, so I thought better ask then sorry. Could that work? Or how would you fix this?

----------

## Hu

I'd get a better behaved mail client.  :Wink:   Sorry, I don't have more specific advice on how to tell the mailserver to tolerate this.

----------

## Elleni

I do not use iPhones anyway  :Smile:  Its my brother and my wife using them, and WAF you know  :Very Happy: 

Anyway - tried adding permit_sasl_authenticated additionally right before the two rejetct_helo entries as suggested in the linked post above. After that I had to cleanup fail2ban as many ips had landed in postfix, postfix-sasl and postfix-auth jails because of those updated iphones.

----------

