Hi, After setting up postfix up on a ipv4/ipv6 dualstack machine I'm seeing the following issue: connections on 127.0.0.1 (where my content_filter re-injects mail) are logged as:
010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: warning:
127.0.0.1: address not listed for hostname ip6-localhost
2010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: connect
from unknown[127.0.0.1]
After some time reading google and debugging this is what I found out:
- /etc/hosts contains the following stuff regarding localhost (in the
specified order):
::1 ip6-localhost ip6-loopback
127.0.0.1 localhost
- The test utils in auxiliary/name-addr-test show the same behaviour as
postfix itself:
./getnameinfo 127.0.0.1
Hostname: ip6-localhost
Address: 127.0.0.1
./gethostbyaddr 127.0.0.1
Hostname: ip6-localhost
Aliases: ip6-loopback
Addresses: 127.0.0.1
- After some tests, I can (temporarily) fix this in 3 ways:
1) Changing postfix's main.cf to use only ipv4 (comment
inet_protocols=all + restart)
2) Removing the line for ::1 in /etc/hosts
3) Change the order of /etc/hosts, placing the line for ::1 below 127.0.0.1
All of the above on Gentoo Linux, 2.6.27-openvz-briullov.1-r4 kernel,
Postfix 2.6.5 and glibc 2.10 (also tested with 2.9). Postconf -n looks
like this:
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = //usr/lib/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
home_mailbox = .maildir/
html_directory = /usr/share/doc/postfix-2.6.5/html
inet_protocols = all
local_recipient_maps = $alias_maps
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydomain = whyscream.net
myhostname = a.mx.whyscream.net
mynetworks = cidr:/etc/postfix/mynetworks
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases
proxy_interfaces = 217.149.194.147
proxy_read_maps = $virtual_mailbox_domains, $virtual_mailbox_maps,
$virtual_alias_maps
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.5/readme
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks reject_non_fqdn_hostname
reject_invalid_hostname permit
smtpd_recipient_restrictions = permit_mynetworks
reject_unauth_destination reject_non_fqdn_sender
reject_non_fqdn_recipient reject_unknown_sender_domain
reject_unknown_recipient_domain reject_unauth_pipelining
check_client_access hash:/etc/postfix/access_whitelist
check_policy_service unix:private/postgrey permit
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_cert_file = /etc/ssl/postfix/a.mx.whyscream.net-cert.pem
smtpd_tls_key_file = /etc/ssl/postfix/a.mx.whyscream.net-key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps =
proxy:pgsql:/etc/postfix/pgsql/virtual_alias_maps.conf
proxy:pgsql:/etc/postfix/pgsql/virtual_alias_domain_maps.conf
proxy:pgsql:/etc/postfix/pgsql/virtual_alias_domain_catchall_maps.conf
virtual_gid_maps = static:12
virtual_mailbox_base = /var/spool/vmail
virtual_mailbox_domains =
proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_domains.conf
virtual_mailbox_maps =
proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.conf
pgsql:/etc/postfix/pgsql/virtual_alias_domain_mailbox_maps.conf
virtual_minimum_uid = 100
virtual_transport = dovecot
virtual_uid_maps = static:251
I've also read this (famous/dreaded) bug:
http://sourceware.org/bugzilla/show_bug.cgi?id=4980 which seems related,
but since I'm well past glibc 2.7, I'd expect not to bitten by that one.
However I'm no expert on the subject and I have no idea how the fix as
mentioned in bug looks like.
Now my question is: is this the place where you'd say "your glibc is
broken, talk to your os vendor" or could there some other issue that I
overlooked?
--
Regards,
Tom
signature.asc
Description: OpenPGP digital signature
