On 4/1/2015 8:04 AM, James B. Byrne wrote: > I have a report this morning that email from one of our correspondent > domains is not being reliably received. The specific ase was that > three out of four serial numbered transmissions were received but the > fourth had 'disappeared'. As we were only one of a number of > recipients the missing message was retrieved from one of the others, > proving that the missing message was indeed sent.
That doesn't prove it was sent *to you*. That proof is on the sending server. > > Looking at the logs from yesterday I discovered the following log file > entries. There are selected from the entire log using grep > 216.254.141.187 and modified to disguise the actual sender and > recipient (YYY and XXX respectively) but are otherwise unaltered and > are in chronological order. > > <pre> > > Mar 31 16:40:55 inet08 postfix-p25/smtpd[20524]: NOQUEUE: reject: RCPT > from mail20.primus.ca[216.254.141.187]: 450 4.7.1 > <tor-smtp-06.primus.ca>: Helo command rejected: Host not found; > from=<y...@lightningequipment.on.ca> to=<x...@harte-lyne.ca> proto=ESMTP > helo=<tor-smtp-06.primus.ca> Apparently you use reject_unknown_helo_hostname and the DNS lookup failed with a temporary error . Note this is a temporary 450 error; the sending server *should* retry the transaction at a later time. The length of delay before retry is under control of the sending server, and is typically a few minutes to a few hours. Mail should not be lost due to a temporary error. If the missing message still hasn't shown up, you might want to check with the sender and verify they retry after a temporary error. > > Can somebody explain to me what circumstance would account for this > behaviour? Is this a DNS issue at their end? Is there something > wrong at our end? I have not run across this specific type of problem > before. I know that we reject for unknown hosts so the configuration > is not at issue. Why is the host unknown at 16:54 and known at 17:05 > is the question. > There was a temporary DNS lookup failure for the helo hostname. If you didn't have other DNS failures during this time frame, then it was likely something related to their DNS servers, but it's impossible to debug reliably after the fact. To avoid delays with mail, you can whitelist trusted servers from your normal anti-spam checks. -- Noel Jones
