Re: Postfix Question: strange issue with mx record lookup
Andreas Freyvogel: > Am I to understand that Postfix will first try to lookup the MX record via > DNS and if should that fail it will use the value configured in the > /etc/hosts file? > No. Assuming that DNS lookups are enabled, and that there are no overrides with transport_maps or otherwise: 1) Postfix looks up the MX record. 2) If the result is one or more MX records, Postfix will try to deliver to the named hosts. 3) If the result is NXDOMAIN or NODATA then Postfix looks up the up the IP address. 4) Otherwise the result is an error (timeout, SERVFAIL, malformed reply, whatever). Postfix defers delivery or bounces the message, depending on error details. 5) Postfix can be configured (with smtp_host_lookup) to look the IP address in local databases besides DNS. But this is not the default in Postfix source code from postfix.org mirrors. In your case, apparently either DNS lookup was disabled, or the MX lookup resulted in an NXDOMAIN or NODATA response (i.e. some DNS server was confused or mis-configured and wrong information got cached in a local DNS server so Postfix kept banging into the wall). Wietse > > -Original Message- > From: owner-postfix-us...@postfix.org > [mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema > Sent: Monday, September 12, 2011 12:36 PM > To: Postfix users > Subject: Re: Postfix Question: strange issue with mx record lookup > > Andreas Freyvogel: > > The email address to which we are sending is "u...@mmm.com". > > Postfix will send to the A record for mmm.com if MX lookup is > disabled, or if MX lookup results in a "not found" response (either > NXDOMAIN or NODATA). > > Postfix does not send to the A record if MX fails due to any other > error such as timeout or server failure. > > If your MX lookups "by hand" succeed and Postfix still sends to the > /etc/hosts address, then something is broken at your end. > > Perhaps you have an outdated (or missing) etc/resolv.conf file in > the Postfix queue. With a missing etc/resolv.conf file, some resolvers > will contact the DNS server on 127.0.0.1. And with an outdated > etc/resolv.conf, anything could happen. > > Wietse > > > >
RE: Postfix Question: strange issue with mx record lookup
Am I to understand that Postfix will first try to lookup the MX record via DNS and if should that fail it will use the value configured in the /etc/hosts file? -Andreas -Original Message- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema Sent: Monday, September 12, 2011 12:36 PM To: Postfix users Subject: Re: Postfix Question: strange issue with mx record lookup Andreas Freyvogel: > The email address to which we are sending is "u...@mmm.com". Postfix will send to the A record for mmm.com if MX lookup is disabled, or if MX lookup results in a "not found" response (either NXDOMAIN or NODATA). Postfix does not send to the A record if MX fails due to any other error such as timeout or server failure. If your MX lookups "by hand" succeed and Postfix still sends to the /etc/hosts address, then something is broken at your end. Perhaps you have an outdated (or missing) etc/resolv.conf file in the Postfix queue. With a missing etc/resolv.conf file, some resolvers will contact the DNS server on 127.0.0.1. And with an outdated etc/resolv.conf, anything could happen. Wietse
Re: Postfix Question: strange issue with mx record lookup
Reindl Harald: > this are EIGHT releases behind the last supported F14 > and 5 years ago - normally i would expect that someone > updates to supported versions of software before try > to solve problems with since years not supported versions The DNS lookup code has not changed. Looking up an MX record is not rocket science. Wietse
Re: Postfix Question: strange issue with mx record lookup
Andreas Freyvogel: > The email address to which we are sending is "u...@mmm.com". Postfix will send to the A record for mmm.com if MX lookup is disabled, or if MX lookup results in a "not found" response (either NXDOMAIN or NODATA). Postfix does not send to the A record if MX fails due to any other error such as timeout or server failure. If your MX lookups "by hand" succeed and Postfix still sends to the /etc/hosts address, then something is broken at your end. Perhaps you have an outdated (or missing) etc/resolv.conf file in the Postfix queue. With a missing etc/resolv.conf file, some resolvers will contact the DNS server on 127.0.0.1. And with an outdated etc/resolv.conf, anything could happen. Wietse
Re: Postfix Question: strange issue with mx record lookup
this are EIGHT releases behind the last supported F14 and 5 years ago - normally i would expect that someone updates to supported versions of software before try to solve problems with since years not supported versions Am 12.09.2011 21:22, schrieb Andreas Freyvogel: > Yes, the version is older and needs to be updated. I am running Fedora Core > release 6 (Zod). > > -Original Message- > From: owner-postfix-us...@postfix.org > [mailto:owner-postfix-us...@postfix.org] On Behalf Of Reindl Harald > Sent: Monday, September 12, 2011 12:18 PM > To: postfix-users@postfix.org > Subject: Re: Postfix Question: strange issue with mx record lookup > > > > Am 12.09.2011 21:11, schrieb Andreas Freyvogel: >> The email address to which we are sending is "u...@mmm.com". >> >> Output of my postconf -n: >> >> readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES >> relay_domains = $mydestination, /etc/postfix/relay-domains >> sample_directory = /usr/share/doc/postfix-2.2.10/samples > are you really using postfix 2.2.10? > > this is totally outdated and you probably hit a > bug which was years ago a topic > > -- Mit besten Grüßen, Reindl Harald the lounge interactive design GmbH A-1060 Vienna, Hofmühlgasse 17 CTO / software-development / cms-solutions p: +43 (1) 595 3999 33, m: +43 (676) 40 221 40 icq: 154546673, http://www.thelounge.net/ http://www.thelounge.net/signature.asc.what.htm signature.asc Description: OpenPGP digital signature
RE: Postfix Question: strange issue with mx record lookup
Yes, the version is older and needs to be updated. I am running Fedora Core release 6 (Zod). -Original Message- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Reindl Harald Sent: Monday, September 12, 2011 12:18 PM To: postfix-users@postfix.org Subject: Re: Postfix Question: strange issue with mx record lookup Am 12.09.2011 21:11, schrieb Andreas Freyvogel: > The email address to which we are sending is "u...@mmm.com". > > Output of my postconf -n: > > readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES > relay_domains = $mydestination, /etc/postfix/relay-domains > sample_directory = /usr/share/doc/postfix-2.2.10/samples are you really using postfix 2.2.10? this is totally outdated and you probably hit a bug which was years ago a topic
Re: Postfix Question: strange issue with mx record lookup
Am 12.09.2011 21:11, schrieb Andreas Freyvogel: > The email address to which we are sending is "u...@mmm.com". > > Output of my postconf -n: > > readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES > relay_domains = $mydestination, /etc/postfix/relay-domains > sample_directory = /usr/share/doc/postfix-2.2.10/samples are you really using postfix 2.2.10? this is totally outdated and you probably hit a bug which was years ago a topic signature.asc Description: OpenPGP digital signature
RE: Postfix Question: strange issue with mx record lookup
The email address to which we are sending is "u...@mmm.com". Output of my postconf -n: >>> alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 1 default_destination_concurrency_limit = 10 default_privs = nobody header_checks = regexp:/etc/postfix/header_checks html_directory = no inet_interfaces = all local_destination_concurrency_limit = 2 mail_owner = postfix mailbox_command = /usr/bin/procmail mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, $mydomain, /etc/postfix/domains mydomain = ecmarket.com myhostname = ecmailer2.ecmarket.com mynetworks = /etc/postfix/relay-domains myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix notify_classes = delay, resource, software queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES relay_domains = $mydestination, /etc/postfix/relay-domains sample_directory = /usr/share/doc/postfix-2.2.10/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_enforce_tls = no smtp_tls_loglevel = 2 smtp_use_tls = yes smtpd_client_restrictions = permit_mynetworks, check_client_access hash:/etc/postfix/access_clientip, reject_non_fqdn_hostname, reject_invalid_hostname smtpd_helo_required = yes smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access, reject_non_fqdn_sender,reject_rbl_client bl.spamcop.net smtpd_tls_CApath = /etc/postfix/CERTS smtpd_tls_cert_file = /etc/postfix/wildcard.conexiom.net-2011.cer smtpd_tls_key_file = /etc/postfix/wildcardKey-nopass.pem smtpd_tls_loglevel = 2 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 450 <<< Thank you, -Andreas -Original Message- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema Sent: Monday, September 12, 2011 12:07 PM To: Postfix users Subject: Re: Postfix Question: strange issue with mx record lookup Andreas Freyvogel: > I have a bit of an odd problem and hoped you might be able to offer some > assistance or point me in the right direction. > > Yesterday, my server was unable to send emails to 3M (u...@mmm.com). > > The logs shows: > "status=deferred (delivery temporarily suspended: connect to > mmm.com[192.28.34.26]" mmm.com is not an MX host for 3M.com. I therefore suspect that you have a non-default configuration that forces Postfix to look up MMM.com instead of 3M.com. This would be a good time to provide "postconf -n" command output. Wietse
Re: Postfix Question: strange issue with mx record lookup
Andreas Freyvogel: > I have a bit of an odd problem and hoped you might be able to offer some > assistance or point me in the right direction. > > Yesterday, my server was unable to send emails to 3M (u...@mmm.com). > > The logs shows: > "status=deferred (delivery temporarily suspended: connect to > mmm.com[192.28.34.26]" mmm.com is not an MX host for 3M.com. I therefore suspect that you have a non-default configuration that forces Postfix to look up MMM.com instead of 3M.com. This would be a good time to provide "postconf -n" command output. Wietse
Re: Postfix Question: strange issue with mx record lookup
Am 12.09.2011 20:31, schrieb Andreas Freyvogel: > I have a bit of an odd problem and hoped you might be able to offer some > assistance or point me in the right direction. > > Yesterday, my server was unable to send emails to 3M (u...@mmm.com). > > The logs shows: > "status=deferred (delivery temporarily suspended: connect to > mmm.com[192.28.34.26]" > > When I did a lookup of mmm.com it resolves to 192.28.34.26, however, the MX > record for 3M shows: > > Authoritative answers can be found from: > mmm.com nameserver = pigseye.mmm.com. > mmm.com nameserver = ns.3m.com. > 3m.com.inbound15.mxlogic.netinternet address = 208.65.144.12 > 3m.com.inbound15.mxlogic.netinternet address = 208.65.144.13 > 3m.com.inbound15.mxlogic.netinternet address = 208.65.145.12 > 3m.com.inbound15.mxlogic.netinternet address = 208.65.145.13 > 3m.com.inbound15.mxlogicmx.net internet address = 208.65.144.13 > 3m.com.inbound15.mxlogicmx.net internet address = 208.65.145.12 > 3m.com.inbound15.mxlogicmx.net internet address = 208.65.144.12 > << > > Does anyone know why/how Postfix would be getting the response of > 192.28.34.26 instead of one of the above mail server IP addresses? Is this > on part of my server or to do with the DNS configuration of 3M? > > The fix I have in place was to put "208.65.144.12 mmm.com" in my /etc/hosts > file. i guess this was a temporary dns-problem where postfix did a fall back to the a-record ;; ANSWER SECTION: mmm.com.86400 IN A 192.28.34.26 should normally not be a problem because "deferred" means it would try again later signature.asc Description: OpenPGP digital signature