On Wed, Apr 24, 2024 at 07:23:00PM +0200, Kim Sindalsen via Postfix-users wrote:
> > Regardless, as things stand, the default Fedora 39 nsswitch.conf > > makes Postfix restrictions much too fragile, and needs to be > > avoided. > > files dns is standard on my installation (Gentoo Linux/OpenRC) Congratulations, your OS distribution did not default to a poor choice (at least for Postfix) of nsswitch.conf. > https://man.archlinux.org/man/nss-resolve.8.en seems to say that the > order should be: mymachines resolve [!UNAVAIL=return] files myhostname Yes, and that advice is bad for applications that need to distinguish between hard and soft lookup errors. > when using/utilizing systemd-resolved - dunno if that changes anything > really though. As explained in my posts upthread, following that advice results in Postfix intermittently rejecting (5XX) legitimate client IPs, that should have been deferred (4XX) as a result of a transient lookup glitch. -- Viktor. _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
