On 1 Apr 2015, at 9:04, James B. Byrne wrote:
I have a report this morning that email from one of our correspondent
domains is not being reliably received. The specific ase was that
three out of four serial numbered transmissions were received but the
fourth had 'disappeared'. As we were only one of a number of
recipients the missing message was retrieved from one of the others,
proving that the missing message was indeed sent.
Looking at the logs from yesterday I discovered the following log file
entries. There are selected from the entire log using grep
216.254.141.187 and modified to disguise the actual sender and
recipient (YYY and XXX respectively) but are otherwise unaltered and
are in chronological order.
<pre>
Mar 31 16:40:55 inet08 postfix-p25/smtpd[20524]: NOQUEUE: reject: RCPT
from mail20.primus.ca[216.254.141.187]: 450 4.7.1
<tor-smtp-06.primus.ca>: Helo command rejected: Host not found;
from=<y...@lightningequipment.on.ca> to=<x...@harte-lyne.ca> proto=ESMTP
helo=<tor-smtp-06.primus.ca>
Mar 31 16:40:55 inet08 postfix-p25/smtpd[20524]: disconnect from
mail20.primus.ca[216.254.141.187]
Mar 31 16:54:06 inet08 postfix-p25/smtpd[21129]: connect from
mail20.primus.ca[216.254.141.187]
Mar 31 16:54:06 inet08 postfix-p25/smtpd[21129]: NOQUEUE: reject: RCPT
from mail20.primus.ca[216.254.141.187]: 450 4.7.1
<tor-smtp-02.primus.ca>: Helo command rejected: Host not found;
from=<y...@lightningequipment.on.ca> to=<x...@harte-lyne.ca> proto=ESMTP
helo=<tor-smtp-02.primus.ca>
Mar 31 16:54:06 inet08 postfix-p25/smtpd[21129]: disconnect from
mail20.primus.ca[216.254.141.187]
Mar 31 17:05:51 inet08 postfix-p25/smtpd[21422]: connect from
mail20.primus.ca[216.254.141.187]
Mar 31 17:05:51 inet08 postgrey[1507]: action=pass, reason=client AWL,
client_name=mail20.primus.ca, client_address=216.254.141.187,
sender=y...@lightningequipment.on.ca, recipient=x...@harte-lyne.ca
Mar 31 17:05:52 inet08 policyd-spf[21425]: None; identity=helo;
client-ip=216.254.141.187; helo=tor-smtp-06.primus.ca;
envelope-from=y...@lightningequipment.on.ca; receiver=x...@harte-lyne.ca
</pre>
<pre>
;; QUESTION SECTION:
;187.141.254.216.in-addr.arpa. IN PTR
;; ANSWER SECTION:
187.141.254.216.in-addr.arpa. 7200 IN PTR mail20.primus.ca.
;; QUESTION SECTION:
;mail20.primus.ca. IN A
;; ANSWER SECTION:
mail20.primus.ca. 43200 IN A 216.254.141.187
;; QUESTION SECTION:
;tor-smtp-02.primus.ca. IN A
;; ANSWER SECTION:
tor-smtp-02.primus.ca. 43200 IN CNAME mail.primus.ca.
mail.primus.ca. 43200 IN A 216.254.136.21
;; QUESTION SECTION:
;mail.primus.ca. IN A
;; ANSWER SECTION:
mail.primus.ca. 43166 IN A 216.254.136.21
</pre>
postconf mail_version
mail_version = 2.11.1
Can somebody explain to me what circumstance would account for this
behaviour? Is this a DNS issue at their end? Is there something
wrong at our end? I have not run across this specific type of problem
before. I know that we reject for unknown hosts so the configuration
is not at issue. Why is the host unknown at 16:54 and known at 17:05
is the question.
What you didn't look up, what you snipped out of those DNS queries, and
what you didn't mention about your config offer clues. Note that at
16:40 and 17:05 the HELO name is tor-smtp-06.primus.ca, and it is being
rejected. Why is one IP being used by MTA's using 2 different names?
Only Primus is likely to know. Also note that the SOA serial for
primus.ca is 2015033100, implying that they changed something the same
day as your problem, which may also be part of a clue.
What IS your configuration? It IS at issue.
