Hello;
I’ve been searching and reading through numerous posts, but can’t seem to find a resolution to my email issue.
I’m seeing the following in my logs, every few minutes;
Apr 10 23:53:50 toronto01 postfix/smtpd[2497]: warning: hostname toronto01.kasnetwork.com does not resolve to address 159.203.56.205
Apr 10 23:53:50 toronto01 postfix/smtpd[2497]: connect from unknown[159.203.56.205]
Apr 10 23:53:50 toronto01 postfix/smtpd[2497]: disconnect from unknown[159.203.56.205]
I have reverse pointers setup and the hostname does resolve at mxtoolbox --> https://mxtoolbox.com/SuperTool.aspx?action=ptr%3A159.203.56.205&run=toolpage
I just can’t seem to figure out why this error occurs as the logs offer no real explanation. No rejected messages, or SASL login failed, etc., such as this entry;
Apr 10 23:59:42 toronto01 postfix/smtpd[2666]: warning: hostname 80-69-247-10.pasargadnet.ir does not resolve to address 80.69.247.10
Apr 10 23:59:42 toronto01 postfix/smtpd[2666]: connect from unknown[80.69.247.10]
Apr 10 23:59:45 toronto01 postfix/smtpd[2666]: warning: unknown[80.69.247.10]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Apr 10 23:59:45 toronto01 postfix/smtpd[2666]: disconnect from unknown[80.69.247.10]
I don’t know where this “connection” is coming from. It appears as if the server is connecting to itself, but for what reason and why it doesn’t resolve I just can’t understand.
Any pointers would be greatly appreciated!
Thanks; Kyle
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Accepted Answer
Everything was working, so this wasn’t urgent and I kinda back-burnered it for a while.
It seems I resolved it today when I ran into a discussion about setting up /etc/hosts and the purpose of 127.0.1.1. That led me to this -> https://serverfault.com/questions/363095/why-does-my-hostname-appear-with-the-address-127-0-1-1-rather-than-127-0-0-1-in
From the Debian manual; For a system with a permanent IP address, that permanent IP address should be used here instead of 127.0.1.1.
So, my hostname was resolving (as far as Postfix was concerned) to 127.0.1.1.
Removing the 127.0.1.1 line from /etc/hosts, so it looks like this;
127.0.0.1 localhost.localdomain localhost
159.203.56.205 toronto01.kasnetwork.com toronto01
and then restarting Postfix, has resolved the hostname verification errors I was seeing.
As a side note, I did have both smtp_host_lookup and lmpt_host_lookup = native before these changes to see if it would help. It did not, so I removed them both before restarting Postfix so the default settings (dns) would be used. It appears as these settings are not needed and can be left at their default values.
Hopefully it will help someone else.
Kyle
This comment has been deleted
Add smtp_host_lookup = native to your main.cf. That should make use of your /etc/hosts - if you have anything special setup there.
It’s just warnings, so it’s still working correctly. You can safely ignore that warning.
When I run dig toronto01.kasnetwork.com A
toronto01.kasnetwork.com. 1799 IN CNAME www.kasnetwork.com.
www.kasnetwork.com. 1799 IN A 159.203.56.205
I don’t think Postfix can handle multiple different returns. This should be an A-record instead of a CNAME, just to make sure we play nice with old mail servers.
And as for 80-69-247-10.pasargadnet.ir it does not resolve, so the warning is legit.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.