Share

Question

Hello;

I've been searching and reading through numerous posts, but can't seem to find a resolution to my email issue.

I'm seeing the following in my logs, every few minutes;

Apr 10 23:53:50 toronto01 postfix/smtpd[2497]: warning: hostname toronto01.kasnetwork.com does not resolve to address 159.203.56.205
Apr 10 23:53:50 toronto01 postfix/smtpd[2497]: connect from unknown[159.203.56.205]
Apr 10 23:53:50 toronto01 postfix/smtpd[2497]: disconnect from unknown[159.203.56.205]

I have reverse pointers setup and the hostname does resolve at mxtoolbox --> https://mxtoolbox.com/SuperTool.aspx?action=ptr%3a159.203.56.205&run=toolpage

I just can't seem to figure out why this error occurs as the logs offer no real explanation. No rejected messages, or SASL login failed, etc., such as this entry;

Apr 10 23:59:42 toronto01 postfix/smtpd[2666]: warning: hostname 80-69-247-10.pasargadnet.ir does not resolve to address 80.69.247.10
Apr 10 23:59:42 toronto01 postfix/smtpd[2666]: connect from unknown[80.69.247.10]
Apr 10 23:59:45 toronto01 postfix/smtpd[2666]: warning: unknown[80.69.247.10]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Apr 10 23:59:45 toronto01 postfix/smtpd[2666]: disconnect from unknown[80.69.247.10]

I don't know where this "connection" is coming from. It appears as if the server is connecting to itself, but for what reason and why it doesn't resolve I just can't understand.

Any pointers would be greatly appreciated!

Thanks;
Kyle

Accepted Answer

kylestubbins May 6, 2017

Accepted Answer

Everything was working, so this wasn't urgent and I kinda back-burnered it for a while.

It seems I resolved it today when I ran into a discussion about setting up /etc/hosts and the purpose of 127.0.1.1. That led me to this -> https://serverfault.com/questions/363095/why-does-my-hostname-appear-with-the-address-127-0-1-1-rather-than-127-0-0-1-in

From the Debian manual;
For a system with a permanent IP address, that permanent IP address should be used here instead of 127.0.1.1.

So, my hostname was resolving (as far as Postfix was concerned) to 127.0.1.1.

Removing the 127.0.1.1 line from /etc/hosts, so it looks like this;

127.0.0.1       localhost.localdomain           localhost
159.203.56.205  toronto01.kasnetwork.com        toronto01

and then restarting Postfix, has resolved the hostname verification errors I was seeing.

As a side note, I did have both smtp_host_lookup and lmpt_host_lookup = native before these changes to see if it would help. It did not, so I removed them both before restarting Postfix so the default settings (dns) would be used. It appears as these settings are not needed and can be left at their default values.

Hopefully it will help someone else.

Kyle

Reply

Answer 2

hansen April 11, 2017

Hi @kylestubbins

Add smtp_host_lookup = native to your main.cf. That should make use of your /etc/hosts - if you have anything special setup there.

It's just warnings, so it's still working correctly. You can safely ignore that warning.
When I run dig toronto01.kasnetwork.com A

toronto01.kasnetwork.com. 1799  IN  CNAME   www.kasnetwork.com.
www.kasnetwork.com. 1799    IN  A   159.203.56.205

I don't think Postfix can handle multiple different returns. This should be an A-record instead of a CNAME, just to make sure we play nice with old mail servers.

And as for 80-69-247-10.pasargadnet.ir it does not resolve, so the warning is legit.

Reply

kylestubbins April 11, 2017

Thanks, @hansen;

Sure you had to pick one I didn't resolve. ;-)

I'll give that a go when I get home tonight & let you know how it goes.
- kylestubbins April 13, 2017
  
  @hansen - I have made the changes and have given it a day just to make sure the DNS changes propagated. I didn't create an A record for the hostname when I set things up. It was being caught by the domains CNAME wildcard catch-all for the www subdomain. For some reason, I thought the hostname was automatically setup/handled during install. Live and learn. Dig looks good now.
  
  toronto01.kasnetwork.com. 933 IN A 159.203.56.205
  
  I made the changes to my main.cf file and also changed my /etc/hosts to reflect as I had the big scary warning at the top saying changes wouldn't persist and to make changes to the template file.… read up on this and found it was a 'bug' of sorts on install and can be ignored. So, I removed the warning and setup /etc/hosts as per normal.
  
  127.0.0.1 localhost.localdomain localhost 127.0.1.1 toronto01.kasnetwork.com toronto01 159.203.56.205 toronto01.kasnetwork.com toronto01
  
  I restarted postfix and it's been a day, but I'm still seeing these warnings in my logs. Not sure if I need to restart any other services, but I'll keep an eye on it, particularly next reboot.
  
  I know you said it's just warnings, so they can be safely ignored. I'm more curious to understand why this occurs. I have resolve.conf setup to use google. Maybe I should try openDNS?
  
  nameserver 8.8.8.8 nameserver 8.8.4.4
  
  I'll keep trying and see what I eventually come up with. Suggestions are welcome!
  
  Thanks;
  Kyle
  
  hansen April 13, 2017
  
  @kylestubbins
  I'm not sure why you're seeing these warnings. I have multiple Postfix setups running, but not seeing something like this.
  Maybe you should try asking in the official Postfix mailing list - there are some really clever guys there:
  http://www.postfix.org/lists.html
  
  hansen April 13, 2017
  
  @kylestubbins
  Of course, please do a reboot (if possible), just to eliminate that.

Answer 3

kylestubbins April 11, 2017

Thanks, @hansen;

Sure you had to pick one I didn't resolve. ;-)

I'll give that a go when I get home tonight & let you know how it goes.
- kylestubbins April 13, 2017
  
  @hansen - I have made the changes and have given it a day just to make sure the DNS changes propagated. I didn't create an A record for the hostname when I set things up. It was being caught by the domains CNAME wildcard catch-all for the www subdomain. For some reason, I thought the hostname was automatically setup/handled during install. Live and learn. Dig looks good now.
  
  toronto01.kasnetwork.com. 933 IN A 159.203.56.205
  
  I made the changes to my main.cf file and also changed my /etc/hosts to reflect as I had the big scary warning at the top saying changes wouldn't persist and to make changes to the template file.… read up on this and found it was a 'bug' of sorts on install and can be ignored. So, I removed the warning and setup /etc/hosts as per normal.
  
  127.0.0.1 localhost.localdomain localhost 127.0.1.1 toronto01.kasnetwork.com toronto01 159.203.56.205 toronto01.kasnetwork.com toronto01
  
  I restarted postfix and it's been a day, but I'm still seeing these warnings in my logs. Not sure if I need to restart any other services, but I'll keep an eye on it, particularly next reboot.
  
  I know you said it's just warnings, so they can be safely ignored. I'm more curious to understand why this occurs. I have resolve.conf setup to use google. Maybe I should try openDNS?
  
  nameserver 8.8.8.8 nameserver 8.8.4.4
  
  I'll keep trying and see what I eventually come up with. Suggestions are welcome!
  
  Thanks;
  Kyle
  
  hansen April 13, 2017
  
  @kylestubbins
  I'm not sure why you're seeing these warnings. I have multiple Postfix setups running, but not seeing something like this.
  Maybe you should try asking in the official Postfix mailing list - there are some really clever guys there:
  http://www.postfix.org/lists.html
  
  hansen April 13, 2017
  
  @kylestubbins
  Of course, please do a reboot (if possible), just to eliminate that.

Answer 4

kylestubbins April 13, 2017

[deleted]

Reply

Postfix/smtpd hostname does not resolve to ip (but it does!)

Leave a Comment

Share

Share your Question

Postfix/smtpd hostname does not resolve to ip (but it does!)

Leave a Comment

Related Questions

Almost there!

Report a Bug