Re: warning: hostname does not resolve to address
> On Oct 2, 2019, at 6:34 PM, Christian Göttsche wrote: > > Hi, > I am getting several warning a day of the form > >postfix/smtpd[6969]: warning: hostname domain does not resolve to address > ip >postfix/smtpd[10614]: warning: hostname domain does not resolve to > address ip: Name or service not known > > My question is, why are these logged with syslog priority warning/4? Ewhn I asked almost this exact question in August, I got the following from Wietse: @lbutlr: > Are logs like the following really worthy of a warning log level? Yes, because they can result in an irreversible action: if Postfix replies with 5XX then the client will not retry the delivery attempt. -- NOTHING IS FINAL. NOTHING IS ABSOLUTE. EXCEPT ME, OF COURSE. SUCH TINKERING WITH DESTINY COULD MEAN THE DOWNFALL OF THE WORLD. THERE MUST BE A CHANCE, HOWEVER SMALL. THE LAWYERS OF FATE DEMAND A LOOPHOLE IN EVERY PROPHECY. —Sourcery
warning: hostname does not resolve to address
Hi, I am getting several warning a day of the form postfix/smtpd[6969]: warning: hostname domain does not resolve to address ip postfix/smtpd[10614]: warning: hostname domain does not resolve to address ip: Name or service not known My question is, why are these logged with syslog priority warning/4? Deriving from http://postfix.1071664.n5.nabble.com/Warning-host-name-does-not-resolve-tp84988p84989.html they are mostly for explaining the hostname string unknown in the logs. So from my view they have no importance by themselves. I mainly ask because it clutters loganalysis, e.g. journalctl -p4. Regards, Christian Göttsche
Re: smtpd: warning: hostname does not resolve to address Name or service not known
On 2015-04-18 15:08, Krzs wrote: postfix/smtpd[23438]: xsasl_dovecot_server_connect: Connecting Apr 18 15:05:25 www postfix/smtpd[23438]: warning: SASL: Connect to private/auth failed: Connection refused Apr 18 15:05:25 www postfix/smtpd[23438]: fatal: no SASL authentication mechanisms Apr 18 15:05:26 www postfix/master[26805]: warning: process /usr/lib/postfix/smtpd pid 23438 exit status 1 Apr 18 15:05:26 www postfix/master[26805]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling you seem to have a local problem with your auth daemon that postfix tries to connect to. is dovecot running and an auth socket exists at $queue_directory/private/auth? while i connect through thunderbird. My mail system was working i don't understand what happened all of a sudden , Regards Gab -c
Re: smtpd: warning: hostname does not resolve to address Name or service not known
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 18/04/2015 16:43, Christian Kivalo wrote:
you seem to have a local problem with your auth daemon that
postfix tries to connect to. is dovecot running and an auth socket
exists at $queue_directory/private/auth?
Dovecot is up and running:
tcp0 0 0.0.0.0:110 0.0.0.0:*
LISTEN 658/dovecot tcp0 0 0.0.0.0:143
0.0.0.0:* LISTEN 658/dovecot tcp0 0
0.0.0.0:41900.0.0.0:* LISTEN
658/dovecot tcp0 0 0.0.0.0:993 0.0.0.0:*
LISTEN 658/dovecot tcp0 0 0.0.0.0:995
0.0.0.0:* LISTEN 658/dovecot
and file /etc/dovecot/conf.d/10-master.conf has proper:
# Postfix smtp-auth unix_listener /var/spool/postfix/private/auth
{ mode = 0660 user = postfix group = postfix }
As also documented in
https://workaround.org/ispmail/wheezy/setting-up-dovecot
Regards
Gab
- --
Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9
-BEGIN PGP SIGNATURE-
iQIcBAEBCgAGBQJVMnGYAAoJEKKN4t1MR6TZJV4P/2BN94/zqlvezp0aauIi9Jb3
neUyAXQo3hTwIJFpWwGY9eRaXMN9tplhT3D1MsmWx/Xwl4JWeNlyaVSNZknyIc2Q
UiEDid4PjiaT4bh1hMhQbPKcdf9NrHgPuD1i0TdNkJ7Cbf7Pt6bBMuuz14+bUxU2
3a7wudjPoWowl549nPblkxeET1oVE91Nb4OxdPyQ59YYkapaTm9f0rn+fsB+Wlnr
r5YiGeZSqU65oETuNM2YbuyKhXvRRI5GbBkJ2uzbON8X7BdkWe7aIoLUJ+XCfgZw
6FLVV6Q2s+41/954NlNfr3wr+BDkPjxq8gWFkYxTw6h93Bq3b9e3mq7g5Dkkxcys
tYZl01G6f3e5DlqYCuDKFCAnY6P86Q9oWug9oJngqTwVOACeGRi88cYWpTF74Cux
/whoZIWvmBlxtmtYngN54ZtA41CpCQ+tGCrxKCrhBQ+LmMLnT/Bw3/QN3NBgzrUS
kGg/qMYcq/SzuEcZAY8cNbeMifnge7fyy+LmmAQPSHnteGPONMmDIekOlCi0mOTo
M3lyNyr0c7XsGEetCwuv+IKWFC1RicbuANNLMpuLshI5q23y/ryefC5E+bwy5cYF
U1G6HmBOQjDaFFq38DpVesP6+yT6I8a8a2dpCUFy6vcror72d2nSi3jDOUPIbZXL
A5ghLxjjJPQamO3gBSC2
=NPjm
-END PGP SIGNATURE-
Re: smtpd: warning: hostname does not resolve to address Name or service not known
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I did set an A record for my MX domain name smtp.frozenstar.info. 3600IN A 88.198.107.18 SMTPD does starttls 220 2.0.0 Ready to start TLS but i noticed this SSL error in logs: warning: TLS library problem: 1958:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:649: These are debug logs (hope you accept them): Apr 18 15:05:23 www postfix/smtpd[23438]: unknown[199.58.81.144]: 250-smtp.frozenstar.info Apr 18 15:05:23 www postfix/smtpd[23438]: unknown[199.58.81.144]: 250-PIPELINING Apr 18 15:05:23 www postfix/smtpd[23438]: unknown[199.58.81.144]: 250-SIZE 1024 Apr 18 15:05:23 www postfix/smtpd[23438]: unknown[199.58.81.144]: 250-ETRN Apr 18 15:05:23 www postfix/smtpd[23438]: unknown[199.58.81.144]: 250-STARTTLS Apr 18 15:05:23 www postfix/smtpd[23438]: unknown[199.58.81.144]: 250-ENHANCEDSTATUSCODES Apr 18 15:05:23 www postfix/smtpd[23438]: unknown[199.58.81.144]: 250-8BITMIME Apr 18 15:05:23 www postfix/smtpd[23438]: unknown[199.58.81.144]: 250 DSN Apr 18 15:05:23 www postfix/smtpd[23438]: unknown[199.58.81.144]: STARTTLS Apr 18 15:05:23 www postfix/smtpd[23438]: unknown[199.58.81.144]: 220 2.0.0 Ready to start TLS Apr 18 15:05:23 www postfix/smtpd[23438]: send attr request = seed Apr 18 15:05:23 www postfix/smtpd[23438]: send attr size = 32 Apr 18 15:05:23 www postfix/smtpd[23438]: private/tlsmgr: wanted attribute: status Apr 18 15:05:23 www postfix/smtpd[23438]: input attribute name: status Apr 18 15:05:23 www postfix/smtpd[23438]: input attribute value: 0 Apr 18 15:05:23 www postfix/smtpd[23438]: private/tlsmgr: wanted attribute: seed Apr 18 15:05:23 www postfix/smtpd[23438]: input attribute name: seed Apr 18 15:05:23 www postfix/smtpd[23438]: input attribute value: +pxhGKo7ErHn9aDMYfY+PQaKkQcNeC1y/DhpAgqXUiY= Apr 18 15:05:23 www postfix/smtpd[23438]: private/tlsmgr: wanted attribute: (list terminator) Apr 18 15:05:23 www postfix/smtpd[23438]: input attribute name: (end) Apr 18 15:05:25 www postfix/smtpd[23438]: Anonymous TLS connection established from unknown[199.58.81.144]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) Apr 18 15:05:25 www postfix/smtpd[23438]: xsasl_dovecot_server_create: SASL service=smtp, realm=frozenstar.info Apr 18 15:05:25 www postfix/smtpd[23438]: name_mask: noanonymous Apr 18 15:05:25 www postfix/smtpd[23438]: xsasl_dovecot_server_connect: Connecting Apr 18 15:05:25 www postfix/smtpd[23438]: warning: SASL: Connect to private/auth failed: Connection refused Apr 18 15:05:25 www postfix/smtpd[23438]: fatal: no SASL authentication mechanisms Apr 18 15:05:26 www postfix/master[26805]: warning: process /usr/lib/postfix/smtpd pid 23438 exit status 1 Apr 18 15:05:26 www postfix/master[26805]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling while i connect through thunderbird. My mail system was working i don't understand what happened all of a sudden , Regards Gab On 18/04/2015 12:19, Danny Horne wrote: On 17/04/2015 1:02 pm, Krzs wrote: :~$ telnet smtp.myFQDN 25 Trying 1.2.3.4 ... Connected to myFQDN. Escape character is '^]'. 220 smtp.myFQDN ESMTP Postfix ehlo smtp.myFQDN 250-smtp.myFQDN 250-PIPELINING 250-SIZE 1024 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from: admin@myFQDN 250 2.1.0 Ok auth plain gibberishtextinbase64encodedvalueoftheusernameadminandpassword 503 5.5.1 Error: authentication not enabled Connection closed by foreign host. I'm no expert, but it seems to me that you're trying to authenticate before setting up a TLS connection - -- Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9 -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJVMldEAAoJEKKN4t1MR6TZHJIP/Amc26ozXajfjUo4EcHnMmff CHzHd8OXsBxASr6M0aYuYVBMCYE3e78+lQQ+VOFZLaAnM3maNp27JHQfEW7iP8Np mAApduaY640RaI3743hLRzlviLuca1CWG+scdsqLkn3rMNTPMElovzSf0gUflfwE mcpxkI4nzliuFYxo9dzNmv8Ymfp5OhhBua8ZFLDRAUITPObol+PcJWgkeYCa+avI 8H/evv5NwT+eYx1evN3dF+C1RUHby9QpEYQMUAEtdqLNbZB/RsNkRiwfEW3RezGK TpjJgmI+2osU0dbG2Q6lCz1KiCztuzsNOV2bUd5IrlKreqfGEXXkp11mVdHsxyqW xSTPNqBaysBWOdPhduSOZwovwlGTHzsU2iAQt/c7FgR2xXpI/uMvu2lPBvEXWsSI btdi+J3eD8GLPuFw6LR4eke8qWxINCDCvq6op8Iu5IyX3aUa+YFkbMxsBbrDu0WM RsWjqcIF4mcMGMidMLcw0sHkLPK7IrLGe55lZgv4mC3ZlXJKmjPuh0t3/WvesHz4 242qtWtz3rWRiG+yG3Me87GtFbQQ9y7sqZT6cFtQTw1cav/eMFKHbgfW7laj7g8J W0rkcCpuva9CIr5NQIvqV+gUsiC5MoNhd9ewEH/eHZkLiSa4LcLDs+2WmS/cFk5w Zln2x1cEa8IxQyuD/sds =mOGK -END PGP SIGNATURE-
Re: smtpd: warning: hostname does not resolve to address Name or service not known
On 18/04/2015 2:08 pm, Krzs wrote: SMTPD does starttls 220 2.0.0 Ready to start TLS 'Ready to start TLS' isn't the same as a running TLS connection, you've shown no evidence of the key negotiation (if that's what it's called) required to create the encrypted connection, and I don't believe you can do this from a telnet session anyway. This site helped me understand the process - https://qmail.jms1.net/test-auth.shtml signature.asc Description: OpenPGP digital signature
Re: smtpd: warning: hostname does not resolve to address Name or service not known
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 That's while i use openssl: :~$ openssl s_client -starttls smtp -crlf -connect 88.198.107.18:25 CONNECTED(0003) depth=0 C = DE, ST = Berlin, L = Berlin, O = Frozenstar Communications, OU = SMTP, CN = smtp.frozenstar.info, emailAddress = admin[at]frozenstar.info verify error:num=18:self signed certificate verify return:1 depth=0 C = DE, ST = Berlin, L = Berlin, O = Frozenstar Communications, OU = SMTP, CN = smtp.frozenstar.info, emailAddress = admin[at]frozenstar.info verify return:1 --- Certificate chain 0 s:/C=DE/ST=Berlin/L=Berlin/O=Frozenstar Communications/OU=SMTP/CN=smtp.frozenstar.info/emailAddress=admin[at]f rozenstar.info i:/C=DE/ST=Berlin/L=Berlin/O=Frozenstar Communications/OU=SMTP/CN=smtp.frozenstar.info/emailAddress=admin[at]fro zenstar.info --- Server certificate -BEGIN CERTIFICATE- MIIGIzCCBAugAwIBAgIJAPV+AisgHuWIMA0GCSqGSIb3DQEBBQUAMIGnMQswCQYD VQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYDVQQHDAZCZXJsaW4xIjAgBgNV WjCBpzELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVy bGluMSIwIAYDVQQKDBlGcm96ZW5zdGFyIENvbW11bmljYXRpb25zMQ0wCwYDVQQL DARTTVRQMR0wGwYDVQQDDBRzbXRwLmZyb3plbnN0YXIuaW5mbzEkMCIGCSqGSIb3 DQEJARYVYWRtaW5AZnJvemVuc3Rhci5pbmZvMIICIjANBgkqhkiG9w0BAQEFAAOC 5arrfxBqFmGC7oaKftdlek5d+7VHwN9/CBkMXncPLKGm/x6x/zWMOrXXeCOoqBl+ 73yH0exuNAeTRKR6L/PAf4peIZVxCrlc2c9defUOhUeiMqHIVkXWFR+4iwlSSDEF wIIeLu/3xy5vr1dPAEqvpcRH/LzvF6KFJTT7EWzdMSwWWvxHHmUoFFQbI44ionrd BLW22easVlWo2KSRCWUBR2QHCKI2E718ikoQ92saOmM2B4V2+QsD -END CERTIFICATE- subject=/C=DE/ST=Berlin/L=Berlin/O=Frozenstar Communications/OU=SMTP/CN=smtp.frozenstar.info/emailAddress=admin[at]f rozenstar.info issuer=/C=DE/ST=Berlin/L=Berlin/O=Frozenstar Communications/OU=SMTP/CN=smtp.frozenstar.info/emailAddress=admin[at]fro zenstar.info --- No client certificate CA names sent --- SSL handshake has read 2706 bytes and written 466 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 4096 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher: ECDHE-RSA-AES256-GCM-SHA384 Session-ID: DE1240991CE9AA59F9337E80106A4365343E4C76FB371E4BD9CD53B98D2A1BB0 Session-ID-ctx: Master-Key: 55B8C0826A345F5BF08D9740D35305ED2C9699A03ED2B9C9B99620745B6742FD163CAB 0E0A7D8B9A80616FECBC9D3F71 Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 3600 (seconds) TLS session ticket: - fd 8a bb 58 ce bb 59 5b-d8 34 d6 73 69 2e bb db ...X..Y[.4.si... 0010 - ab 9f f7 84 36 ef 4c f8-62 35 3f 4e 81 30 78 da 6.L.b5?N.0x. 0020 - 43 fa 3a a1 a9 29 03 c1-1e dd cf 85 91 8a b0 ac C.:..).. 0030 - 09 62 93 b7 0f b8 eb e0-cc 4f 09 6c 1a 31 73 5b .b...O.l.1s[ 0080 - ce 11 1b c0 1e 16 ae cb-5a 74 87 cd f2 74 f7 b7 Zt...t.. 0090 - 0f 23 8a b1 4a ec 52 05-9f 08 79 7d a7 b2 4c 43 .#..J.R...y}..LC Start Time: 1429367076 Timeout : 300 (sec) Verify return code: 18 (self signed certificate) --- 250 DSN This is insted by telnet: :~$ telnet smtp.frozenstar.info 25Trying 88.198.107.18... Connected to smtp.frozenstar.info. Escape character is '^]'. 220 smtp.frozenstar.info ESMTP Postfix ehlo frozenstar.info 250-smtp.frozenstar.info 250-PIPELINING 250-SIZE 1024 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN AUTH is NOT on the list and logs say: postfix/smtpd[27162]: warning: hostname riseup.net does not resolve to address 199.58.81.144: Name or service not known Apr 18 16:26:51 www postfix/smtpd[27162]: connect from unknown[199.58.81.144] Apr 18 16:26:53 www postfix/smtpd[27162]: Anonymous TLS connection established from unknown[199.58.81.144]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) Apr 18 16:26:53 www dovecot: auth-worker(27188): mysql(127.0.0.1): Connected to database mailserver Apr 18 16:26:55 www postfix/smtpd[27162]: warning: unknown[199.58.81.144]: SASL PLAIN authentication failed: Apr 18 16:27:02 www postfix/smtpd[27162]: warning: unknown[199.58.81.144]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Connection to mysql seems to work but not the authentication Regards On 18/04/2015 16:02, Danny Horne wrote: On 18/04/2015 2:08 pm, Krzs wrote: SMTPD does starttls 220 2.0.0 Ready to start TLS 'Ready to start TLS' isn't the same as a running TLS connection, you've shown no evidence of the key negotiation (if that's what it's called) required to create the encrypted connection, and I don't believe you can do this from a telnet session anyway. This site helped me understand the process - https://qmail.jms1.net/test-auth.shtml - -- Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9 -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJVMmvJAAoJEKKN4t1MR6TZrZ4P/2fecQbA5Vr71+GX/xY7TYqO twT3qXgzpcuutxcSkXRCR1c/GilZCTOsYwywvgLJN3J+Y6ArG3l/XEXki5zYsbYw
Re: smtpd: warning: hostname does not resolve to address Name or service not known
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 18/04/2015 18:36, Alex JOST wrote:
Am 18.04.2015 um 16:35 schrieb Krzs:
To me it looks as if everything is working as it should. This
might simply be a Thunderbird misconfiguration.
By thunderbird and connection security SSL/TLS i get:
www postfix/smtpd[11453]: warning: hostname anon.riseup.net does
not resolve to address 199.58.81.144: Name or service not known www
postfix/smtpd[11453]: connect from unknown[199.58.81.144] www
postfix/smtpd[11453]: lost connection after UNKNOWN from
unknown[199.58.81.144] www postfix/smtpd[11453]: disconnect from
unknown[199.58.81.144] www dovecot: auth-worker(13211):
mysql(127.0.0.1): Connected to database mailserver www dovecot:
pop3-login: Login: user=ad...@frozenstar.info, method=PLAIN,
rip=199.58.81.144, lip=88.198.107.18, mpid=13213, TLS,
session=yNqghgMUNQDHOlGQ www dovecot:
pop3(ad...@frozenstar.info): Disconnected: Logged out top=0/0,
retr=0/0, del=0/10, size=41665
There is a dns issue to me my actual postconf -n is:
alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases
append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes
config_directory = /etc/postfix delay_warning_time = 4h
disable_dns_lookups = no disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1 inet_interfaces = all
inet_protocols = all mailbox_size_limit = 0 mydestination =
localhost.localdomain, localhost mydomain = frozenstar.info
myhostname = smtp.$mydomain mynetworks = 127.0.0.1 mynetworks_style
= host myorigin = $mydomain readme_directory = no
recipient_delimiter = + relayhost = smtp_tls_cert_file =
/etc/postfix/ssl/cert.pem smtp_tls_ciphers = export
smtp_tls_key_file = /etc/postfix/ssl/key.pem
smtp_tls_note_starttls_offer = yes smtp_tls_protocols = !SSLv2
smtp_tls_security_level = may smtp_tls_session_cache_database =
btree:${data_directory}/smtp_scache smtp_use_tls = yes smtpd_banner
= $myhostname ESMTP $mail_name (DeadbyDawn) smtpd_delay_reject =
yes smtpd_helo_required = yes smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain =
$mydomain smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous smtpd_sasl_type =
dovecot smtpd_tls_ask_ccert = no smtpd_tls_auth_only = yes
smtpd_tls_ccert_verifydepth = 0 smtpd_tls_cert_file =
/etc/postfix/ssl/cert.pem smtpd_tls_key_file =
/etc/postfix/ssl/key.pem smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes smtpd_tls_security_level = may
smtpd_tls_session_cache_database =
btree:${data_directory}/smtpd_scache smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom virtual_alias_maps =
mysql:/etc/postfix/mysql-virtual-alias-maps.cf
virtual_mailbox_domains =
mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps =
mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf virtual_transport
= dovecot
By mutt which has in its own conf:
set ssl_force_tls = yes set ssl_starttls = yes
i get relay access denied and postfix logs say:
Apr 18 20:16:48 www postfix/smtpd[23597]: warning: hostname
anon.riseup.net does not resolve to address 199.58.81.144: Name or
service not known Apr 18 20:16:48 www postfix/smtpd[23597]: connect
from unknown[199.58.81.144] Apr 18 20:16:50 www
postfix/smtpd[23597]: Anonymous TLS connection established from
unknown[199.58.81.144]: TLSv1.2 with cipher DHE-RSA-AES128-SHA
(128/128 bits) Apr 18 20:16:51 www dovecot: auth-worker(23645):
mysql(127.0.0.1): Connected to database mailserver Apr 18 20:16:52
www postfix/smtpd[23597]: NOQUEUE: reject: RCPT from
unknown[199.58.81.144]: 554 5.7.1 gabriele[at]riseup.net: Relay
access denied; from=admin[at]frozenstar.info
to=gabriele[at]riseup.net proto=ESMTP
helo=xkrooked.frozenstar.tld Apr 18 20:16:52 www
postfix/smtpd[23597]: lost connection after RCPT from
unknown[199.58.81.144] Apr 18 20:16:52 www postfix/smtpd[23597]:
disconnect from unknown[199.58.81.144]
Claws mail client logs say:
[20:25:22] SMTP 220 smtp.frozenstar.info ESMTP Postfix [20:25:22]
ESMTP EHLO localhost [20:25:23] ESMTP 250-smtp.frozenstar.info
[20:25:23] ESMTP 250-PIPELINING [20:25:23] ESMTP 250-SIZE
1024 [20:25:23] ESMTP 250-ETRN [20:25:23] ESMTP 250-STARTTLS
[20:25:23] ESMTP 250-ENHANCEDSTATUSCODES [20:25:23] ESMTP
250-8BITMIME [20:25:23] ESMTP 250 DSN [20:25:23] ESMTP STARTTLS
[20:25:23] ESMTP 220 2.0.0 Ready to start TLS [20:25:27] ESMTP
EHLO localhost [20:25:27] ESMTP 250-smtp.frozenstar.info
[20:25:27] ESMTP 250-PIPELINING [20:25:27] ESMTP 250-SIZE
1024 [20:25:27] ESMTP 250-ETRN [20:25:27] ESMTP 250-AUTH
PLAIN LOGIN [20:25:27] ESMTP 250-AUTH=PLAIN LOGIN [20:25:27]
ESMTP 250-ENHANCEDSTATUSCODES [20:25:27] ESMTP 250-8BITMIME
[20:25:27] ESMTP 250 DSN [20:25:27] ESMTP AUTH LOGIN [20:25:28]
ESMTP 334 VXNlcm5hbWU6 [20:25:28] ESMTP [USERID] [20:25:28]
ESMTP 334 UGFzc3dvcmQ6 [20:25:28] ESMTP [PASSWORD] [20:25:28]
ESMTP 235 2.7.0 Authentication successful
Re: smtpd: warning: hostname does not resolve to address Name or service not known
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 4/18/2015 1:31 PM, Krzs wrote: On 18/04/2015 18:36, Alex JOST wrote: Am 18.04.2015 um 16:35 schrieb Krzs: To me it looks as if everything is working as it should. This might simply be a Thunderbird misconfiguration. By thunderbird and connection security SSL/TLS i get: www postfix/smtpd[11453]: warning: hostname anon.riseup.net does not resolve to address 199.58.81.144: Name or service not known www postfix/smtpd[11453]: connect from unknown[199.58.81.144] www postfix/smtpd[11453]: lost connection after UNKNOWN from The lost connection after UNKNOWN is because your thunderbird is using wrappermode TLS, commonly used on port 465. You need to set tbird for STARTTLS. There is a dns issue Yes, but that isn't the problem. to me my actual postconf -n is: Unreadable, I'm not even going to try. alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix delay_warning_time = 4h disable_dns_lookups = no disable_vrfy_command = yes dovecot_destination_recipient_limit = 1 inet_interfaces = all inet_protocols = all mailbox_size_limit = 0 mydestination = localhost.localdomain, localhost mydomain = frozenstar.info By mutt which has in its own conf: set ssl_force_tls = yes set ssl_starttls = yes i get relay access denied and postfix logs say: Apr 18 20:16:48 www postfix/smtpd[23597]: warning: hostname anon.riseup.net does not resolve to address 199.58.81.144: Name or service not known Apr 18 20:16:48 www postfix/smtpd[23597]: connect from unknown[199.58.81.144] Apr 18 20:16:50 www postfix/smtpd[23597]: Anonymous TLS connection established from unknown[199.58.81.144]: TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits) Apr 18 20:16:51 www dovecot: auth-worker(23645): Good, TLS connection to postfix works when the client is configured for STARTTLS. mysql(127.0.0.1): Connected to database mailserver Apr 18 20:16:52 www postfix/smtpd[23597]: NOQUEUE: reject: RCPT from unknown[199.58.81.144]: 554 5.7.1 gabriele[at]riseup.net: Relay access denied; from=admin[at]frozenstar.info But the client never sent an AUTH command to postfix; if it had, it would be logged. Relay access is denied because the client did not AUTH. to=gabriele[at]riseup.net proto=ESMTP helo=xkrooked.frozenstar.tld Apr 18 20:16:52 www postfix/smtpd[23597]: lost connection after RCPT from unknown[199.58.81.144] Apr 18 20:16:52 www postfix/smtpd[23597]: disconnect from unknown[199.58.81.144] Claws mail client logs say: Unreadable, but this is shorter, so I'll try: [20:25:22] SMTP 220 smtp.frozenstar.info ESMTP Postfix [20:25:22] ESMTP EHLO localhost [20:25:23] ESMTP 250-smtp.frozenstar.info [20:25:23] ESMTP 250-PIPELINING [20:25:23] ESMTP 250-SIZE 1024 [20:25:23] ESMTP 250-ETRN [20:25:23] ESMTP 250-STARTTLS [20:25:23] ESMTP 250-ENHANCEDSTATUSCODES [20:25:23] ESMTP 250-8BITMIME [20:25:23] ESMTP 250 DSN [20:25:23] ESMTP STARTTLS [20:25:23] ESMTP 220 2.0.0 Ready to start TLS [20:25:27] ESMTP STARTTLS issued, TLS connection established. EHLO localhost [20:25:27] ESMTP 250-smtp.frozenstar.info [20:25:27] ESMTP 250-PIPELINING [20:25:27] ESMTP 250-SIZE 1024 [20:25:27] ESMTP 250-ETRN [20:25:27] ESMTP 250-AUTH PLAIN LOGIN [20:25:27] ESMTP 250-AUTH=PLAIN LOGIN [20:25:27] ESMTP 250-ENHANCEDSTATUSCODES [20:25:27] ESMTP 250-8BITMIME [20:25:27] ESMTP 250 DSN [20:25:27] ESMTP AUTH LOGIN [20:25:28] ESMTP 334 VXNlcm5hbWU6 [20:25:28] ESMTP [USERID] [20:25:28] ESMTP 334 UGFzc3dvcmQ6 [20:25:28] ESMTP [PASSWORD] [20:25:28] ESMTP 235 2.7.0 Authentication successful [20:25:28] ESMTP MAIL This time apparently the AUTH worked. Postfix would have logged a similar auth successful line. FROM:admin[at]frozenstar.info SIZE=365 [20:25:28] SMTP 250 2.1.0 Ok [20:25:28] SMTP RCPT TO:gabriele[at]riseup.net [20:25:29] SMTP 554 5.7.1 gabriele[at]riseup.net: Relay access denied But relay is still denied. Probably because you forgot to add permit_sasl_authenticated to your postfix restrictions, or added it in the wrong place. Posting a readable postconf -n will probably help. To me is defenitly a dns issue No, nothing to do with DNS. i have commented out security restrictions in postfix that's how i explain the relay access denied Ah, and that's why you get relay access denied. Regards -- Noel Jones -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJVMq4kAAoJEJGRUHb5Oh6gOkoH/i/8NchROmoCl1AVQxs9MSCn d2jozaQ2JyxGcW4it+NK8P3Ube7VTIr/Su/vX5LjqL7AA0PQlYaLqYFMZLWnqlgy 84LbsahBlTnB5Vt5QRSvSm4eZrdqkHuf6U//myBfZek3FjjgLQLsUx0lKd4MHX5m Gx7LZimcd0EP9Q+RUyyhk5T5Uce1hP2G3w8w7N8ln4yQF+WxfBTvx8+Z8lk7ErKl 69Ze0NbfwbI3OYANH74bmrIlNDpWmqCLyE4OyxuCLLtePfJyH7bS4keWNm81Jc5O AcwsDb7mHqai0PolG/bSR5X4XbTwG0P2HjqxuPtY2PokB4me1vL9DjP+oQHY2go= =Ry2W -END PGP SIGNATURE- --- This email has been
Re: smtpd: warning: hostname does not resolve to address Name or service not known
Am 18.04.2015 um 16:35 schrieb Krzs: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 That's while i use openssl: :~$ openssl s_client -starttls smtp -crlf -connect 88.198.107.18:25 CONNECTED(0003) depth=0 C = DE, ST = Berlin, L = Berlin, O = Frozenstar Communications, OU = SMTP, CN = smtp.frozenstar.info, emailAddress = admin[at]frozenstar.info verify error:num=18:self signed certificate verify return:1 depth=0 C = DE, ST = Berlin, L = Berlin, O = Frozenstar Communications, OU = SMTP, CN = smtp.frozenstar.info, emailAddress = admin[at]frozenstar.info verify return:1 --- Certificate chain 0 s:/C=DE/ST=Berlin/L=Berlin/O=Frozenstar Communications/OU=SMTP/CN=smtp.frozenstar.info/emailAddress=admin[at]f rozenstar.info [...] Start Time: 1429367076 Timeout : 300 (sec) Verify return code: 18 (self signed certificate) --- 250 DSN If I issue the same command and continue with EHLO AUTH is offered to me but my credentials (obviously) get rejected. So far working as it should. 535 5.7.8 Error: authentication failed: UGFzc3dvcmQ6 This is insted by telnet: :~$ telnet smtp.frozenstar.info 25Trying 88.198.107.18... Connected to smtp.frozenstar.info. Escape character is '^]'. 220 smtp.frozenstar.info ESMTP Postfix ehlo frozenstar.info 250-smtp.frozenstar.info 250-PIPELINING 250-SIZE 1024 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN AUTH is NOT on the list and logs say: That's because you told Postfix not to offer AUTH on unsecure connections. smtpd_tls_auth_only = yes To me it looks as if everything is working as it should. This might simply be a Thunderbird misconfiguration. -- Alex JOST
Re: [SOLVED] smtpd: warning: hostname does not resolve to address Name or service not known
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 18/04/2015 21:19, Noel Jones wrote: On 4/18/2015 1:31 PM, Krzs wrote: But relay is still denied. Probably because you forgot to add permit_sasl_authenticated to your postfix restrictions, or added it in the wrong place. Posting a readable postconf -n will probably help. To me is defenitly a dns issue No, nothing to do with DNS. i have commented out security restrictions in postfix that's how i explain the relay access denied Ah, and that's why you get relay access denied. I have put back security restrictions and also corrected smtp_host_lookup which was set to native instead of dns and i got over the issue ,thanks everybody Regards Gab - -- Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9 -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJVMrDXAAoJEKKN4t1MR6TZJb4P/3yp3z7vvW2aawwqOgQO6xiW Fpe5JKUQss5zmWragrvXWBH2Xwpm94bpDNKHlHFYD2Rx/1zkX+sOAAZZDfn69JzO x/QjyUg3ghQPzI94NoIIxRQz1fxybcUNwbcGhyYQQsS/j2bINpj+v5yEVijErKZE qtR4W2cKvd99IAuNYD2m06OOSzhD3yfCmMT0HsGSw3zegdemspk+4eztpRwLnXed bmwElELnShb9xdz64Dj3l9hlhiqGW13iwvxDsdl8VHaox86z5SBEqoJsFHj7+Ifi czKPe3Rw3ug/fO+ApfLsDwFkPbqtM9TwaA3LFqEA4EIMOLZXRA6v8liDSlOMT18x 5QZTiBu4yozSycDRhlfXaexrkh5EW+Zltf0gtM47mUtpKw8POvHXDtW9TYOT4LiU aBA6CYqvW54fuxhT2od7tLyOGJCO8nkPbSJUjFsJpgL9JyqEsnqfkhM7yjidqdqZ 1KVkDjiJRTNKq1z4OY7nTYPNF1BtqR/nWD4ZkQ04UlZIRA++pXdNSqljZl7pWRoM k7PEPPgR2VaPaz0CZ7vdOL0O80Lm2D6iCV3mtxipomfzrrDUUrIbbrpSKqNwfwdH dDrCu8vIArPLaUpD0kcJbWsSOwY8vA7W86Tz8XSZiQbXgJjInW3yvwQQHFuTonmY HvmNpYmWY077sWJPMOGY =Jwnj -END PGP SIGNATURE-
Re: smtpd: warning: hostname does not resolve to address Name or service not known
On 17/04/2015 1:02 pm, Krzs wrote: :~$ telnet smtp.myFQDN 25 Trying 1.2.3.4 ... Connected to myFQDN. Escape character is '^]'. 220 smtp.myFQDN ESMTP Postfix ehlo smtp.myFQDN 250-smtp.myFQDN 250-PIPELINING 250-SIZE 1024 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from: admin@myFQDN 250 2.1.0 Ok auth plain gibberishtextinbase64encodedvalueoftheusernameadminandpassword 503 5.5.1 Error: authentication not enabled Connection closed by foreign host. I'm no expert, but it seems to me that you're trying to authenticate before setting up a TLS connection signature.asc Description: OpenPGP digital signature
Re: smtpd: warning: hostname does not resolve to address Name or service not known
HTML tags from postfixusers nabble dot come web site don't show up in
emails ,i'll add their content in this replay:
On 17/04/2015 13:48, Gab wrote:
Hi list !
As the subject says i found this issue on my mail system after long time it
worked as expected.
Mine is a Debian Wheezy VPS system hosting postfix dovecot spamassassin with
mysql database .That's what logs say while i try to send an email by
thunderbird with my laptop:
while thunderbird says:
postfix/smtpd[23417]: connect from my.laptop[1.2.3.4]
postfix/smtpd[23417]: lost connection after UNKNOWN from my.laptop[1.2.3.4]
postfix/smtpd[23417]: disconnect from my.laptop[1.2.3.4]
That's my postconf -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
disable_dns_lookups = yes
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
mydestination = $mydomain, localhost.localdomain, localhost
mydomain = myFQDN
myhostname = smtp.$mydomain
mynetworks = 88.198.107.18, 127.0.0.1
mynetworks_style = host
myorigin = $mydomain
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtp_tls_cert_file = /etc/postfix/ssl/cert.pem
smtp_tls_ciphers = export
smtp_tls_key_file = /etc/postfix/ssl/key.pem
smtp_tls_note_starttls_offer = yes
smtp_tls_protocols = !SSLv2
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_ask_ccert = yes
smtpd_tls_auth_only = yes
smtpd_tls_ccert_verifydepth = 1
smtpd_tls_cert_file = /etc/postfix/ssl/cert.pem
smtpd_tls_key_file = /etc/postfix/ssl/key.pem
smtpd_tls_loglevel = 0
smtpd_tls_received_header = no
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
virtual_mailbox_domains =
mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = dovecot
I have the same issue with all clients i have and by telnet i get while i
authenticate:
:~$ telnet smtp.myFQDN 25
Trying 1.2.3.4 ...
Connected to myFQDN.
Escape character is '^]'.
220 smtp.myFQDN ESMTP Postfix
ehlo smtp.myFQDN
250-smtp.myFQDN
250-PIPELINING
250-SIZE 1024
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: admin@myFQDN
250 2.1.0 Ok
auth plain gibberishtextinbase64encodedvalueoftheusernameadminandpassword
503 5.5.1 Error: authentication not enabled
Connection closed by foreign host.
What others infos you need to get around this issue ?
every help will be appreciated
Regards
Gab
--
View this message in context:
http://postfix.1071664.n5.nabble.com/smtpd-warning-hostname-does-not-resolve-to-address-Name-or-service-not-known-tp76263.html
Sent from the Postfix Users mailing list archive at Nabble.com.
--
Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9
smtpd: warning: hostname does not resolve to address Name or service not known
Hi list ! As the subject says i found this issue on my mail system after long time it worked as expected. Mine is a Debian Wheezy VPS system hosting postfix dovecot spamassassin with mysql database .That's what logs say while i try to send an email by thunderbird with my laptop: while thunderbird says: That's my postconf -n: I have the same issue with all clients i have and by telnet i get while i authenticate: What others infos you need to get around this issue ? every help will be appreciated Regards Gab -- View this message in context: http://postfix.1071664.n5.nabble.com/smtpd-warning-hostname-does-not-resolve-to-address-Name-or-service-not-known-tp76263.html Sent from the Postfix Users mailing list archive at Nabble.com.
Re: smtpd: warning: hostname does not resolve to address Name or service not known
On 17 Apr 2015, at 8:02, Krzs wrote: HTML tags from postfixusers nabble dot come web site don't show up in emails ,i'll add their content in this replay: Almost entirely useless. What you added is full of lies, where you've used bogus names and addresses to replace nearly all information that might be useful in diagnosis. You're asking about a name resolution error message. No one can help you if you are so paranoid that you won't divulge the names and IP addresses involved. However, you did miss ONE IP address that provides a hint towards one mistake: On 17/04/2015 13:48, Gab wrote: [... mydestination = $mydomain, localhost.localdomain, localhost mydomain = myFQDN myhostname = smtp.$mydomain mynetworks = 88.198.107.18, 127.0.0.1 18.107.198.88.in-addr.arpa. 86089 IN PTR frozenstar.info. frozenstar.info. 1512 IN MX 10 smtp.frozenstar.info. smtp.frozenstar.info. 3327 IN CNAME frozenstar.info. That's wrong. MX records MUST point to names that have A records.
Re: smtpd: warning: hostname does not resolve to address Name or service not known
On Fri, Apr 17, 2015 at 11:26:44AM -0400, Bill Cole wrote: On 17 Apr 2015, at 8:02, Krzs wrote: HTML tags from postfixusers nabble dot come web site don't show up in emails ,i'll add their content in this replay: Almost entirely useless. What you added is full of lies, where you've used bogus names and addresses to replace nearly all information that might be useful in diagnosis. Let's tone that down shall we. Second warning. -- Viktor.
Re: smtpd: warning: hostname does not resolve to address Name or service not known
On 17/04/2015 17:26, Bill Cole wrote: On 17 Apr 2015, at 8:02, Krzs wrote: HTML tags from postfixusers nabble dot come web site don't show up in emails They don't show up because i don't use html in emails Almost entirely useless. What you added is full of lies, where you've used bogus names and addresses to replace nearly all information that might be useful in diagnosis. I'm too used to not use my fqdn for obvious security reasons (yez i'm paranoid) I won't consider your insults and i still hope someone would help. Regars -- Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9
