I did disable/remove both spam assassin and spams-milter because the server was getting overloaded with sa-learn and I though that might be related. I commented out the miter lines in main.cf and added soft-bounce, but made no other changes to main.cf.
Current load os 0.29 instead of 12.9 and climbing, sp I don’t think it’s related.
On Sat, Aug 29, 2020 at 06:16:27AM -0600, @lbutlr wrote:
> After updating Bind and dovecot and rebooting the server, I am getting these errors on almost every incoming mail.
> Bind is running, and I can manually lookup the domains and dig -x the IPs, so I don’t think bind is the issue?
> Bind is running, and I can manually lookup the domains and dig -x
> the IPs, so I don’t think bind is the issue?
Although dig and drill are good for tracing DNS queries the better
tool for tracing system default lookups is 'getent'. It will perform
a lookup using the same libc library as any program using
$ getent ahosts mx2.freebsd.org
22.214.171.124 STREAM mx2.freebsd.org
As others noted if postfix is running chroot'd then the
/etc/resolv.conf that it will use will be the file in the postfix
chroot. On my system that would be this one. Which on my system is
updated when the service script starts postfix.
> On Sat, Aug 29, 2020 at 06:16:27AM -0600, @lbutlr wrote:
>> After updating Bind and dovecot and rebooting the server, I am getting these errors on almost every incoming mail.
>> Bind is running, and I can manually lookup the domains and dig -x the IPs, so I don’t think bind is the issue?
> Red herrings.
>> Aug 29 01:30:13 mail.covisp.net postfix/smtpd 4Bdp5d3gF5z36j0y:
>> reject: RCPT from mx2.freebsd.org[126.96.36.199]: 451 4.3.0
>> <[hidden email]>: Temporary lookup failure;
>> from=<[hidden email]> to=<[hidden email]>
>> proto=ESMTP helo=<mx2.freebsd.org>
> Who said the lookup failure is a DNS problem? More likely some table
> driver no longer works after the upgrade, or other similar resource.
> The real error is earlier in the logs.
The previous line is mostly the same, only it says permit. I posted all the lines for the given QID.Looking at the logs for other errors the only thing I see is that occasionally (but far less than the number of lookup errors) was "(address resolver failure)" and ,mysql connection issues when I was stopping the various services. And to was not just freebsd.org that failed, it was most things.
After several hours last night and this morning with a trickle of mail coming in and several reboots I finally got it working with a manual shutdown of all the related services, a removal of several ancillary ports (spamassin, etc) and rebuilding those ports. And then manually starting the services back up. Nothing showed as an out of date port, but spamassasin, at least, showed something that was updated instead of installed.
Haven’t gotten a recourance in just about an hour.
Still don't know what the cause was and find it rather concerning because of the reboots.
When I can get there in person, I'll reboot again and see if all comes back up this time.
Bowling scores are way up, minigolf scores are way down, and we have
more excellent waterslides than any other planet we communicate