@guinan

Interesting.. my server definitely seems to think yours is attempting SASL auth with no auth.. couldn't verify earlier because of proxy IPs masking the attempt.

Apr 29 21:49:42 mx01 postfix/smtpd[122]: warning: unknown[10.2.0.1]: SASL PLAIN authentication failed:
Apr 29 21:49:42 mx01 postfix/smtpd[122]: disconnect from unknown[10.2.0.1] ehlo=2 starttls=1 auth=0/1 quit=1 commands=4/5

Digging to try and see why.

@guinan Very strange. I cannot find record of your server in my logs. I do see SASL failures with no password attempt, but I can't make sense of it. It seems like the remote is attempting a relay. I've bounced all nodes and tried several tests, and had a few people send me emails, and all came through. Genuinely confused about whats going.

Can you resend and this time send the reject along with a timestamp+timezone so I can correlate log lines?

@guinan no that message is frequently sent to remote servers when the reverse DNS lookups on my mailserver have exhausted DNS hits for the hour. Happens when spammers hit the server at times. I have a cache layer I'm prepared to deploy on my kube cluster for this, however Linode's LKE has a timed job that forcibly overwrites the CoreDNS config on their clusters, so until they remedy this implementation there's no way for me to deploy my cache.

As I "fix" I had disabled reverse lookups...

@guinan

Looking at that message I have a feeling this Haiku is about to become very relevant.