ok
> (Host or domain name not
> found. Name service error for name=bcs.hants.sch.uk type=MX: Host not
> found, try again)
ok again looking in from out side
please note that i am in ontario canada
host not found is exactly that, host not found which means no MX, no A
records etc were returned within the query time limits.
i did a dig from my server
## dig mx bcs.hants.sch.uk
; <<>> DiG 9.14.3 <<>> mx bcs.hants.sch.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32850
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 9881197ad11061a3284d88416361462f78018a38dbbc6a8a (good)
;; QUESTION SECTION:
;bcs.hants.sch.uk. IN MX
;; ANSWER SECTION:
bcs.hants.sch.uk. 3600 IN MX 10
bcs-hants-sch-uk.mail.protection.outlook.com.
;; Query time: 1243 msec
;; SERVER: 10.220.0.2#53(10.220.0.2)
;; WHEN: Tue Nov 01 12:15:43 EDT 2022
;; MSG SIZE rcvd: 133
and it returned ok
HOWEVER
i did notice it took 1.243 seconds (again thats coming from canada)
i allow my dns servers to wait 2 seconds before going to the next one.
does ubound have a dns query timeout that could be set higher ???
from what i have found
# whois.nic.uk
Domain name:
bcs.hants.sch.uk
Data validation:
Nominet was able to match the registrant's name and address
against a 3rd party data source on 10-Dec-2012
Registrar:
No registrar listed. This domain is registered directly with
Nominet.
Relevant dates:
Registered on: 25-Mar-2014
Last updated: 22-Sep-2015
Registration status:
No registration status listed.
Name servers:
ns1170.dns.dyn.com
ns2183.dns.dyn.com
ns3165.dns.dyn.com
ns4150.dns.dyn.com
WHOIS lookup made at 16:20:30 01-Nov-2022
bcs.hants.sch.uk seems to be a sub, sub, domain thus going through
multiple dns lookups before it gets to resolving the actual name.
again only speculating as it is hard to trace what is actually happening
i went through similiar issues with xxx.us.mx (mexico) names years ago.
another thought if it's only this domain maybe put this in your local
hosts file or what ever equilivent ubound uses. that would not be a good
option if the ip changes?
please see :
https://www.nlnetlabs.nl/documentation/unbound/info-timeout/
default seems to be 400ms ??
The fastest server (randomly picked within a so-called RTT band of 400
msec) is selected when a query has to be sent out. The roundtrip-timeout
(rtt) is used for selection purposes. This is the value of the timer
that would be set if the packet is sent out. When this timer expires,
the packet is considered timed-out. If nothing is known about an
IP-address a timeout of 376 msec is assumed. This assumed timeout should
be successful for most traffic. The 376 is chosen to fall within the 400
msec rtt band and it is also a reasonable value (many pings fall in it)
while still allowing several resends within about a single second.
???
maybe look at this ???
Happy Tuesday !!!
Thanks - paul
Paul Kudla
Scom.ca Internet Services <http://www.scom.ca>
004-1009 Byron Street South
Whitby, Ontario - Canada
L1N 4S3
Toronto 416.642.7266
Main 1.866.411.7266
Fax 1.888.892.7266
Email p...@scom.ca
On 11/1/2022 12:06 PM, Linkcheck wrote:
Log and postconf as requested.
I could only find 3 lines of log for the transaction - it was part of a
bulk send. It appears the email was actually sent for this one; was it
really?
log entry
------------------------
Oct 31 12:54:37 BRISTOLWEB postfix/smtp[35040]: A123A320136:
to=<adminoff...@bcs.hants.sch.uk>, relay=none, delay=76,
delays=54/1.5/20/0, dsn=4.4.3, status=deferred (Host or domain name not
found. Name service error for name=bcs.hants.sch.uk type=MX: Host not
found, try again)
Oct 31 13:05:14 BRISTOLWEB postfix/smtp[35659]: Untrusted TLS connection
established to
bcs-hants-sch-uk.mail.protection.outlook.com[104.47.1.36]:25: TLSv1.2
with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Oct 31 13:05:16 BRISTOLWEB postfix/smtp[35659]: A123A320136:
to=<adminoff...@bcs.hants.sch.uk>,
relay=bcs-hants-sch-uk.mail.protection.outlook.com[104.47.1.36]:25,
delay=715, delays=712/0.17/0.37/2.8, dsn=2.6.0, status=sent (250 2.6.0
<8e418a3e-a300-4529-9288-b7e8d4be8...@schoolhistoryscene.co.uk>
[InternalId=77549929499990,
Hostname=DBBPR03MB6969.eurprd03.prod.outlook.com] 5192716 bytes in
1.809, 2802.979 KB/sec Queued mail for delivery)
postconf -n
------------------------
2bounce_notice_recipient = boun...@ssph.org.uk
address_verify_map = proxy:btree:/var/lib/postfix/verify_cache
address_verify_sender_ttl = 237m
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
append_dot_mydomain = no
biff = no
body_checks = pcre:/etc/postfix/body_checks.pcre
bounce_notice_recipient = ad...@ssph.org.uk
bounce_queue_lifetime = 5d
broken_sasl_auth_clients = yes
compatibility_level = 2
delay_notice_recipient = ad...@ssph.org.uk
delay_warning_time = 4h
disable_vrfy_command = yes
error_notice_recipient = serv...@ssph.org.uk
header_checks = pcre:/etc/postfix/header_checks.pcre
home_mailbox = Maildir/
import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY
DISPLAY LANG=C RESOLV_MULTI=on
inet_interfaces = all
inet_protocols = ipv4
mailbox_size_limit = 0
maildrop_destination_recipient_limit = 1
maximal_queue_lifetime = 5d
message_size_limit = 40960000
milter_connect_macros = j {daemon_name} {daemon_addr} v _
milter_default_action = accept
milter_protocol = 6
mime_header_checks = pcre:/etc/postfix/mime_header_checks.pcre
mua_milters = unix:/var/run/opendkim/opendkim.sock,
unix:/var/run/clamav/clamav-milter.ctl
mua_recipient_restrictions = reject_non_fqdn_recipient,
reject_unknown_recipient_domain, permit_sasl_authenticated, reject
mydestination = localhost
mydomain = bristolweb.net
myhostname = mail.bristolweb.net
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 46.33.129.43
185.35.151.92/30 185.35.151.96/27 185.35.148.127
mynetworks_style = host
non_smtpd_milters = unix:/var/run/opendkim/opendkim.sock
notify_classes = software, delay, bounce, 2bounce, resource, protocol
policy-spf_time_limit = 3600s
queue_directory = /var/spool/postfix
readme_directory = no
recipient_delimiter = +
relay_domains = mysql:/etc/postfix/mysql-relay-domains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql_relay_recipients.cf
relayhost =
smtp_header_checks = pcre:/etc/postfix/smtp_header_checks.pcre
smtp_host_lookup = dns,native
smtp_tls_cert_file =
/etc/letsencrypt/live/mail.bristolweb.net/fullchain.pem
smtp_tls_key_file = /etc/letsencrypt/live/mail.bristolweb.net/privkey.pem
smtp_tls_loglevel = 1
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1
smtp_tls_note_starttls_offer = yes
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_security_level = may
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated
check_helo_access pcre:/etc/postfix/white_bypass.pcre
reject_unknown_client_hostname reject_unknown_reverse_client_hostname
reject_unauth_pipelining check_client_access
pcre:/etc/postfix/sender_checks.pcre
smtpd_data_restrictions = reject_unauth_pipelining, permit
smtpd_delay_reject = yes
smtpd_hard_error_limit = 6
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks permit_sasl_authenticated
check_helo_access pcre:/etc/postfix/white_bypass.pcre check_helo_access
cidr:/etc/postfix/ip_check_whitelist reject_invalid_helo_hostname
reject_non_fqdn_helo_hostname reject_unknown_helo_hostname
check_helo_access cidr:/etc/postfix/ip_check_blacklist check_helo_access
pcre:/etc/postfix/helo_checks.pcre reject_unauth_pipelining permit
smtpd_milters = unix:/var/run/opendkim/opendkim.sock,
unix:/var/run/opendmarc/opendmarc.sock,
unix:/var/run/spamass/spamass.sock, unix:/var/run/clamav/clamav-milter.ctl
smtpd_recipient_restrictions = permit_mynetworks
permit_sasl_authenticated reject_unauth_destination
reject_non_fqdn_hostname reject_non_fqdn_recipient
reject_unknown_recipient_domain reject_invalid_hostname
reject_unauth_pipelining reject_unverified_recipient
reject_unlisted_recipient check_recipient_access
pcre:/etc/postfix/recipient_checks.pcre permit_dnswl_client
swl.spamhaus.org check_client_access
pcre:/etc/postfix/received_whitelist.pcre check_client_access
cidr:/etc/postfix/ip_check_whitelist check_client_access
cidr:/etc/postfix/ip_check_blacklist check_policy_service
unix:private/policy-spf permit
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_mynetworks permit_sasl_authenticated
reject_unauth_pipelining check_sender_mx_access
cidr:/etc/postfix/sender_mx_access check_sender_access
pcre:/etc/postfix/sender_whitelist.pcre reject_non_fqdn_sender
reject_unknown_sender_domain reject_unlisted_sender check_sender_access
pcre:/etc/postfix/sender_checks.pcre
smtpd_soft_error_limit = 4
smtpd_tls_cert_file =
/etc/letsencrypt/live/mail.bristolweb.net/fullchain.pem
smtpd_tls_exclude_ciphers = aNULL, EXPORT, MD5, RC4, DH, DES, 3DES,
SEED, CAMELLIA, aDSS, kDH, kECDH, IDEA
smtpd_tls_key_file = /etc/letsencrypt/live/mail.bristolweb.net/privkey.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_exclude_ciphers = aNULL, EXPORT, MD5, RC4, DH, DES,
3DES, SEED, CAMELLIA, aDSS, kDH, kECDH, IDEA
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_use_tls = yes
smtputf8_enable = no
strict_rfc821_envelopes = yes
transport_maps = mysql:/etc/postfix/mysql_transport.cf
unknown_address_reject_code = 553
unknown_client_reject_code = 571
unknown_hostname_reject_code = 571
unverified_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
virtual_mailbox_domains =
mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
postconf -Mf
-------------------
smtp inet n - n - - smtpd
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_wrappermode=no
-o smtpd_tls_security_level=encrypt
-o smtpd_recipient_restrictions=$mua_recipient_restrictions
-o smtpd_sasl_auth_enable=yes
-o receive_override_options=no_header_body_checks
-o milter_macro_daemon_name=ORIGINATING
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o smtpd_milters=$mua_milters
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o receive_override_options=no_header_body_checks
pickup fifo n - n 60 1 pickup
-o content_filter=
-o
receive_override_options=no_header_body_checks,no_unknown_recipient_checks
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
maildrop unix - n n - - pipe flags=DRhu
user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe flags=Fqhu
user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe flags=F
user=ftn
argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe flags=Fq.
user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe flags=R
user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop}
${user} ${extension}
mailman unix - n n - - pipe flags=FR
user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop}
${user}
policy-spf unix - n n - 0 spawn user=nobody
argv=/usr/bin/policyd-spf
