Jon Harris wrote: > Hi List > > A few of our clients use our postfix server for relaying. Generally, its > working really well, but several users are reporting regular "451 > Temporary Lookup Failure" bounce errors. This is them sending "outgoing" > (ie non-local domains) and domains that Postfix should be relaying for, > in its other role as a fallback mx server. > > We use mysql to store local mailboxes, domains, etc but these are > effectively "external" addresses. I can see anything in the logs that > tells me anything other than the 451 error. > > In: MAIL FROM: <send...@sending.com> > Out: 250 Ok > In: RCPT TO: <u...@a_domain_postfix_is_fallback_for.com> > Out: 451 <u...@a_domain_postfix_is_fallback_for.com>: Temporary lookup > failure > > Session aborted, reason: lost connection > ------------- > > I have tried various command line tests, but never got a 451. It doesn't > appear to be consistently replicatable. Is this something to do with a > mysql select statement timing out? Can I increase the lookup timeout - > if there such a thing? > > There are obviously a lot of configuration files involved here. But I > can't find anything to do with 451 errors. > > This is the relavent sections (I hope!) from main.cf >
Be sure to check 'postconf -n' instead. Your eyes may not see what Postfix sees. > main.cf > ------- > > . > . > . > virtual_mailbox_domains = > mysql:/etc/postfix/mysql_virtual_domains_maps.cf > virtual_mailbox_base = /var/vmail > virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf > virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf > virtual_minimum_uid = 150 > virtual_uid_maps = static:150 > virtual_gid_maps = static:12 > This may be a result of heavy load. You are not using proxymap, so each lookup requires a connection. MySQL has a default connection limit of 100, unless you changed it. While this is OK for low-volume, this can cause temporary lookup errors during peak usage. Suggest changing all mysql: maps to proxy:mysql: Example: proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf > . > . > . > ## relay section > smtpd_recipient_restrictions = > reject_invalid_hostname, > reject_non_fqdn_sender, > reject_non_fqdn_recipient, > permit_mynetworks, > permit_sasl_authenticated, > reject_unauth_destination, > reject_rbl_client cbl.abuseat.org, > reject_rbl_client list.dsbl.org, > reject_rbl_client sbl.spamhaus.org, > reject_rbl_client pbl.spamhaus.org > permit > dsbl.org is dead. Also, suggest merging the other 3 lists into zen.spamhaus.org Brian
