Wietse, thanks for your detailed explanation. Makes all sense to me :-)
> The logfile record shows only the result of the last DNS lookup > failure (AAAA lookup). Other feailures may have been logged by the > same SMTP process 38913, but without the 4JP20t6xYdz3VMH queue ID. I have checked the logs and could not find any more dns error related to that pid. Is there a debug/verbose setting in postfix to enforce that every such dns error is logged? I'm aware that this will lead to much more log output but for tracking dns issues it could be helpful. Whish you a "guten Rutsch" and happy 2022 tobi On Wed, 2021-12-29 at 12:58 -0500, Wietse Venema wrote: > tobs...@brain-force.ch: > > in main.cf > > > > smtp_address_preference = ipv4 > > inet_protocols=all > > > > which should ensure postfix client prefers ipv4 over ipv6 > > Actually, this means try to make connections over IPv4 BEFORE trying > to make connections over IPv6. > > > But now we have a mail where we can see that postfix client did > > AAAA > > lookup. Although the is a valid A record > > Except that DNS lookups can fail temporarily, for all kinds of > reasons. This is why network software must be prepared to retry > whan it receives no reply. > > > > Dec 29 07:43:34 10.1.0.201 postfix/smtp[38913]: 4JP20t6xYdz3VMH: > > to=<REDACTED>, relay=none, delay=7.5, delays=1.2/0/6.3/0, > > dsn=4.4.3, > > status=deferred (Host or domain name not found. Name service error > > for > > name=REDACTED.mail.protection.outlook.com type=AAAA: Host not > > found, > > try again) > > The Postfix queue manager sent a delivery request for the message > with queue ID 4JP20t6xYdz3VMH, which was handled by the Postfix > SMTP client process 38913. > > The Postfix SMTP client tried to look up A records for > REDACTED.mail.protection.outlook.com, which failed, then it tried > to look up AAAA records, which also failed. Presumably there was a > brief DNS or network outage or overload somewhere. > > The logfile record shows only the result of the last DNS lookup > failure (AAAA lookup). Other feailures may have been logged by the > same SMTP process 38913, but without the 4JP20t6xYdz3VMH queue ID. > > (Why didn't the Postfix SMTP client log EVERY failed attempt with > the 4JP20t6xYdz3VMH queue ID? Because the Postfix SMTP client > recovers immediately from many delivery errors by trying a different > DNS lookup, MX host or IP address. When an error is immediately > recoverable, then that is less interesting. That is why Postfix > logs only the errors that aren't immediately recoverable with the > queue ID.) > > > According to log it took postfix over 2min to "fallback" to ipv4 > > > > > Dec 29 07:46:04 10.1.0.201 postfix/smtp[60301]: 4JP20t6xYdz3VMH: > > to=<REDACTED>, > > Two minutes later, the Postfix queue manager sent a DIFFERENT > delivery request for the message with queue ID 4JP20t6xYdz3VMH. > This request was handled by a DIFFERENT Postfix SMTP client process > 60301. When that DIFFERFENT process looked up A records, the lookups > succeeded. > > Wietse
