postfix PTR Lookup internals

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

postfix PTR Lookup internals

Vivaldi Vivaldi
Hello everybody!

I see following maillog records when new mail comes to server

connect from unknown [209.85.223.195]
client=unknown[209.85.223.195]

But that IP address is GMail IP and it has valid PTR-record which points to mail-io0-f195.google.com My main.cf is here

resolv.conf content for Postfix listed below

# Generated by NetworkManager
  nameserver 8.8.8.8
  nameserver 8.8.4.4
  nameserver [hosting_dns_servers_here]
 # NOTE: the libc resolver may not support more than 3 nameservers.
 # The nameservers listed below may not be recognized.
   nameserver 1.1.1.1
   nameserver 1.0.0.1
   nameserver 77.88.8.8
   nameserver 77.88.8.1

So, how can I force Postfix to make reverse lookup and logs a domain name of mailserver not IP address? I'm running CentOS 7.4

And at the second where I can read about postfix reverse lookup process?

May be you would point me to some place in the postfix sources, I don't know, indeed...

I guess it's some kind of internal issue of my VDS provider. Caused by the internal network architecture of dedicated server hoster. Anyway, I want to read postfix source code which related to reverse DNS lookup procedures and try to understand, why it doesn't work as expected in my case.


Reply | Threaded
Open this post in threaded view
|

Re: postfix PTR Lookup internals

Noel Jones-2
On 5/14/2018 3:19 PM, Vivaldi Vivaldi wrote:

> Hello everybody!
> **
>
> I see following /maillog/ records when new mail comes to server
>
> |connect from unknown [209.85.223.195] client=unknown[209.85.223.195] |
>
> But that IP address is GMail IP and it has valid PTR-record which
> points to /mail-io0-f195.google.com
> <http://mail-io0-f195.google.com>/ My main.cf <http://main.cf> is
> here <https://pastebin.com/eyGUeN2U>

My wild guess is that you have postfix set for chroot, the the
chroot environment is incomplete.  See:
http://www.postfix.org/DEBUG_README.html#no_chroot


If you need more help, see:
http://www.postfix.org/DEBUG_README.html#mail



  -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: postfix PTR Lookup internals

Vivaldi Vivaldi
Yes, your are right postfix chained in the chroot environment for security reasons as usual.
Though, at another VPS running Debian 7 and Postfix 2.9.6 also chrooted everithing, works perfect
as for reverse lookup. So I get confused a lot with that "quirk"


2018-05-14 23:46 GMT+03:00 Noel Jones <[hidden email]>:
On 5/14/2018 3:19 PM, Vivaldi Vivaldi wrote:
> Hello everybody!
> **
>
> I see following /maillog/ records when new mail comes to server
>
> |connect from unknown [209.85.223.195] client=unknown[209.85.223.195] |
>
> But that IP address is GMail IP and it has valid PTR-record which
> points to /mail-io0-f195.google.com
> <http://mail-io0-f195.google.com>/ My main.cf <http://main.cf> is
> here <https://pastebin.com/eyGUeN2U>

My wild guess is that you have postfix set for chroot, the the
chroot environment is incomplete.  See:
http://www.postfix.org/DEBUG_README.html#no_chroot


If you need more help, see:
http://www.postfix.org/DEBUG_README.html#mail



  -- Noel Jones

Reply | Threaded
Open this post in threaded view
|

Re: postfix PTR Lookup internals

Vivaldi Vivaldi
chroot environment is incomplete

Where can I find complete example of postfix chroot environment?

2018-05-15 0:00 GMT+03:00 Vivaldi Vivaldi <[hidden email]>:
Yes, your are right postfix chained in the chroot environment for security reasons as usual.
Though, at another VPS running Debian 7 and Postfix 2.9.6 also chrooted everithing, works perfect
as for reverse lookup. So I get confused a lot with that "quirk"


2018-05-14 23:46 GMT+03:00 Noel Jones <[hidden email]>:
On 5/14/2018 3:19 PM, Vivaldi Vivaldi wrote:
> Hello everybody!
> **
>
> I see following /maillog/ records when new mail comes to server
>
> |connect from unknown [209.85.223.195] client=unknown[209.85.223.195] |
>
> But that IP address is GMail IP and it has valid PTR-record which
> points to /mail-io0-f195.google.com
> <http://mail-io0-f195.google.com>/ My main.cf <http://main.cf> is
> here <https://pastebin.com/eyGUeN2U>

My wild guess is that you have postfix set for chroot, the the
chroot environment is incomplete.  See:
http://www.postfix.org/DEBUG_README.html#no_chroot


If you need more help, see:
http://www.postfix.org/DEBUG_README.html#mail



  -- Noel Jones


Reply | Threaded
Open this post in threaded view
|

Re: postfix PTR Lookup internals

Vivaldi Vivaldi
I've already found http://www.postfix.org/BASIC_CONFIGURATION_README.html#chroot_setup,
but may be more detailed description exists, I hope.

2018-05-15 0:03 GMT+03:00 Vivaldi Vivaldi <[hidden email]>:
chroot environment is incomplete

Where can I find complete example of postfix chroot environment?

2018-05-15 0:00 GMT+03:00 Vivaldi Vivaldi <[hidden email]>:
Yes, your are right postfix chained in the chroot environment for security reasons as usual.
Though, at another VPS running Debian 7 and Postfix 2.9.6 also chrooted everithing, works perfect
as for reverse lookup. So I get confused a lot with that "quirk"


2018-05-14 23:46 GMT+03:00 Noel Jones <[hidden email]>:
On 5/14/2018 3:19 PM, Vivaldi Vivaldi wrote:
> Hello everybody!
> **
>
> I see following /maillog/ records when new mail comes to server
>
> |connect from unknown [209.85.223.195] client=unknown[209.85.223.195] |
>
> But that IP address is GMail IP and it has valid PTR-record which
> points to /mail-io0-f195.google.com
> <http://mail-io0-f195.google.com>/ My main.cf <http://main.cf> is
> here <https://pastebin.com/eyGUeN2U>

My wild guess is that you have postfix set for chroot, the the
chroot environment is incomplete.  See:
http://www.postfix.org/DEBUG_README.html#no_chroot


If you need more help, see:
http://www.postfix.org/DEBUG_README.html#mail



  -- Noel Jones



Reply | Threaded
Open this post in threaded view
|

Re: postfix PTR Lookup internals

Noel Jones-2
The chroot details are different for each operating system.  If you
installed postfix from a package for your OS, often a script is
included with the package to build the chroot environment.  If you
didn't install from a package, or you did but the supplied script
didn't work, you may get better support for this OS-specific issue
on a forum dedicated to your OS.

Consider (temporarily) turning chroot off to verify this is the problem.



  -- Noel Jones

On 5/14/2018 4:07 PM, Vivaldi Vivaldi wrote:

> I've already
> found http://www.postfix.org/BASIC_CONFIGURATION_README.html#chroot_setup,
> but may be more detailed description exists, I hope.
>
> 2018-05-15 0:03 GMT+03:00 Vivaldi Vivaldi <[hidden email]
> <mailto:[hidden email]>>:
>
>     > chroot environment is incomplete
>
>     Where can I find complete example of postfix chroot environment?
>
>     2018-05-15 0:00 GMT+03:00 Vivaldi Vivaldi <[hidden email]
>     <mailto:[hidden email]>>:
>
>         Yes, your are right postfix chained in the chroot
>         environment for security reasons as usual.
>         Though, at another VPS running Debian 7 and Postfix 2.9.6
>         also chrooted everithing, works perfect
>         as for reverse lookup. So I get confused a lot with that "quirk"
>
>
>         2018-05-14 23:46 GMT+03:00 Noel Jones
>         <[hidden email] <mailto:[hidden email]>>:
>
>             On 5/14/2018 3:19 PM, Vivaldi Vivaldi wrote:
>             > Hello everybody!
>             > **
>             >
>             > I see following /maillog/ records when new mail comes
>             to server
>             >
>             > |connect from unknown [209.85.223.195] client=unknown[209.85.223.195] |
>             >
>             > But that IP address is GMail IP and it has valid PTR-record which
>             > points to /mail-io0-f195.google.com
>             <http://mail-io0-f195.google.com>
>             > <http://mail-io0-f195.google.com
>             <http://mail-io0-f195.google.com>>/ My main.cf
>             <http://main.cf> <http://main.cf> is
>             > here <https://pastebin.com/eyGUeN2U>
>
>             My wild guess is that you have postfix set for chroot,
>             the the
>             chroot environment is incomplete.  See:
>             http://www.postfix.org/DEBUG_README.html#no_chroot
>             <http://www.postfix.org/DEBUG_README.html#no_chroot>
>
>
>             If you need more help, see:
>             http://www.postfix.org/DEBUG_README.html#mail
>             <http://www.postfix.org/DEBUG_README.html#mail>
>
>
>
>               -- Noel Jones
>
>
>
>

Reply | Threaded
Open this post in threaded view
|

Re: postfix PTR Lookup internals

Vivaldi Vivaldi
Well spotted again!
Everything resolves as expected after chroot is disabled.
So, I'm digging that way.
Thanks for your help, regards!

2018-05-15 0:17 GMT+03:00 Noel Jones <[hidden email]>:
The chroot details are different for each operating system.  If you
installed postfix from a package for your OS, often a script is
included with the package to build the chroot environment.  If you
didn't install from a package, or you did but the supplied script
didn't work, you may get better support for this OS-specific issue
on a forum dedicated to your OS.

Consider (temporarily) turning chroot off to verify this is the problem.



  -- Noel Jones

On 5/14/2018 4:07 PM, Vivaldi Vivaldi wrote:
> I've already
> found http://www.postfix.org/BASIC_CONFIGURATION_README.html#chroot_setup,
> but may be more detailed description exists, I hope.
>
> 2018-05-15 0:03 GMT+03:00 Vivaldi Vivaldi <[hidden email]
> <mailto:[hidden email]>>:
>
>     > chroot environment is incomplete
>
>     Where can I find complete example of postfix chroot environment?
>
>     2018-05-15 0:00 GMT+03:00 Vivaldi Vivaldi <[hidden email]
>     <mailto:[hidden email]>>:
>
>         Yes, your are right postfix chained in the chroot
>         environment for security reasons as usual.
>         Though, at another VPS running Debian 7 and Postfix 2.9.6
>         also chrooted everithing, works perfect
>         as for reverse lookup. So I get confused a lot with that "quirk"
>
>
>         2018-05-14 23:46 GMT+03:00 Noel Jones
>         <[hidden email] <mailto:[hidden email]>>:
>
>             On 5/14/2018 3:19 PM, Vivaldi Vivaldi wrote:
>             > Hello everybody!
>             > **
>             >
>             > I see following /maillog/ records when new mail comes
>             to server
>             >
>             > |connect from unknown [209.85.223.195] client=unknown[209.85.223.195] |
>             >
>             > But that IP address is GMail IP and it has valid PTR-record which
>             > points to /mail-io0-f195.google.com
>             <http://mail-io0-f195.google.com>
>             > <http://mail-io0-f195.google.com
>             <http://mail-io0-f195.google.com>>/ My main.cf
>             <http://main.cf> <http://main.cf> is
>             > here <https://pastebin.com/eyGUeN2U>
>
>             My wild guess is that you have postfix set for chroot,
>             the the
>             chroot environment is incomplete.  See:
>             http://www.postfix.org/DEBUG_README.html#no_chroot
>             <http://www.postfix.org/DEBUG_README.html#no_chroot>
>
>
>             If you need more help, see:
>             http://www.postfix.org/DEBUG_README.html#mail
>             <http://www.postfix.org/DEBUG_README.html#mail>
>
>
>
>               -- Noel Jones
>
>
>
>


Reply | Threaded
Open this post in threaded view
|

Re: postfix PTR Lookup internals

Vivaldi Vivaldi
My problem is solved.
Solution in one line

cp -vl /usr/lib64/libnss_* /var/spool/postfix/lib64

Cheers!

2018-05-15 0:46 GMT+03:00 Vivaldi Vivaldi <[hidden email]>:
Well spotted again!
Everything resolves as expected after chroot is disabled.
So, I'm digging that way.
Thanks for your help, regards!

2018-05-15 0:17 GMT+03:00 Noel Jones <[hidden email]>:
The chroot details are different for each operating system.  If you
installed postfix from a package for your OS, often a script is
included with the package to build the chroot environment.  If you
didn't install from a package, or you did but the supplied script
didn't work, you may get better support for this OS-specific issue
on a forum dedicated to your OS.

Consider (temporarily) turning chroot off to verify this is the problem.



  -- Noel Jones

On 5/14/2018 4:07 PM, Vivaldi Vivaldi wrote:
> I've already
> found http://www.postfix.org/BASIC_CONFIGURATION_README.html#chroot_setup,
> but may be more detailed description exists, I hope.
>
> 2018-05-15 0:03 GMT+03:00 Vivaldi Vivaldi <[hidden email]
> <mailto:[hidden email]>>:
>
>     > chroot environment is incomplete
>
>     Where can I find complete example of postfix chroot environment?
>
>     2018-05-15 0:00 GMT+03:00 Vivaldi Vivaldi <[hidden email]
>     <mailto:[hidden email]>>:
>
>         Yes, your are right postfix chained in the chroot
>         environment for security reasons as usual.
>         Though, at another VPS running Debian 7 and Postfix 2.9.6
>         also chrooted everithing, works perfect
>         as for reverse lookup. So I get confused a lot with that "quirk"
>
>
>         2018-05-14 23:46 GMT+03:00 Noel Jones
>         <[hidden email] <mailto:[hidden email]>>:
>
>             On 5/14/2018 3:19 PM, Vivaldi Vivaldi wrote:
>             > Hello everybody!
>             > **
>             >
>             > I see following /maillog/ records when new mail comes
>             to server
>             >
>             > |connect from unknown [209.85.223.195] client=unknown[209.85.223.195] |
>             >
>             > But that IP address is GMail IP and it has valid PTR-record which
>             > points to /mail-io0-f195.google.com
>             <http://mail-io0-f195.google.com>
>             > <http://mail-io0-f195.google.com
>             <http://mail-io0-f195.google.com>>/ My main.cf
>             <http://main.cf> <http://main.cf> is
>             > here <https://pastebin.com/eyGUeN2U>
>
>             My wild guess is that you have postfix set for chroot,
>             the the
>             chroot environment is incomplete.  See:
>             http://www.postfix.org/DEBUG_README.html#no_chroot
>             <http://www.postfix.org/DEBUG_README.html#no_chroot>
>
>
>             If you need more help, see:
>             http://www.postfix.org/DEBUG_README.html#mail
>             <http://www.postfix.org/DEBUG_README.html#mail>
>
>
>
>               -- Noel Jones
>
>
>
>