Re: Warning about non-existent MX for destination domain

[Catalin Bucur]

On 10/03/2020 19:47, Gerald Galster wrote:
what happens if you set delay_warning_time=1h or 
delay_warning_time=300  (as in 300 seconds)?


In the template file it says hours, so everything below one hour might 
evaluate to zero?


Best regards
Gerald


/"Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks). 
The default time unit is h (hours)."/


I've tried, but without specifying unit time it means implicitly hours. 
In our case 300 hours :-)


Catalin Bucur

Re: Warning about non-existent MX for destination domain

[Catalin Bucur]

On 10/03/2020 19:49, Dominic Raferd wrote:

My responses seem like OP's:
# host -t mx imake.ro <http://imake.ro> 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:

Host imake.ro <http://imake.ro> not found: 2(SERVFAIL)
# host -t mx sometotallyINVENTEDdomainTHATdoesNOTexist.com 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:

Host sometotallyINVENTEDdomainTHATdoesNOTexist.com not found: 3(NXDOMAIN)

I read this as: imake.ro <http://imake.ro> exists but is not configured.


Right. And for this type of domains (bad configured) I want that postfix 
warn me as soon as possbile, not after a few days.


Catalin Bucur

Re: Warning about non-existent MX for destination domain

[Catalin Bucur]

On 10/03/2020 19:33, Jaroslaw Rafa wrote:
If you get reply 2(SERVFAIL) it means DNS server for the domain failed 
and

did not return any usable reply, so we actually don't know if the domain
exists or not. In that case Postfix SHOULD keep trying to deliver mail
(maybe the DNS server for the domain will resume working?) until max queue
time is exceeded.


You're right, but it should be nice if sender would receive an warning 
about that, as soon as possible. And that happened ONLY after I modified 
/delay_warning_time/ parameter to a couple of minutes.



A reply actually confirming that the domain does not exist would be
3(NXDOMAIN). In that case Postfix should return mail immediately.


Catalin Bucur

Re: Warning about non-existent MX for destination domain

[Catalin Bucur]

On 10/03/2020 19:26, Wietse Venema wrote:

SERVFAIL (for a domain without MX record) means that something is
broken. If the fault is not with your local resolver, then you need
make sure that you point your resolver at a proper implementation.
I have seen nonsense results from cheap routers that expect queries
from web clients that never ask for MX.

What is the domain name? I gave an example of what the expected
response looks like.

Wietse

Let's say for example imake.ro
This domain it's configured wrong, but it's not managed by me. Which 
resolver should I use for a non-SERVFAIL error?


Google dns says:
# host -t mx imake.ro 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:
Host imake.ro not found: 2(SERVFAIL)

Catalin Bucur

Re: Warning about non-existent MX for destination domain

[Catalin Bucur]

On 10/03/2020 17:55, Wietse Venema wrote:

THAT is a DNS resolver issue. If a domain has no MX record the
resolver should say sa IMMEDIATELY, instead of forever returning
NO RESPONSE.

Again, with proper resolver will IMMEDIATELY reply that the MX
record does not exist, allowing Postfix to proceed IMMEDIATELY.

With your broken resolver, Postfix gets NO RESPONSE, and therefore
it MUST NOT proceed.

Wietse


You mean that I should modify standard configuration for my dns server 
(resolver) to force reply that MX record does not exist, instead of 
"Host doman.com not found: 2(SERVFAIL)" ? I don't really know that my 
actual nameserver configuration it's a "broken" configuration, I belive 
that it's somehow a "standard" configuration.

And what if server's resolver isn't managed by me? Let's say:

# cat /etc/resolv.conf
nameserver 8.8.8.8

Catalin Bucur

Re: Warning about non-existent MX for destination domain

[Catalin Bucur]

On 10/03/2020 17:57, Gerald Galster wrote:
In case there is no MX record the mail is delivered to the domain's ip 
(a/ record).
It's up to the domain's administrator to set a NULL MX to prevent 
that, but it's quite new:

https://tools.ietf.org/html/rfc7505

What postfix can do:

delay_warning_time (default: 0h)
       The time after which the sender receives a copy of the message 
headers of mail that is still queued


bounce_queue_lifetime = 4h
maximal_queue_lifetime = 1d
...

man 5 postconf

Best regards
Gerald


Gerald and Bill, you have both of you right, /delay_warning_time/ it's 
the parameter I was looking for.
Anyway, after setting up delay_warning_time=5m I noticed some warnings 
in logs:


Mar 10 17:52:02 mail postfix/bounce[7326]: warning: [built-in]: zero 
result in delay template conversion of parameter "delay_warning_time_hours"
Mar 10 17:52:02 mail postfix/bounce[7326]: warning: please reduce time 
unit "hours" of "delay_warning_time_hours" in delay template
Mar 10 17:52:02 mail postfix/bounce[7326]: warning: for instructions see 
the bounce(5) manual


Thank you for your help.

Best regards,

Catalin Bucur

Re: Warning about non-existent MX for destination domain

[Catalin Bucur]

On 10/03/2020 17:16, Wietse Venema wrote:

This is a problem with your DNS resolver WHICH IS NOT PART OF
POSTFIX. You need to use a better DNS resolver.

With a properly functioning resolver:

$ host -t mxwww.postfix.org
www.postfix.org  has no MX record

Wietse


You didn't understood my issue, you didn't read enough from my message 
or I didn't was clear enough.

It's not a MY dns issue, in fact it's not a really dns issue. Again:
 1. I want to send mail to someb...@domain.com
 2. From mistake, I send message to someb...@doman.com (note a missing 'i')
 3. doman.com exists, BUT it doesn't have MX record defined
 4. my message stays in queue until /maximal_queue_lifetime/ expires 
and postfix try to resend it
 5. I DON'T receive any warning about that error until 
/maximal_queue_lifetime/ expires (implicitly 5 days), and THIS is the 
real problem, I don't know that my message didn't arrive at destination 
because I've accidentally missed a letter from destination domain name.


Regards,

Catalin Bucur

Warning about non-existent MX for destination domain

[Catalin Bucur]

Hello,

I have a question about how Postfix generate warning messages about 
non-existent domains, non-existent MX domain names or for timeout 
connecting to a destination mail server. In fact, my real problem is 
that postfix does not warn me about nothing when I incorrectly write the 
domain name for an email address AND by chance that domain exists but 
does not have configured MX record on its DNS.


For example for a non-existent domain I receive almost instantly the 
message /"t...@asdasdasd.ro : Host or domain 
name not found. Name service error for name=asdasdasd.ro type=A: Host 
not found"/
For an existing domain but without MX, I receive the error /"Host or 
domain name not found. Name service error for name=onedomain.com 
type=MX: Host not found, try again)"/, but AFTER 
/maximal_queue_lifetime/, which is very annoying. In this case the 
sender finds out only after 5 days about the real problem.


Is there any way to modify postfix configuration to inform the sender 
about such a problem instantly and to retry to send message until 
/maximal_queue_lifetime/ expires?


Thank you for your time.

Best regards,
Catalin