brakethrew
asked on
DNS and postfix mail
Hello all
I have 2 linux servers one is the gateway - squid - mail - firewall the other is the DNS - Application - Fileserver. recently the Fileserver crashed and had to be rebuilt and reloaded from backup. I used a new OS (Fedora11) and it is all up and running - after rebuilding the DNS I am having a problem with sending Emails, mails are being bouced back Immediately with the error
Host or domain name not found. Name service error for
name=xxxx.com type=A: Host found but no data record of requested type
when we send the mail again MOST times the mail shoots through sometimes we need to send it a few times
I know it has something to do with postfix checking DNS have searched but to no avail...
can anyone help please?
I have 2 linux servers one is the gateway - squid - mail - firewall the other is the DNS - Application - Fileserver. recently the Fileserver crashed and had to be rebuilt and reloaded from backup. I used a new OS (Fedora11) and it is all up and running - after rebuilding the DNS I am having a problem with sending Emails, mails are being bouced back Immediately with the error
Host or domain name not found. Name service error for
name=xxxx.com type=A: Host found but no data record of requested type
when we send the mail again MOST times the mail shoots through sometimes we need to send it a few times
I know it has something to do with postfix checking DNS have searched but to no avail...
can anyone help please?
ASKER
hi bevhost
My resolv.conf has my internal caching DNS and then the 2 isp DNS's
domain xxxx.co.za
nameserver 10.20.0.245
nameserver x.x.x.x
nameserver x.x.x.x
hope this helps
peter
My resolv.conf has my internal caching DNS and then the 2 isp DNS's
domain xxxx.co.za
nameserver 10.20.0.245
nameserver x.x.x.x
nameserver x.x.x.x
hope this helps
peter
ASKER
OK added 8.8.8.8 as one of the nameservers in resolv.conf just testing right now
does it matter in which order the nameservers are placed?
does it matter in which order the nameservers are placed?
ASKER
tested with 8.8.8.8 in resolv.conf random mails still bounce back
anybody have any suggestions?
anybody have any suggestions?
The domain xxxx.com in your question, is that local or remote?
When you do a dns lookup for xxxx.com is there an MX record or an A record?
eg
When I try it here I get this...
# host xxxx.com
xxxx.com has address 209.85.112.193
xxxx.com mail is handled by 10 mail.xxxx.com.
eg
When I try it here I get this...
# host xxxx.com
xxxx.com has address 209.85.112.193
xxxx.com mail is handled by 10 mail.xxxx.com.
If the DNS it really flaky to that address you can route that domain specifically to an IP address in /etc/postfix/transport
xxxx.com smtp:[98.76.65.43]
xxxx.com smtp:[98.76.65.43]
ASKER
Hi Bevhost
sorry for the late reply
the domain in question is my local domain.
if I do a dig of google.com here is the result
#dig www.google.com
; <<>> DiG 9.3.4-P1.1 <<>> www.google.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35534
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 4, ADDITIONAL: 0
;; QUESTION SECTION:
;www.google.com. IN A
;; ANSWER SECTION:
www.google.com. 583274 IN CNAME www.l.google.com.
www.l.google.com. 51 IN A 72.14.203.104
www.l.google.com. 51 IN A 72.14.203.105
www.l.google.com. 51 IN A 72.14.203.106
www.l.google.com. 51 IN A 72.14.203.147
www.l.google.com. 51 IN A 72.14.203.99
www.l.google.com. 51 IN A 72.14.203.103
;; AUTHORITY SECTION:
google.com. 151270 IN NS ns4.google.com.
google.com. 151270 IN NS ns2.google.com.
google.com. 151270 IN NS ns1.google.com.
google.com. 151270 IN NS ns3.google.com.
;; Query time: 1 msec
;; SERVER: 10.20.0.245#53(10.20.0.245
;; WHEN: Mon Feb 1 15:11:04 2010
;; MSG SIZE rcvd: 220
also the mail is not only bouncing to ONE specific address it is bouncing when sending to any address, and then sends it when you try again the second or third time - but then again sometimes it DOES NOT bounce at all and just goes through.
kinda confusing and also takes a while to test.
sorry for the late reply
the domain in question is my local domain.
if I do a dig of google.com here is the result
#dig www.google.com
; <<>> DiG 9.3.4-P1.1 <<>> www.google.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35534
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 4, ADDITIONAL: 0
;; QUESTION SECTION:
;www.google.com. IN A
;; ANSWER SECTION:
www.google.com. 583274 IN CNAME www.l.google.com.
www.l.google.com. 51 IN A 72.14.203.104
www.l.google.com. 51 IN A 72.14.203.105
www.l.google.com. 51 IN A 72.14.203.106
www.l.google.com. 51 IN A 72.14.203.147
www.l.google.com. 51 IN A 72.14.203.99
www.l.google.com. 51 IN A 72.14.203.103
;; AUTHORITY SECTION:
google.com. 151270 IN NS ns4.google.com.
google.com. 151270 IN NS ns2.google.com.
google.com. 151270 IN NS ns1.google.com.
google.com. 151270 IN NS ns3.google.com.
;; Query time: 1 msec
;; SERVER: 10.20.0.245#53(10.20.0.245
;; WHEN: Mon Feb 1 15:11:04 2010
;; MSG SIZE rcvd: 220
also the mail is not only bouncing to ONE specific address it is bouncing when sending to any address, and then sends it when you try again the second or third time - but then again sometimes it DOES NOT bounce at all and just goes through.
kinda confusing and also takes a while to test.
ASKER
as regards the host command
if I do a # host google.com it does give me the mail host as well
# host google.com
google.com has address 72.14.203.99
google.com has address 72.14.203.103
google.com has address 72.14.203.104
google.com has address 72.14.203.105
google.com has address 72.14.203.106
google.com has address 72.14.203.147
google.com mail is handled by 10 google.com.s9b2.psmtp.com.
google.com mail is handled by 10 google.com.s9a1.psmtp.com.
google.com mail is handled by 10 google.com.s9a2.psmtp.com.
google.com mail is handled by 10 google.com.s9b1.psmtp.com.
if I do a # host google.com it does give me the mail host as well
# host google.com
google.com has address 72.14.203.99
google.com has address 72.14.203.103
google.com has address 72.14.203.104
google.com has address 72.14.203.105
google.com has address 72.14.203.106
google.com has address 72.14.203.147
google.com mail is handled by 10 google.com.s9b2.psmtp.com.
google.com mail is handled by 10 google.com.s9a1.psmtp.com.
google.com mail is handled by 10 google.com.s9a2.psmtp.com.
google.com mail is handled by 10 google.com.s9b1.psmtp.com.
ASKER
has this question just been dropped, is there anyone out there that can advise me - please
You really haven't given us much to go one here,
Are you sending mail to xxxx.com or from xxxx.com
Are the xxxx.com mailboxes on the postfix server?
The actual error message means that the server (postfix) tried to look up the A record for xxxx.com, found the domain exists, but no A record.
It could be looking for an A record because no MX record exists.
Your results could vary from time to time depending on whether the answer comes from your internal caching server OR from one of those external servers.
If it is an internal domain, it should be configured to operate without the assistance of DNS
OR you internal DNS needs to work properly.
Are you getting any other error messages?
Are you sending mail to xxxx.com or from xxxx.com
Are the xxxx.com mailboxes on the postfix server?
The actual error message means that the server (postfix) tried to look up the A record for xxxx.com, found the domain exists, but no A record.
It could be looking for an A record because no MX record exists.
Your results could vary from time to time depending on whether the answer comes from your internal caching server OR from one of those external servers.
If it is an internal domain, it should be configured to operate without the assistance of DNS
OR you internal DNS needs to work properly.
Are you getting any other error messages?
ASKER
Hi Bevhost
xxx.co.za is MY domain I am trying to send out from xxx.com, the mail bounces back to the sender saying so I am sending from xxx.co.za
Host or domain name not found. Name service
error for name=za.endress.com type=A: Host found but no data record of
requested type
as mentioned above but not every time, only one in 7 mails - when we resend the same mail it normally goes the second or third time.
I was just hoping that someone has come across this error, and perhaps I have messed up a setting in the caching DNS that I newly setup. and the fact that the error is random makes it hard to troubleshoot.
/var/log/mail.warn gives errors like this
Feb 5 12:27:32 gateway postfix/smtpd[8862]: warning: 117.6.2.232: address not listed for hostname cfc.com.vn
Feb 5 12:31:02 gateway postfix/smtpd[10603]: warning: 122.168.245.204: hostname ABTS-mp-dynamic-204.245.16
no other logs relating to mail show anything related to hosts or domain
hope this helps
xxx.co.za is MY domain I am trying to send out from xxx.com, the mail bounces back to the sender saying so I am sending from xxx.co.za
Host or domain name not found. Name service
error for name=za.endress.com type=A: Host found but no data record of
requested type
as mentioned above but not every time, only one in 7 mails - when we resend the same mail it normally goes the second or third time.
I was just hoping that someone has come across this error, and perhaps I have messed up a setting in the caching DNS that I newly setup. and the fact that the error is random makes it hard to troubleshoot.
/var/log/mail.warn gives errors like this
Feb 5 12:27:32 gateway postfix/smtpd[8862]: warning: 117.6.2.232: address not listed for hostname cfc.com.vn
Feb 5 12:31:02 gateway postfix/smtpd[10603]: warning: 122.168.245.204: hostname ABTS-mp-dynamic-204.245.16
no other logs relating to mail show anything related to hosts or domain
hope this helps
Try removing all the nameservers from resolv.conf except your local one and see what happens.
ASKER
ok will do
ASKER
when I take out all the other nameservers I seem to get more bouncing.
question, does a caching dns server learn and store DNS information and could it be that the reply for host lookup takes a little while - and if so is there anyway I can slow down the bounceback or the time it takes for postfix to do a DNS lookup of the domain? if you understand what I am getting at.
question, does a caching dns server learn and store DNS information and could it be that the reply for host lookup takes a little while - and if so is there anyway I can slow down the bounceback or the time it takes for postfix to do a DNS lookup of the domain? if you understand what I am getting at.
ASKER
sometimes when I do a #host command on any arb domain I get a
;; connection timed out; no servers could be reached and then second time it works
It is definitely a DNS issue and I am not sure what I have done wrong - I created the new DNS using the following set up
http://tldp.org/HOWTO/DNS-HOWTO-3.html
maybe I made a mistake
;; connection timed out; no servers could be reached and then second time it works
It is definitely a DNS issue and I am not sure what I have done wrong - I created the new DNS using the following set up
http://tldp.org/HOWTO/DNS-HOWTO-3.html
maybe I made a mistake
That list of root servers looks a bit out of date
I have these in my DNS server
I have these in my DNS server
;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
A.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:ba3e::2:30
B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201
C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12
D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90
E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10
F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241
F.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:2f::f
G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4
H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
H.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:1::803f:235
I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17
J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30
J.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:c27::2:30
K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129
K.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:7fd::1
L.ROOT-SERVERS.NET. 3600000 IN A 199.7.83.42
M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33
M.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:dc3::35ASKER
changed that, still getting bounced mail every so often
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Try adding
nameserver 8.8.8.8