I got this error when I tried to send an email to a local user using outlook express, and as an unauthorized person. If I check the option “my server needs authentication” on, and input the correct account information that is set up on postfix server, no error occurs. But I know postfix does not need authorization if the email is destined to the server it manages. So this error should not happen in theory. Searching the Internet, I found posts that recommend to remove the reject_non_fqdn_helo_hostname in smtpd_helo_restrictions. Actually, there is no smtpd_helo_restrictions in my main.cf. There does exist a line:
smtpd_helo_required = yes
in the postfix configuration file main.cf. I commented it but still got the error. I added the following lines:
smtpd_helo_restrictions = permit_mynetworks,
, but got no luck. Finally, I fixed the problem by commenting the line reject_non_fqdn_hostname in smtpd_recipient_restrictions
smtpd_recipient_restrictions = permit_sasl_authenticated,
It turns out that in the phase of checking recipient address, postfix also checks the host name in the HELO command. If it is not a valid FQDN(as is the case for outlook express which uses the hostname of the client machine, not a FQDN), postfix will reject the email. The value of the smtpd_recipient_restrictions parameter also explains why post does not reject email if I turn on the server authentication, because the first option of this parameter is permit_sasl_authenticated.