Re: DNS lookups not working?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Charles Marcus wrote: On 2/10/2009, David Cottle (webmas...@aus-city.com) wrote: Feb 10 09:38:30 server postfix/smtpd[21977]: NOQUEUE: reject: RCPT from unknown[72.4.168.106]: 554 5.7.1 Service unavailable; Are you usin the free zen service? If so, are you exceeding the limits they place on free usage? Hi Charles, Yes I am but I am not exceeding the usage. Here are some from other servers: Feb 10 11:38:40 server postfix/smtpd[32014]: connect from unknown[61.90.76.4] Feb 10 11:38:41 server postfix/smtpd[32014]: NOQUEUE: reject: RCPT from unknown[61.90.76.4]: 554 5.7.1 Service unavailable; Client host [61.90.76.4] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=61.90.76.4; from=dcra...@mcs.k12.nc.us to=enquir...@japaneseswordsmanship.com.au proto=ESMTP helo=ppp-61-90-76-4.revip.asianet.co.th Feb 10 22:38:42 server spamd[3422]: spamd: got connection over /tmp/spamd_full.sock Feb 10 11:38:42 server postfix/smtpd[32014]: lost connection after DATA (0 bytes) from unknown[61.90.76.4] Feb 10 11:38:42 server postfix/smtpd[32014]: disconnect from unknown[61.90.76.4] Feb 10 22:38:42 server spamd[28616]: prefork: child states: II Feb 10 11:38:47 server postfix/smtpd[32013]: connect from unknown[86.55.226.169] Feb 10 22:38:49 server imapd: Connection, ip=[127.0.0.1] Feb 10 22:38:49 server imapd: IMAP connect from @ [127.0.0.1]INFO: LOGIN, user=webmas...@aus-city.com, ip=[127.0.0.1], protocol=IMAP Feb 10 11:38:49 server postfix/smtpd[32013]: NOQUEUE: reject: RCPT from unknown[86.55.226.169]: 554 5.7.1 Service unavailable; Client host [86.55.226.169] blocked using bl.spamcop.net; Blocked - see http://www.spamcop.net/bl.shtml?86.55.226.169; from=theophil...@barbarascanlon.com to=boun...@aus-city.com proto=ESMTP helo=localhost Feb 10 11:30:14 server postfix/smtpd[31747]: NOQUEUE: reject: RCPT from unknown[94.181.24.220]: 554 5.7.1 Service unavailable; Client host [94.181.24.220] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=94.181.24.220; from=chayde...@amd.com to=dcot...@idb.com.au proto=ESMTP helo=xwzrqvvna Feb 10 11:30:14 server postfix/smtpd[31747]: NOQUEUE: reject: RCPT from unknown[94.181.24.220]: 554 5.7.1 Service unavailable; Client host [94.181.24.220] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=94.181.24.220; from=chayde...@amd.com to=jcoxh...@idb.com.au proto=ESMTP helo=xwzrqvvna Feb 10 11:30:15 server postfix/smtpd[31747]: lost connection after DATA (0 bytes) from unknown[94.181.24.220] Feb 10 11:30:15 server postfix/smtpd[31747]: disconnect from unknown[94.181.24.220] Feb 10 11:30:18 server postfix/smtpd[31747]: connect from unknown[88.239.131.191] Feb 10 11:30:21 server postfix/smtpd[31747]: NOQUEUE: reject: RCPT from unknown[88.239.131.191]: 554 5.7.1 Service unavailable; Client host [88.239.131.191] blocked using bl.spamcop.net; Blocked - see http://www.spamcop.net/bl.shtml?88.239.131.191; from=comp...@dti.com to=comp...@aus-city.com proto=SMTP helo=viessman Feb 10 11:30:22 server postfix/smtpd[31747]: disconnect from unknown[88.239.131.191] Feb 10 22:30:28 server imapd: Connection, ip=[127.0.0.1] Thanks! -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEUEARECAAYFAkmRaHcACgkQi1lOcz5YUMgZRACXU33RVYGSn0JUiIvz8xRxckKq QgCZAUbaiOL8gA9dWP0Ko8QaVBFc7PU= =5s1C -END PGP SIGNATURE- begin:vcard fn:David Cottle n:Cottle;David email;internet:webmas...@aus-city.com title:Webmaster version:2.1 end:vcard
Re: DNS lookups not working?
David Cottle: [ Charset ISO-8859-1 unsupported, converting... ] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, I see this a lot in my mail.log (unknown): Feb 10 20:38:28 server postfix/smtpd[21977]: connect from unknown[72.4.168.106] Feb 10 09:38:30 server postfix/smtpd[21977]: NOQUEUE: reject: RCPT from unknown[72.4.168.106]: 554 5.7.1 Service unavailable; Client host Try: http://www.postfix.org/DEBUG_README.html#no_chroot. If it works, send a complaint to your vendor. I, the Postfix author, do not recommend that chroot is turned on except by experts. Wietse Try turning off chroot operation in master.cf = A common mistake is to turn on chroot operation in the master.cf file without going through all the necessary steps to set up a chroot environment. This causes Postfix daemon processes to fail due to all kinds of missing files. The example below shows an SMTP server that is configured with chroot turned off: /etc/postfix/master.cf: # = # service type private unpriv chroot wakeup maxproc command # (yes) (yes) (yes) (never) (100) # = smtp inet n - n - - smtpd Inspect master.cf for any processes that have chroot operation not turned off. If you find any, save a copy of the master.cf file, and edit the entries in question. After executing the command postfix reload, see if the problem has gone away. If turning off chrooted operation made the problem go away, then congratulations. Leaving Postfix running in this way is adequate for most sites. If you prefer chrooted operation, see the Postfix BASIC_CONFIGURATION_README file for information about how to prepare Postfix for chrooted operation.
Re: DNS lookups not working?
On Tue, Feb 10, 2009 at 7:44 PM, Wietse Venema wie...@porcupine.org wrote: David Cottle: [ Charset ISO-8859-1 unsupported, converting... ] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, I see this a lot in my mail.log (unknown): Feb 10 20:38:28 server postfix/smtpd[21977]: connect from unknown[72.4.168.106] Feb 10 09:38:30 server postfix/smtpd[21977]: NOQUEUE: reject: RCPT from unknown[72.4.168.106]: 554 5.7.1 Service unavailable; Client host Try: http://www.postfix.org/DEBUG_README.html#no_chroot. If it works, send a complaint to your vendor. I, the Postfix author, do not recommend that chroot is turned on except by experts. Wietse Try turning off chroot operation in master.cf = A common mistake is to turn on chroot operation in the master.cf file without going through all the necessary steps to set up a chroot environment. This causes Postfix daemon processes to fail due to all kinds of missing files. The example below shows an SMTP server that is configured with chroot turned off: /etc/postfix/master.cf: # = # service type private unpriv chroot wakeup maxproc command # (yes) (yes) (yes) (never) (100) # = smtp inet n - n - - smtpd Inspect master.cf for any processes that have chroot operation not turned off. If you find any, save a copy of the master.cf file, and edit the entries in question. After executing the command postfix reload, see if the problem has gone away. If turning off chrooted operation made the problem go away, then congratulations. Leaving Postfix running in this way is adequate for most sites. If you prefer chrooted operation, see the Postfix BASIC_CONFIGURATION_README file for information about how to prepare Postfix for chrooted operation. I have this same problem that I was not able to solve for almost a week now. I posted too on various mailing lists including this (mail from gmail and yahoo are blocked), some suggested to install a caching nameserver but obviously in your case it doesn't work too. Replaced OpenDNS with other DNS server to no avail, still the same result. If rbl is enabled all incoming emails were blocked so I have no recourse but to turn it off, caveat is I've got lots of SPAM. Also I don't have Postfix in chroot environment. Here's my log: Feb 10 21:34:46 kartero postfix/smtpd[14176]: NOQUEUE: reject: RCPT from wf-out-1314.google.com[209.85.200.172]: 554 5.7.1 Service unavailable; Client host [209.85.200.172] blocked using bl.spamcop.net; from=ipcopper...@gmail.com to=jan.ges...@ddb.com.ph proto=ESMTP helo=wf-out-1314.google.com
Re: DNS lookups not working?
On Tue, 10 Feb 2009 21:50:26 +0800 jan gestre ipcopper...@gmail.com wrote: [snip] I have this same problem that I was not able to solve for almost a week now. I posted too on various mailing lists including this (mail from gmail and yahoo are blocked), some suggested to install a caching nameserver but obviously in your case it doesn't work too. Replaced OpenDNS with other DNS server to no avail, still the same result. If rbl is enabled all incoming emails were blocked so I have no recourse but to turn it off, caveat is I've got lots of SPAM. Also I don't have Postfix in chroot environment. Here's my log: Feb 10 21:34:46 kartero postfix/smtpd[14176]: NOQUEUE: reject: RCPT from wf-out-1314.google.com[209.85.200.172]: 554 5.7.1 Service unavailable; Client host [209.85.200.172] blocked using bl.spamcop.net; from=ipcopper...@gmail.com to=jan.ges...@ddb.com.ph proto=ESMTP helo=wf-out-1314.google.com It's working exactly as you configured it. If you want that mail, remove bl.spamcop.net from your checks...
Re: DNS lookups not working?
jan gestre: On Tue, Feb 10, 2009 at 7:44 PM, Wietse Venema wie...@porcupine.org wrote: David Cottle: [ Charset ISO-8859-1 unsupported, converting... ] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, I see this a lot in my mail.log (unknown): Feb 10 20:38:28 server postfix/smtpd[21977]: connect from unknown[72.4.168.106] Feb 10 09:38:30 server postfix/smtpd[21977]: NOQUEUE: reject: RCPT from unknown[72.4.168.106]: 554 5.7.1 Service unavailable; Client host Try: http://www.postfix.org/DEBUG_README.html#no_chroot. If it works, send a complaint to your vendor. I, the Postfix author, do not recommend that chroot is turned on except by experts. Wietse Try turning off chroot operation in master.cf = A common mistake is to turn on chroot operation in the master.cf file without going through all the necessary steps to set up a chroot environment. This causes Postfix daemon processes to fail due to all kinds of missing files. The example below shows an SMTP server that is configured with chroot turned off: /etc/postfix/master.cf: # = # service type private unpriv chroot wakeup maxproc command # (yes) (yes) (yes) (never) (100) # = smtp inet n - n - - smtpd Inspect master.cf for any processes that have chroot operation not turned off. If you find any, save a copy of the master.cf file, and edit the entries in question. After executing the command postfix reload, see if the problem has gone away. If turning off chrooted operation made the problem go away, then congratulations. Leaving Postfix running in this way is adequate for most sites. If you prefer chrooted operation, see the Postfix BASIC_CONFIGURATION_README file for information about how to prepare Postfix for chrooted operation. I have this same problem that I was not able to solve for almost a week now. I posted too on various mailing lists including this (mail from gmail and yahoo are blocked), some suggested to install a caching nameserver but obviously in your case it doesn't work too. Replaced OpenDNS with other DNS server to no avail, still the same result. If rbl is enabled all incoming emails were blocked so I have no recourse but to turn it off, caveat is I've got lots of SPAM. Also I don't have Postfix in chroot environment. Here's my log: Feb 10 21:34:46 kartero postfix/smtpd[14176]: NOQUEUE: reject: RCPT from wf-out-1314.google.com[209.85.200.172]: 554 5.7.1 Service unavailable; Client host [209.85.200.172] blocked using bl.spamcop.net; from=ipcopper...@gmail.com to=jan.ges...@ddb.com.ph proto=ESMTP helo=wf-out-1314.google.com This thread is about CLIENT names logged as UNKNOWN, You are having a problem with a DNS server that produces bogus replies for non-existent hostnames. You can twiddle with Postfix configurations until the cows come home. It will not make an iota of difference. Wietse
Re: DNS lookups not working?
On Tue, Feb 10, 2009 at 09:50:26PM +0800, jan gestre wrote: On Tue, Feb 10, 2009 at 7:44 PM, Wietse Venema wie...@porcupine.org wrote: David Cottle: [ Charset ISO-8859-1 unsupported, converting... ] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, I see this a lot in my mail.log (unknown): Feb 10 20:38:28 server postfix/smtpd[21977]: connect from unknown[72.4.168.106] Feb 10 09:38:30 server postfix/smtpd[21977]: NOQUEUE: reject: RCPT from unknown[72.4.168.106]: 554 5.7.1 Service unavailable; Client host Try: http://www.postfix.org/DEBUG_README.html#no_chroot. If it works, send a complaint to your vendor. I, the Postfix author, do not recommend that chroot is turned on except by experts. Wietse Try turning off chroot operation in master.cf = A common mistake is to turn on chroot operation in the master.cf file without going through all the necessary steps to set up a chroot environment. This causes Postfix daemon processes to fail due to all kinds of missing files. The example below shows an SMTP server that is configured with chroot turned off: /etc/postfix/master.cf: # = # service type private unpriv chroot wakeup maxproc command # (yes) (yes) (yes) (never) (100) # = smtp inet n - n - - smtpd Inspect master.cf for any processes that have chroot operation not turned off. If you find any, save a copy of the master.cf file, and edit the entries in question. After executing the command postfix reload, see if the problem has gone away. If turning off chrooted operation made the problem go away, then congratulations. Leaving Postfix running in this way is adequate for most sites. If you prefer chrooted operation, see the Postfix BASIC_CONFIGURATION_README file for information about how to prepare Postfix for chrooted operation. I have this same problem that I was not able to solve for almost a week now. I posted too on various mailing lists including this (mail from gmail and yahoo are blocked), some suggested to install a caching nameserver but obviously in your case it doesn't work too. Replaced OpenDNS with other DNS server to no avail, still the same result. If rbl is enabled all incoming emails were blocked so I have no recourse but to turn it off, caveat is I've got lots of SPAM. Also I don't have Postfix in chroot environment. Here's my log: Feb 10 21:34:46 kartero postfix/smtpd[14176]: NOQUEUE: reject: RCPT from wf-out-1314.google.com[209.85.200.172]: 554 5.7.1 Service unavailable; Client host [209.85.200.172] blocked using bl.spamcop.net; from=ipcopper...@gmail.com to=jan.ges...@ddb.com.ph proto=ESMTP helo=wf-out-1314.google.com You may want to use something like policyd-weight to moderate the effects of a single RBL. It can be configured to require several RBL's or message characteristics to be valid before the message is rejected. It also allows you to adjust the reject threshold to minimize false-positive responses. Cheers, Ken
Re: DNS lookups not working?
On Tue, Feb 10, 2009 at 9:58 PM, Wietse Venema wie...@porcupine.org wrote: jan gestre: On Tue, Feb 10, 2009 at 7:44 PM, Wietse Venema wie...@porcupine.org wrote: David Cottle: [ Charset ISO-8859-1 unsupported, converting... ] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, I see this a lot in my mail.log (unknown): Feb 10 20:38:28 server postfix/smtpd[21977]: connect from unknown[72.4.168.106] Feb 10 09:38:30 server postfix/smtpd[21977]: NOQUEUE: reject: RCPT from unknown[72.4.168.106]: 554 5.7.1 Service unavailable; Client host Try: http://www.postfix.org/DEBUG_README.html#no_chroot. If it works, send a complaint to your vendor. I, the Postfix author, do not recommend that chroot is turned on except by experts. Wietse Try turning off chroot operation in master.cf = A common mistake is to turn on chroot operation in the master.cf file without going through all the necessary steps to set up a chroot environment. This causes Postfix daemon processes to fail due to all kinds of missing files. The example below shows an SMTP server that is configured with chroot turned off: /etc/postfix/master.cf: # = # service type private unpriv chroot wakeup maxproc command # (yes) (yes) (yes) (never) (100) # = smtp inet n - n - - smtpd Inspect master.cf for any processes that have chroot operation not turned off. If you find any, save a copy of the master.cf file, and edit the entries in question. After executing the command postfix reload, see if the problem has gone away. If turning off chrooted operation made the problem go away, then congratulations. Leaving Postfix running in this way is adequate for most sites. If you prefer chrooted operation, see the Postfix BASIC_CONFIGURATION_README file for information about how to prepare Postfix for chrooted operation. I have this same problem that I was not able to solve for almost a week now. I posted too on various mailing lists including this (mail from gmail and yahoo are blocked), some suggested to install a caching nameserver but obviously in your case it doesn't work too. Replaced OpenDNS with other DNS server to no avail, still the same result. If rbl is enabled all incoming emails were blocked so I have no recourse but to turn it off, caveat is I've got lots of SPAM. Also I don't have Postfix in chroot environment. Here's my log: Feb 10 21:34:46 kartero postfix/smtpd[14176]: NOQUEUE: reject: RCPT from wf-out-1314.google.com[209.85.200.172]: 554 5.7.1 Service unavailable; Client host [209.85.200.172] blocked using bl.spamcop.net; from=ipcopper...@gmail.com to=jan.ges...@ddb.com.ph proto=ESMTP helo=wf-out-1314.google.com This thread is about CLIENT names logged as UNKNOWN, You are having a problem with a DNS server that produces bogus replies for non-existent hostnames. You can twiddle with Postfix configurations until the cows come home. It will not make an iota of difference. Wietse I apologize for that, I thought it's the same.
hijacked NXDOMAIN (Re: DNS lookups not working?)
jan gestre a écrit : [snip] I have this same problem that I was not able to solve for almost a week now. I posted too on various mailing lists including this (mail from gmail and yahoo are blocked), some suggested to install a caching nameserver but obviously in your case it doesn't work too. Replaced OpenDNS with other DNS server to no avail, still the same result. you can easily check your DNS service with host 1.0.0.127.google.com if this returns a result, then your DNS provider is lying to you and there is nothing we can do for you. if installing BIND on your postfix machine, without using any forwarder, doesn't fix the problem, then your ISP is redirecting your DNS traffic, and the only thing you can do is complain to your ISP or switch. if all you do is forward to another lying provider, that won't fix your problem. a workaround is reject_rbl_client bl.spamcop.net=127.0.0.2 you can do this for other DNSBLs, but you'll need to include every possible return code. but this is just a workaround. BTW, everybody is encouraged to use dnswl.org before DNSBL calls. see www.dnswl.org for details. [snip] Feb 10 21:34:46 kartero postfix/smtpd[14176]: NOQUEUE: reject: RCPT from wf-out-1314.google.com[209.85.200.172]: 554 5.7.1 Service unavailable; Client host [209.85.200.172] blocked using bl.spamcop.net; from=ipcopper...@gmail.com to=jan.ges...@ddb.com.ph proto=ESMTP helo=wf-out-1314.google.com