Hi,
I have a postfix instance on Debian 6 that has never performed DNS
lookups with version number 2.7.1-1+squeeze1.
The mail.log lists all connections like
Nov 6 17:40:54 lo postfix/smtpd[10283]: 4AD4292:
client=unknown[82.2.1.3], sasl_method=PLAIN,
sasl_username=exam...@example.com
Nov 6 17:40:54 lo postfix/smtpd[10283]: disconnect from
unknown[82.2.1.3]
Real IP address obfuscated.
DNS worked and quickly performs name resolution for all other programmes
including SpamAssassin. Results returned for SpamAssassin's RBL lookups
happen quite quickly for this lower end server. I cannot see performance
problems with Power DNS Recursor.
If I enter IP/host pairs into the /etc/hosts file, then Postfix can get
the address back and unknown is replaced with, for example Nov 7
09:49:03 lo postfix/smtpd[13222]: connect from
gw1-in.tele2.se[193.12.60.45]
* Postfix has been left with default options relating to DNS lookups:
# postconf -d|grep dns
disable_dns_lookups = no
lmtp_host_lookup = dns
smtp_host_lookup = dns
# postconf -n|grep dns
# (no results returned)
# grep dns /etc/postfix/main.cf
# (no results returned)
* DNS ports both are open for TCP and UDP
# nc -z 127.0.0.1 53
# echo $?
0
# nc -u -z 127.0.0.1 53
# echo $?
0
#
* LSOF
# lsof -i tcp:53
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
pdns_recu 1247 pdns 4u IPv4 4733 0t0 TCP localhost:domain (LISTEN)
# lsof -i udp:53
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
pdns_recu 1247 pdns 3u IPv4 4731 0t0 UDP localhost:domain
* Resolv.conf
nameserver 127.0.0.1
options attempts:5 timeout:4
I hope you'll find my postconf -d output of interest:
# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
body_checks = regexp:/etc/postfix/body_checks.regexp
bounce_template_file = /etc/postfix/bounce.cf
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
disable_vrfy_command = yes
header_checks = pcre:/etc/postfix/header_checks
inet_interfaces = all
mailbox_size_limit = 0
message_size_limit = 20480000
milter_connect_macros = j {daemon_name} v {client_addr} _
milter_default_action = tempfail
mime_header_checks = regexp:/etc/postfix/mime_header_checks
mydestination =
myhostname = example.co.uk
mynetworks = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
non_smtpd_milters = inet:localhost:8891
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_helo_timeout = 60s
smtp_mail_timeout = 160s
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_connection_count_limit = 50
smtpd_client_connection_rate_limit = 50
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname,
reject_unlisted_recipient, reject_unlisted_sender,
regexp:/etc/postfix/helo.regexp, permit
smtpd_milters = unix:/spamass/spamass.sock, inet:localhost:8891
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination,
check_recipient_access cidr:/etc/postfix/whitelist,
reject_non_fqdn_sender, reject_rbl_client
hostkarma.junkemailfilter.com=127.0.0.2, reject_rbl_client
sbl-xbl.spamhaus.org, reject_rbl_client truncate.gbudb.net=127.0.0.2,
check_policy_service unix:private/policy-spf
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_tls_CAfile = /etc/ssl/certs/example_CA.pem
smtpd_tls_cert_file = /etc/ssl/private/example.co.uk.crt
smtpd_tls_key_file = /etc/ssl/private/example.co.uk.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
transport_maps = hash:/etc/postfix/transport
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
virtual_alias_maps =
proxy:mysql:/etc/postfix/sql/ms_virtual_alias_maps.cf,
proxy:mysql:/etc/postfix/sql/ms_virtual_alias_domain_maps.cf,
proxy:mysql:/etc/postfix/sql/ms_virtual_alias_domain_catchall_maps.cf
virtual_mailbox_domains =
proxy:mysql:/etc/postfix/sql/ms_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/sql/ms-virtual-mailbox-maps.cf
virtual_transport = dovecot-spamassassin
I'd be very grateful if any one would be able to kindly shed some light
on this for me. Please.
Kind regards, S
