NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2007-12

Re: [Old box, Newbie] Undelivered Mail Returned to Sender

From: Victor Duchovni (Victor.DuchovniMorganStanley.com)
Date: Wed Dec 12 2007 - 21:21:53 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Dec 12, 2007 at 09:58:20AM -0800, Paul Rogers wrote:

> --- Victor Duchovni <Victor.DuchovniMorganStanley.com> wrote:
> > You have a toy DNS proxy-server in your firewall. You need to not
> > point /etc/resolv.conf at the firewall and use a real DNS server
> > instead. At low volume point /etc/resolv.conf at the ISP's DNS
> > servers, but it is best to run your own caching server on an MTA.
>
> I do?! This IS an old box (2.2 kernel). I'm dialing my ISP without
> benefit (shudder) of an external firewall, just the internal ipchains.
> I point /var/spool/postfix/etc/resolv.conf at my ISP's suggested DNS:
> domain lan
> nameserver 209.102.124.14
> nameserver 209.102.124.15
> (I deliberately chose a domain name that wasn't routable to prevent
> collisions. Seems to have worked so far. Hope that doesn't confuse
> postfix.)
> This IS low volume. All I'm trying to do is send one message a day to
> a few friends.

If Yahoo's MX records are not returned by the DNS server provided by the
ISP, then the toy DNS is the ISP's recursive resolver rather than your
(missing) firewall. Please report:

# dig +noall +ans -t mx yahoo.com
# su nobody -c 'dig +noall +ans -t mx yahoo.com'

If none return the expected MX records: toy DNS
If only root sees MX records: config file permission issues
In both see MX records: run "smtp -v -v" to log detailed DNS lookups.

--
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majordomopostfix.org?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]