This is totally wrong.
True, but it works - I have HELO checks in postfix restrictions and for me is the first problem (applying HELO checks to authenticated users ever worser - basically none of windows users has correct hostname).
Relevant lines from log:
Nov 28 10:42:11 email postfix/smtpd[11407]: input attribute value: REJECT Invalid HELO/EHLO; Must be a FQDN or an address literal, not 'XXX'
Nov 28 10:42:11 email postfix/smtpd[11407]: 127.0.0.1:10031: wanted attribute: (list terminator)
Nov 28 10:42:11 email postfix/smtpd[11407]: input attribute name: (end)
Nov 28 10:42:11 email postfix/smtpd[11407]: check_table_result: inet:127.0.0.1:10031 REJECT Invalid HELO/EHLO; Must be a FQDN or an address literal, not 'XXX' policy queryIt happened in the RECIPIENT RESTRICTIONS / they call policyd...
As I already noted / I don't have all my local domains in the internal_domains / there was only one (primary domain which I use for my company emails). In case authenticated user sends email to this account (so sender domain in local but not in internal_domains and recipient is both local and in internal_domains) / the policy used for this check is "Default Inbound" which applies all checks...
Should I copy all domains from vmail.domain to cluebringer.internal_domains?
Note: I use command line tool to create users/domains and I can easily incorpotate this insert into script creating new domain.