James B. Byrne:
[ Charset ISO-8859-1 converted... ]
>
>
> On Wed, January 19, 2022 13:29, Wietse Venema wrote:
> > James B. Byrne:
> >
> >
> > For me, alt4.gmail-smtp-in.l.google.com does not resolve to
> > 66.102.1.27, but instead to 142.250.153.26 (and some IPv6).
> >
> > Wietse
> >
>
> Repeated dns lookups of alt4.gmail-smtp-in.l.google.com return a different ip4
> address for each query. I infer that google.com uses a round-robin set of A
> records for that domain; and likely multiple MX hosts for sending.
>
> Although the returns I get seem to be in the 64.233.184 netblock and usually
> one of either 64.233.184.26 or 64.233.184.27, neither of which are a PRT
> record
> to alt4.gmail-smtp-in.l.google.com. Neither does 142.250.153.26 point back to
> alt4.gmail-smtp-in.l.google.com for that matter.
>
> However that may be, google's dns records are outside my span of control. I
> still do not understand why a DSN delay message cannot be sent back to the
> origin. Has google configured their mail servers to prevent this? Are the
> bounces supposed to be sent somewhere else (aspmx.l.google.com.)? Do I have
> some sort of configuration error?
"Connection refused" means that the TCP SYN request from your system
got a TCP RST response. This response could be for a variety of
reasons. One is that the host accepted no TCP connections on port
25, but that seems unlikely. More likely, some "bump in the wire"
blocked the conection attempt before it even reached a mail server.
As Victor noted, what Postfix stores is the last attempt. You may
see other connection failures from the same Postfix SMTP client
process to different gmail MX hosts.
Wietse
