On January 12, 2010 3:10:12 PM -0600 Noel Jones <njo...@megan.vbhcs.org>
wrote:
On 1/12/2010 2:02 PM, Frank Cusack wrote:
My postfix-2.6.5 is rejecting mail from a host which has a large
PTR RRset -- 44 entries and large enough to require TCP.
host/dig/nslookup actually dumps core on my solaris box (looks like
the bug was fixed in BIND just a few months ago). I don't know for
sure that it is the PTR records that are causing the problem because
all I get in the log is
Jan 12 11:14:42 x.y.z postfix/smtpd[29691]: [ID 197553 mail.info]
connect from unknown[1.2.3.4]
Jan 12 11:14:42 x.y.z postfix/smtpd[29691]: [ID 197553 mail.info] lost
connection after CONNECT from unknown[1.2.3.4]
Jan 12 11:14:42 x.y.z postfix/smtpd[29691]: [ID 197553 mail.info]
disconnect from unknown[1.2.3.4]
This looks as if the client disconnected.
Postfix uses system libraries for DNS lookups. You can test your system
using the same calls with the tools in the auxiliary/name-addr-test
directory in the postfix source.
These aren't built by default; example compile command
# cc -o gethostbyaddr gethostbyaddr.c
If any of these tools crash or give "unexpected" results, there's a
problem with your system libraries; contact your OS vendor.
Thanks, I'll pursue that. I didn't initially think it would be
worthwhile because you'll notice in the log that the pid of smtpd
remains the same. I figured if the host resolver was returning
something bad (causing a crash), that master (or whatever process)
would report the problem rather than smtpd logging a disconnect.
The tools I noted above that are crashing are not part of the OS and
do not use the system resolver, so I didn't consider that necessarily
a bad sign for postfix.
If all the tools work, then the assumption from here is the client
disconnected -- not a postfix problem.
You might get more information with a network sniffer.
http://www.postfix.org/DEBUG_README.html#sniffer
I did a packet capture (with snaplen 1500) and it revealed nothing
interesting. Well, other than the fact that postfix does a DNS
query before the disconnect occurs -- obviously, since it at least
wants to log the hostname.
-frank
