tobs...@brain-force.ch:
> Wietse,
>
> thanks for your detailed explanation. Makes all sense to me :-)
>
> > The logfile record shows only the result of the last DNS lookup
> > failure (AAAA lookup). Other feailures may have been logged by the
> > same SMTP process 38913, but without the 4JP20t6xYdz3VMH queue ID.
>
> I have checked the logs and could not find any more dns error related
> to that pid. Is there a debug/verbose setting in postfix to enforce
> that every such dns error is logged? I'm aware that this will lead to
> much more log output but for tracking dns issues it could be helpful.
To enable verbose logging for all SMTP client deliveries, add a
'-v' command line option for the Postfix SMTP client:
/etc/postfix/master.cf:
smtp unix ... ... ... ... ... smtp -v
This requires "postfix reload".
To enable selective verbose logging:
/etc/postfix/main.cf:
debug_peer_list = example.com
where example.com matches the domain portion of the recipient address.
The debug_peer_list feature also supports hostname and network patterns,
but those take effect AFTER DNS lookups.
> Whish you a "guten Rutsch" and happy 2022
And a healthy 2022!
Wietse
> tobi
>
> On Wed, 2021-12-29 at 12:58 -0500, Wietse Venema wrote:
> > tobs...@brain-force.ch:
> > > in main.cf
> > >
> > > smtp_address_preference = ipv4
> > > inet_protocols=all
> > >
> > > which should ensure postfix client prefers ipv4 over ipv6
> >
> > Actually, this means try to make connections over IPv4 BEFORE trying
> > to make connections over IPv6.
> >
> > > But now we have a mail where we can see that postfix client did
> > > AAAA
> > > lookup. Although the is a valid A record
> >
> > Except that DNS lookups can fail temporarily, for all kinds of
> > reasons. This is why network software must be prepared to retry
> > whan it receives no reply.
> >
> > > > Dec 29 07:43:34 10.1.0.201 postfix/smtp[38913]: 4JP20t6xYdz3VMH:
> > > to=<REDACTED>, relay=none, delay=7.5, delays=1.2/0/6.3/0,
> > > dsn=4.4.3,
> > > status=deferred (Host or domain name not found. Name service error
> > > for
> > > name=REDACTED.mail.protection.outlook.com type=AAAA: Host not
> > > found,
> > > try again)
> >
> > The Postfix queue manager sent a delivery request for the message
> > with queue ID 4JP20t6xYdz3VMH, which was handled by the Postfix
> > SMTP client process 38913.
> >
> > The Postfix SMTP client tried to look up A records for
> > REDACTED.mail.protection.outlook.com, which failed, then it tried
> > to look up AAAA records, which also failed. Presumably there was a
> > brief DNS or network outage or overload somewhere.
> >
> > The logfile record shows only the result of the last DNS lookup
> > failure (AAAA lookup). Other feailures may have been logged by the
> > same SMTP process 38913, but without the 4JP20t6xYdz3VMH queue ID.
> >
> > (Why didn't the Postfix SMTP client log EVERY failed attempt with
> > the 4JP20t6xYdz3VMH queue ID?? Because the Postfix SMTP client
> > recovers immediately from many delivery errors by trying a different
> > DNS lookup, MX host or IP address. When an error is immediately
> > recoverable, then that is less interesting. That is why Postfix
> > logs only the errors that aren't immediately recoverable with the
> > queue ID.)
> >
> > > According to log it took postfix over 2min to "fallback" to ipv4
> > >
> > > > Dec 29 07:46:04 10.1.0.201 postfix/smtp[60301]: 4JP20t6xYdz3VMH:
> > > to=<REDACTED>,
> >
> > Two minutes later, the Postfix queue manager sent a DIFFERENT
> > delivery request for the message with queue ID 4JP20t6xYdz3VMH.
> > This request was handled by a DIFFERENT Postfix SMTP client process
> > 60301. When that DIFFERFENT process looked up A records, the lookups
> > succeeded.
> >
> > ????????Wietse
>
>
