PDA

View Full Version : Type=AAAA: Host not found (...)


farao
6th November 2006, 14:51
Dear all,

After installing ISPConfig and using it for some time now, I get strange returned mail. The error is from my Postfix installation, and says:

Host or domain name not found. Name service error for name=a_certain_domain.nl type=AAAA: Host found but no data record of requested type

I already found it is a IPv6-thing, and it frequently happens when the receiving server is behind a router or something that doesn't really comply to the Rules of Ripe. My mail gets returned with this error when mailing companies (a few anyway).

I can live with not being able to e-mail certain companies, but it's rather annoying.
Is there anything at all I can do except hope everybody will wisen up and start using proper DNS-servers?

Thanks.

falko
7th November 2006, 17:22
You can create an AAAA record for a_certain_domain.nl on the authoritative name server for that domain.

farao
31st January 2007, 20:58
Hi Falko,

Thanks for the reply (I acted on it, and added aaaa-records for my domains, trust me), but the error occurs for domains that are not under my control. I found a config parameter in postfix where I can tell it to only use the IPv4 protocol, and that helps: now i get the error that a type A record for the domain can't be found. If I dig the domain, it promptly returns the A-record. Meanwhile my mail still bounces for completely valid domains...

Thanks, Farao

martinfst
31st January 2007, 21:04
AAAA
IPv6 address, code 28. Used for storing an IPv6 128-bit address associated with a domain name. Defined in RFC 3596.Have you enabled IPv6 support? I know I have fully disabled it, but I guess you need to tell some utilities to use IPv6. With e.g. bind/named you have to add -6 as a parameter during startup.

farao
3rd February 2007, 20:46
I did disable ipv6, and have dug into resolv.conf, which showed me it only searched my own gateway... not good. I added a search lan and a couple of the nameservers my isp runs, and it seems that was what caused the problems.
I don't use the namewerver ispconfig installs, maybe that's part of the problem as well, but since my isp hase good servers, i thought, why bother running my own. maybe I should consider it though...

Thanks for thinking with me,
Farao

martinfst
4th February 2007, 14:13
One of the reasons to run a local DNS server is the ability to do caching. But you need to modify the default settings, to forward at least to the upstream DNS servers, most usually the ones of your ISP.

farao
5th February 2007, 11:49
This is turning into a bit more than a simple ipv6-problem: after changing my resolv.conf, I no longer receive any mail. Sending is fine, but nothing comes back in. mail.log shows connection timeouts on port 25, and a lot of tries from my domainhosters backup mailservers...
Can somebody show me a proper resolv.conf, and tell me to YES or NO activate the dns-server on ispconfig?

falko
5th February 2007, 13:55
Can somebody show me a proper resolv.confThis is a valid /etc/resolv.conf:
nameserver 145.253.2.75
nameserver 193.174.32.18

and tell me to YES or NO activate the dns-server on ispconfig?If you want to run your own DNS servers, activate it; if someone else (e.g. your registrar) manages your DNS records, don't activate it.

farao
5th February 2007, 17:07
Thanks Falko.
Mail bounces back to me with a Too Many Hops error. Can you point me in the richt direction? My mail.log shows me the attempts from my secondairy mailserver to deliver mails. It looks like connections time out, but I don't know how or why... my mail-errorlog shows a couple of logins from an ip on my internal network (probably during a reboot).
Nothing out of the ordinary happened on this system...

Edit---
The plot thickens. In my syslog I see entries like:
Feb 5 20:18:46 atlas postfix/qmgr[9333]: E766C1D426D: to=<sysuser@machine.server.com>, orig_to=<user@domain.nl>, relay=none, delay=28365, status=deferred (delivery temporarily suspended: connect to server.com[IP_HERE]: Connection timed out)

All I changes where hosts and resolv.conf. THat was on feb 3. Since then it's been too quiet in my mailbox.

falko
6th February 2007, 14:43
Edit---
The plot thickens. In my syslog I see entries like:
Feb 5 20:18:46 atlas postfix/qmgr[9333]: E766C1D426D: to=<sysuser@machine.server.com>, orig_to=<user@domain.nl>, relay=none, delay=28365, status=deferred (delivery temporarily suspended: connect to server.com[IP_HERE]: Connection timed out)Can you post the real log message (without replacing IP addresses and hostnames)?

All I changes where hosts and resolv.conf. THat was on feb 3. Since then it's been too quiet in my mailbox.What exactly did you change?

farao
6th February 2007, 18:00
Sure, I'll post it when I get home. Also, a netstat -tap showed a LOT of services (inlcuding pop. impa etcetera) listening on tcp6. How that happened, I don't know. I'll post that output as well.

About the changes, I remember now I did a apt-upgrade that refreshed some libs, but nothing like Bind or courier. I changed hosts to include the machinename, and resolv.conf to start with an external dns-server instead of my routers IP. After that I sent an email that reached its destination as planned, an d then nothing anymore.

Netstat -tap:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost.localdo:60000 *:* LISTEN 4425/postgrey.pid -
tcp 0 0 localhost.localdo:49956 *:* LISTEN 4357/hpiod
tcp 0 0 *:mysql *:* LISTEN 5042/mysqld
tcp 0 0 *:81 *:* LISTEN 5867/ispconfig_http
tcp 0 0 atlas.localdomai:domain *:* LISTEN 6015/named
tcp 0 0 localhost.locald:domain *:* LISTEN 6015/named
tcp 0 0 localhost.localdoma:ipp *:* LISTEN 8064/cupsd
tcp 0 0 *:smtp *:* LISTEN 26674/master
tcp 0 0 localhost.localdoma:953 *:* LISTEN 6015/named
tcp 0 0 localhost.localdo:53593 *:* LISTEN 4360/python
tcp 0 0 localhost.localdo:50304 localhost.localdo:49956 ESTABLISHED4360/python
tcp 0 0 localhost.localdo:49956 localhost.localdo:50304 ESTABLISHED4357/hpiod
tcp 0 0 atlas.localdomain:58085 66.249.93.147:www ESTABLISHED20945/firefox-bin
tcp 0 0 atlas.localdomain:58927 80.67.86.6:www ESTABLISHED20945/firefox-bin
tcp 0 0 atlas.localdomain:55559 a194-109-192-32.dep:www ESTABLISHED20945/firefox-bin
tcp 0 0 atlas.localdomain:35157 atlas.localdomain:imap2 ESTABLISHED20965/mozilla-thund
tcp 0 0 atlas.localdomain:53733 209.50.189.199:www TIME_WAIT -
tcp 0 0 localhost.localdo:43408 localhost.localdo:60000 ESTABLISHED21175/smtpd
tcp 0 0 atlas.localdomain:50968 209.50.189.200:www TIME_WAIT -
tcp 0 0 localhost.localdo:60000 localhost.localdo:43408 ESTABLISHED4425/postgrey.pid -
tcp 0 0 atlas.localdomain:48882 a194-109-192-25.dep:www ESTABLISHED20945/firefox-bin
tcp 0 0 atlas.localdomain:48852 a194-109-192-25.dep:www ESTABLISHED20945/firefox-bin
tcp6 0 0 *:imaps *:* LISTEN 4573/couriertcpd
tcp6 0 0 *:pop3s *:* LISTEN 4614/couriertcpd
tcp6 0 0 *:pop3 *:* LISTEN 4591/couriertcpd
tcp6 0 0 *:imap2 *:* LISTEN 4550/couriertcpd
tcp6 0 0 *:www *:* LISTEN 6083/apache2
tcp6 0 0 *:ssh *:* LISTEN 5232/sshd
tcp6 0 0 ip6-localhost:953 *:* LISTEN 6015/named
tcp6 0 0 *:https *:* LISTEN 6083/apache2
tcp6 0 0 atlas.localdomain:imap2 atlas.localdomain:35157 ESTABLISHED20987/couriertls

Some log entries from mail.log (last one is spam, I know, but it should still be handled):
Feb 7 08:02:55 atlas postfix/qmgr[26678]: B9FB31D4308: to=<sto_mendel@atlas.manaxa.com>, orig_to=<mendel@stecher.org>, relay=none, delay=44963, status=deferred (delivery temporarily suspended: connect to manaxa.com[194.109.228.119]: Connection timed out)
Feb 7 08:03:16 atlas postfix/smtpd[19824]: connect from unknown[61.17.104.124]
Feb 7 08:03:17 atlas postgrey[4425]: delayed 925 seconds: client=61.17.104.124, from=ehosg@erbbois.com, to=ino@imok.nl
Feb 7 08:03:17 atlas postfix/smtpd[19824]: 7FDB81D4342: client=unknown[61.17.104.124]
Feb 7 08:03:18 atlas postfix/cleanup[19789]: 7FDB81D4342: message-id=<001c01c74a86$7131a320$b99d8e9f@rmzln>
Feb 7 08:03:34 atlas postfix/qmgr[26678]: 7FDB81D4342: from=<ehosg@erbbois.com>, size=34892, nrcpt=1 (queue active)
Feb 7 08:03:34 atlas postfix/qmgr[26678]: 7FDB81D4342: to=<info_imok@atlas.manaxa.com>, orig_to=<ino@imok.nl>, relay=none, delay=17, status=deferred (delivery temporarily suspended: connect to manaxa.com[194.109.228.119]: Connection timed out)
Feb 7 08:03:34 atlas postfix/smtpd[19824]: disconnect from unknown[61.17.104.124]
Feb 7 08:04:42 atlas postfix/smtpd[19824]: connect from pan-2-dm3.mgn.ru[62.165.51.249]
Feb 7 08:04:43 atlas postfix/smtpd[19824]: NOQUEUE: reject: RCPT from pan-2-dm3.mgn.ru[62.165.51.249]: 450 <help@manaxa.com>: Recipient address rejected: Greylisted for 90 seconds (see http://isg.ee.ethz.ch/tools/postgrey/help/manaxa.com.html); from=<sims@sbgc.de> to=<help@manaxa.com> proto=SMTP helo=<sbgc.de>
Feb 7 08:04:43 atlas postfix/smtpd[19824]: lost connection after RCPT from pan-2-dm3.mgn.ru[62.165.51.249]
Feb 7 08:04:43 atlas postfix/smtpd[19824]: disconnect from pan-2-dm3.mgn.ru[62.165.51.249]


Hosts:
127.0.0.1 localhost.localdomain localhost
10.0.0.33 atlas.localdomain atlas atlas.manaxa.com www.manaxa.com mail.manaxa.com manaxa.com www.stecher.org mail.stecher.org stecher.org

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts


Resolv.conf:
nameserver 10.0.0.138
nameserver 194.109.6.66
nameserver 194.109.9.99
# domain manaxa.com


Any help is appreciated, I'm starting to miss my spam...

martinfst
7th February 2007, 11:00
atlas.manaxa.com www.manaxa.com mail.manaxa.com manaxa.com www.stecher.org mail.stecher.org stecher.org
look like valid domain names and should not be on a 10.x.x.x address. You should leave it to DNS to resolve those. I assume you want these domains to be reachable from the internet?
:~$ dig www.manaxa.com

; <<>> DiG 9.3.2 <<>> www.manaxa.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35635
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 13, ADDITIONAL: 0

;; QUESTION SECTION:
;www.manaxa.com. IN A

;; ANSWER SECTION:
www.manaxa.com. 86400 IN CNAME manaxa.com.
manaxa.com. 86400 IN A 194.109.228.119

farao
7th February 2007, 13:41
I know, the 10.0.x.x is just so they are reachable from my internal network and from the server itself. DNS works from the outside... The public IP in your dig is from my gateway, which passes every request through to the linux box.

farao
7th February 2007, 16:22
Rats, outgoing mail is also not being sent... I get the feeling this is part DNS, part other stuff. I understand DNS, but the other stuff has me hanging...

Feb 7 14:53:15 atlas imaplogin: LOGIN, user=sto_mendel, ip=[::ffff:127.0.0.1], protocol=IMAP
Feb 7 14:53:15 atlas postfix/smtp[8974]: connect to smm.nl[194.165.34.12]: Connection refused (port 25)
Feb 7 14:53:15 atlas postfix/smtp[8974]: 5A2091D4364: to=<m.stecher@smm.nl>, relay=none, delay=0, status=deferred (connect to smm.nl[194.something]: Connection Refused (port 25)
Feb 7 14:53:15 atlas imaplogin: LOGOUT, user=sto_mendel, ip=[::ffff:127.0.0.1], headers=0, body=0, time=0


Logging in to the webmail works, I can see all my older mails, but sending results in nothing.
Is it normal that when I do a dig on a domain that is running on the machine I do the dig on, it returns the external address? Shouldn't it check resolv.conf and return the internal IP?

root@atlas:~# dig manaxa.com

; <<>> DiG 9.3.2 <<>> manaxa.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47968
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;manaxa.com. IN A

;; ANSWER SECTION:
manaxa.com. 21530 IN A 194.109.228.119

;; Query time: 10 msec
;; SERVER: 10.0.0.138#53(10.0.0.138)
;; WHEN: Wed Feb 7 15:23:35 2007
;; MSG SIZE rcvd: 44

falko
7th February 2007, 19:59
This looks like a firewall issue.

Also, please check if your server is blacklisted: http://www.mxtoolbox.com/blacklists.aspx

farao
7th February 2007, 21:12
Hi Falko,

I'm not blacklisted, and my iptables says it's ok to connect...

Chain INBOUND (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpts:ftp-data:ftp
ACCEPT udp -- anywhere anywhere udp dpts:20:fsp
ACCEPT tcp -- anywhere anywhere tcp dpt:www
ACCEPT udp -- anywhere anywhere udp dpt:www
ACCEPT tcp -- anywhere anywhere tcp dpt:imap2
ACCEPT udp -- anywhere anywhere udp dpt:imap2
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT udp -- anywhere anywhere udp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT udp -- anywhere anywhere udp dpt:25
ACCEPT tcp -- anywhere anywhere tcp dpt:81
ACCEPT udp -- anywhere anywhere udp dpt:81
LSI all -- anywhere anywhere

Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- SpeedTouch.lan anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
ACCEPT udp -- SpeedTouch.lan anywhere
ACCEPT tcp -- resolver.xs4all.nl anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
ACCEPT udp -- resolver.xs4all.nl anywhere
ACCEPT tcp -- resolver.xs4all.nl anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
ACCEPT udp -- resolver.xs4all.nl anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5
DROP all -- anywhere 255.255.255.255
DROP all -- anywhere 10.0.0.255
DROP all -- BASE-ADDRESS.MCAST.NET/8 anywhere
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
LSI all -f anywhere anywhere limit: avg 10/min burst 5
INBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Input'

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Forward'

Chain LOG_FILTER (5 references)
target prot opt source destination

Chain LSI (2 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST
LOG icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP icmp -- anywhere anywhere icmp echo-request
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Inbound '
DROP all -- anywhere anywhere

Chain LSO (0 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Outbound '
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable

Chain OUTBOUND (1 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere

Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- atlas.localdomain SpeedTouch.lan tcp dpt:domain
ACCEPT udp -- atlas.localdomain SpeedTouch.lan udp dpt:domain
ACCEPT tcp -- atlas.localdomain resolver.xs4all.nl tcp dpt:domain
ACCEPT udp -- atlas.localdomain resolver.xs4all.nl udp dpt:domain
ACCEPT tcp -- atlas.localdomain resolver.xs4all.nl tcp dpt:domain
ACCEPT udp -- atlas.localdomain resolver.xs4all.nl udp dpt:domain
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/8 anywhere
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
OUTBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Output'

I checked the NAT-table on my router/gateway as well, but everything there is as it should be. This is driving me mad! Checking the Maildir-directories on my webs, I see some have changed content dated today, while some have feb3 as last change-date. This might mean that some domains actually get mail.
Firewall checks out
Hosts checks out
resolv.conf checks out
dns entries are ok
router is ok
what am I missing here?

--edit--
Turning off the firewall doesn't help either...

martinfst
8th February 2007, 10:21
Are you on a server behind an ADSL line? Recently Planet Internet shutdown port 25 access in The Netherlands. Could be either your ADSL provider or your upstream provider blocking? So external firewalls.

farao
8th February 2007, 14:33
Yes, i am behind ADSL, from XS4All, and from the log entries I think mail is reaching my server, it just doesn't get delivered. Somehow, it looks like it passes straight to the backup-mailserver, which then tries to connect to me. DNS shows no strange things, and my server is primary mailserver for my domains...

--edit--
Looks like I'm back to my original problem: still no mails in my inbox, but now it looks like a pure dns-issue.
Feb 8 15:43:28 atlas postfix/qmgr[9110]: 38E121D4289: from=<nl@marktplaats.nl>, size=2855, nrcpt=1 (queue active)
Feb 8 15:43:28 atlas postfix/smtpd[27549]: disconnect from mx4.marktplaats.nl[213.244.166.124]
Feb 8 15:43:28 atlas postfix/qmgr[9110]: 38E121D4289: to=<naomi_imok@atlas.manaxa.com>, orig_to=<naomi@imok.nl>, relay=none, delay=0, status=deferred (delivery temporarily suspended: Host or domain name not found. Name service error for name=relay.transip.nl type=AAAA: Host found but no data record of requested type)
Feb 8 15:45:08 atlas postfix/smtpd[27679]: connect from smt2.sanoma-uitgevers.nl[213.214.100.15]
Feb 8 15:45:08 atlas postfix/smtpd[27679]: 378261D428A: client=smt2.sanoma-uitgevers.nl[213.214.100.15]
Feb 8 15:45:08 atlas postfix/cleanup[27680]: 378261D428A: message-id=<DCAF851C0E12804FA274948DECC0CF17517A1B@suwnlex401. publishers.intra>
Feb 8 15:45:08 atlas postfix/qmgr[9110]: 378261D428A: from=<m.stecher@smm.nl>, size=1904, nrcpt=1 (queue active)
Feb 8 15:45:08 atlas postfix/smtpd[27679]: disconnect from smt2.sanoma-uitgevers.nl[213.214.100.15]
Feb 8 15:45:08 atlas postfix/qmgr[9110]: 378261D428A: to=<sto_mendel@atlas.manaxa.com>, orig_to=<mendel@stecher.org>, relay=none, delay=0, status=deferred (delivery temporarily suspended: Host or domain name not found. Name service error for name=relay.transip.nl type=AAAA: Host found but no data record of requested type)
Feb 8 15:48:28 atlas postfix/anvil[27615]: statistics: max connection rate 2/60s for (smtp:213.244.166.124) at Feb 8 15:43:28
Feb 8 15:48:28 atlas postfix/anvil[27615]: statistics: max connection count 1 for (smtp:213.244.166.156) at Feb 8 15:43:26
Feb 8 15:48:28 atlas postfix/anvil[27615]: statistics: max cache size 4 at Feb 8 15:43:27
Feb 8 15:49:05 atlas postfix/qmgr[9110]: 077451D428E: from=<>, size=1957, nrcpt=1 (queue active)
Feb 8 15:49:05 atlas postfix/qmgr[9110]: 077451D428E: to=<info_imok@atlas.manaxa.com>, orig_to=<srgd@imok.nl>, relay=none, delay=1876, status=deferred (delivery temporarily suspended: Host or domain name not found. Name service error for name=relay.transip.nl type=AAAA: Host found but no data record of requested type)
Feb 8 15:49:05 atlas postfix/qmgr[9110]: CC62C1D42A7: from=<root@atlas.manaxa.com>, size=557, nrcpt=1 (queue active)
Feb 8 15:49:05 atlas postfix/qmgr[9110]: CC62C1D42A7: to=<root@atlas.manaxa.com>, orig_to=<root>, relay=none, delay=8884, status=deferred (delivery temporarily suspended: Host or domain name not found. Name service error for name=relay.transip.nl type=AAAA: Host found but no data record of requested type)
Feb 8 15:51:32 atlas imaplogin: Connection, ip=[::ffff:127.0.0.1]
Feb 8 15:51:32 atlas imaplogin: LOGIN, user=sto_mendel, ip=[::ffff:127.0.0.1], protocol=IMAP
Feb 8 15:51:32 atlas imaplogin: LOGOUT, user=sto_mendel, ip=[::ffff:127.0.0.1], headers=0, body=0, time=0


Here's what I did with apt-get over the past few days... I did upgrade Bind, but that hasn't been what caused the problem (the problems began BEFORE the upgrade).

drwxr-xr-x 2 root root 4096 Feb 7 08:32 partial
-rw-r----- 1 root root 0 Feb 7 08:31 lock
-rw-r--r-- 1 root root 199810 Feb 6 21:04 libpq4_8.1.4-0ubuntu1.3_i386.deb
-rw-r--r-- 1 root root 681706 Feb 6 19:06 libsmbclient_3.0.22-1ubuntu3.2_i386.deb
-rw-r--r-- 1 root root 2075234 Feb 6 19:06 samba-common_3.0.22-1ubuntu3.2_i386.deb
-rw-r--r-- 1 root root 3347716 Feb 6 19:06 smbclient_3.0.22-1ubuntu3.2_i386.deb
-rw-r--r-- 1 root root 108616 Feb 6 01:03 bind9-host_1%3a9.3.2-2ubuntu1.2_i386.deb
-rw-r--r-- 1 root root 289452 Feb 6 01:03 bind9_1%3a9.3.2-2ubuntu1.2_i386.deb
-rw-r--r-- 1 root root 175268 Feb 6 01:03 dnsutils_1%3a9.3.2-2ubuntu1.2_i386.deb
-rw-r--r-- 1 root root 91098 Feb 6 01:03 libbind9-0_1%3a9.3.2-2ubuntu1.2_i386.deb
-rw-r--r-- 1 root root 478478 Feb 6 01:03 libdns21_1%3a9.3.2-2ubuntu1.2_i386.deb
-rw-r--r-- 1 root root 172316 Feb 6 01:03 libisc11_1%3a9.3.2-2ubuntu1.2_i386.deb
-rw-r--r-- 1 root root 90560 Feb 6 01:03 libisccc0_1%3a9.3.2-2ubuntu1.2_i386.deb
-rw-r--r-- 1 root root 102142 Feb 6 01:03 libisccfg1_1%3a9.3.2-2ubuntu1.2_i386.deb
-rw-r--r-- 1 root root 107012 Feb 6 01:03 liblwres9_1%3a9.3.2-2ubuntu1.2_i386.deb
-rw-r--r-- 1 root root 199762 Feb 5 17:06 libpq4_8.1.4-0ubuntu1.2_i386.deb
-rw-r--r-- 1 root root 31474 Feb 2 22:03 app-install-data-commercial_5.3_all.deb
-rw-r--r-- 1 root root 1035584 Feb 2 22:03 synaptic_0.57.8ubuntu13_i386.deb
-rw-r--r-- 1 root root 4587350 Feb 2 19:03 libc6_2.3.6-0ubuntu20.4_i386.deb
-rw-r--r-- 1 root root 2821984 Feb 2 19:03 libc6-dev_2.3.6-0ubuntu20.4_i386.deb
-rw-r--r-- 1 root root 1078612 Feb 2 19:03 libc6-i686_2.3.6-0ubuntu20.4_i386.deb
-rw-r--r-- 1 root root 71446 Feb 2 00:01 gtk2-engines-pixbuf_2.8.20-0ubuntu1.1_i386.deb
-rw-r--r-- 1 root root 2086866 Feb 2 00:01 libgtk2.0-0_2.8.20-0ubuntu1.1_i386.deb
-rw-r--r-- 1 root root 21190 Feb 2 00:01 libgtk2.0-bin_2.8.20-0ubuntu1.1_i386.deb
-rw-r--r-- 1 root root 3709368 Feb 2 00:01 libgtk2.0-common_2.8.20-0ubuntu1.1_all.deb

falko
8th February 2007, 21:20
Please ask your ISP if they block port 25.

farao
9th February 2007, 11:01
They don't block ports, I checked with them, and from work, I can telnet to port 25 without problems.
What's so annoying is that local mail (sent from the server to the server) is also not reaching its destination: mail sent from one domain hosted on ispconfig to another on the same machine, just vanishes.
If you want, I can post main.cf, master.cf, and all the other files, I even retraced the steps from the Ubuntu 6.06 perfect setup, and everything looks ok. Being relatively new to Linux, I thought maybe a reboot would do the trick, but no...

Feb 9 10:01:29 atlas imaplogin: Connection, ip=[::ffff:127.0.0.1]
Feb 9 10:01:29 atlas imaplogin: LOGIN, user=sto_mendel, ip=[::ffff:127.0.0.1], protocol=IMAP
Feb 9 10:01:29 atlas imaplogin: LOGOUT, user=sto_mendel, ip=[::ffff:127.0.0.1], headers=0, body=0, time=0
Feb 9 10:01:30 atlas imaplogin: Connection, ip=[::ffff:127.0.0.1]
Feb 9 10:01:30 atlas imaplogin: LOGIN, user=sto_mendel, ip=[::ffff:127.0.0.1], protocol=IMAP
Feb 9 10:01:30 atlas imaplogin: LOGOUT, user=sto_mendel, ip=[::ffff:127.0.0.1], headers=0, body=0, time=0
Feb 9 10:01:30 atlas imaplogin: Connection, ip=[::ffff:127.0.0.1]
Feb 9 10:01:30 atlas imaplogin: LOGIN, user=sto_mendel, ip=[::ffff:127.0.0.1], protocol=IMAP
Feb 9 10:01:30 atlas imaplogin: LOGOUT, user=sto_mendel, ip=[::ffff:127.0.0.1], headers=2305, body=0, time=0
Feb 9 10:01:41 atlas postfix/smtpd[24013]: connect from localhost.localdomain[127.0.0.1]
Feb 9 10:01:41 atlas postfix/smtpd[24013]: 565381D42C6: client=localhost.localdomain[127.0.0.1]
Feb 9 10:01:41 atlas postfix/cleanup[24019]: 565381D42C6: message-id=<17374.213.214.100.10.1171011701.squirrel@www.stech er.org>
Feb 9 10:01:41 atlas postfix/qmgr[24919]: 565381D42C6: from=<mendel@stecher.org>, size=686, nrcpt=1 (queue active)
Feb 9 10:01:41 atlas postfix/smtpd[24013]: disconnect from localhost.localdomain[127.0.0.1]
Feb 9 10:01:41 atlas imaplogin: Connection, ip=[::ffff:127.0.0.1]
Feb 9 10:01:41 atlas imaplogin: LOGIN, user=sto_mendel, ip=[::ffff:127.0.0.1], protocol=IMAP
Feb 9 10:01:41 atlas postfix/qmgr[24919]: 565381D42C6: to=<mnx_ikke@atlas.manaxa.com>, orig_to=<ikke@manaxa.com>, relay=none, delay=0, status=deferred (de$
Feb 9 10:01:41 atlas imaplogin: LOGOUT, user=sto_mendel, ip=[::ffff:127.0.0.1], headers=0, body=0, time=0
Feb 9 10:01:41 atlas imaplogin: Connection, ip=[::ffff:127.0.0.1]
Feb 9 10:01:41 atlas imaplogin: LOGIN, user=sto_mendel, ip=[::ffff:127.0.0.1], protocol=IMAP
Feb 9 10:01:41 atlas imaplogin: LOGOUT, user=sto_mendel, ip=[::ffff:127.0.0.1], headers=0, body=0, time=0
Feb 9 10:01:45 atlas imaplogin: Connection, ip=[::ffff:127.0.0.1]
Feb 9 10:01:45 atlas imaplogin: LOGIN, user=sto_mendel, ip=[::ffff:127.0.0.1], protocol=IMAP
Feb 9 10:01:45 atlas imaplogin: LOGOUT, user=sto_mendel, ip=[::ffff:127.0.0.1], headers=1568, body=0, time=0
Feb 9 10:02:06 atlas imaplogin: Connection, ip=[::ffff:127.0.0.1]
Feb 9 10:02:06 atlas imaplogin: LOGIN, user=sto_mendel, ip=[::ffff:127.0.0.1], protocol=IMAP
Feb 9 10:02:06 atlas imaplogin: LOGOUT, user=sto_mendel, ip=[::ffff:127.0.0.1], headers=991, body=0, time=0
Feb 9 10:02:19 atlas postfix/pickup[23408]: 2E5B61D42CA: uid=120 from=<logcheck>
Feb 9 10:02:19 atlas postfix/cleanup[24019]: 2E5B61D42CA: message-id=<20070209090219.2E5B61D42CA@atlas.manaxa.com>
Feb 9 10:02:19 atlas postfix/qmgr[24919]: 2E5B61D42CA: from=<logcheck@atlas.manaxa.com>, size=14348, nrcpt=1 (queue active)
Feb 9 10:02:19 atlas postfix/qmgr[24919]: 2E5B61D42CA: to=<root@atlas.manaxa.com>, orig_to=<root>, relay=none, delay=0, status=deferred (delivery temporar$

falko
9th February 2007, 15:50
If you want, I can post main.cf, master.cf, and all the other files,
Please post your /etc/postfix/main.cf.
What's in /etc/hosts and /etc/resolv.conf?

farao
9th February 2007, 23:06
Here's the files...
main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = atlas.manaxa.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
#mydestination = atlas.manaxa.com, localhost.manaxa.com, , localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
#home_mailbox = Maildir/
#mailbox_command =
mailbox_size_limit = 0
recipient_delimiter = +
#inet_protocols = all
inet_protocols = ipv4
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
#smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject _unauth_destination,check_policy_service inet:127.0.0.1:60000
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject _unauth_destination, permit
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

virtual_maps = hash:/etc/postfix/virtusertable

mydestination = /etc/postfix/local-host-names
transport_maps = hash:/etc/postfix/transport
mailman_destination_recipient_limit = 1
local_recipient_maps =
#relay_domains = $mydestination
inet_interfaces = all


hosts

127.0.0.1 localhost.localdomain localhost atlas.manaxa.com
10.0.0.33 atlas.manaxa.com atlas www.manaxa.com mail.manaxa.com manaxa.com www.stecher.org mail.stecher.org stecher.org

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts


and resolv.conf

domain manaxa.com
nameserver 10.0.0.138
#nameserver 194.109.6.66
#nameserver 194.109.9.99

10.0.0.138 is my speedtouch router to the adsl connection.

I've found one odd thing: If I do a dig on my server (from that server), I get the external IP returned, instead of the internal one. I tell the machine to use the hosts-file first (in hosts.conf), but it just goes straight out, finds the external IP, and doesn't come back in again.
The same goes for nslookups, it returns the external IP, and says the nameserver used is 10.0.0.138. How can I make my server check its hostsfile first?

till
10th February 2007, 20:51
Did you use the command syntax:

dig @localhost yourdomain.com

executed on your server?

falko
10th February 2007, 21:19
Also, what's in your /etc/host.conf?

farao
10th February 2007, 21:19
Hi Till,
Yes, I did: it just goes straight out on the net... (compare hosts-file posted earlier)

; <<>> DiG 9.3.2 <<>> @localhost stecher.org
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21001
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;stecher.org. IN A

;; ANSWER SECTION:
stecher.org. 86400 IN A 194.109.228.119

;; AUTHORITY SECTION:
stecher.org. 86399 IN NS ns2.transip.net.
stecher.org. 86399 IN NS ns0.transip.net.
stecher.org. 86399 IN NS ns1.transip.net.

;; ADDITIONAL SECTION:
ns0.transip.net. 161686 IN A 80.69.67.67
ns1.transip.net. 161686 IN A 80.69.69.69
ns2.transip.net. 161686 IN A 84.246.22.10

;; Query time: 1055 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Feb 10 20:02:58 2007
;; MSG SIZE rcvd: 158


Maybe Courier IMAP broke? I can send out mails now again, but incoming still goes nowhere. In my mail.log I get errors like 10.0.0.33 address not listed for hostname atlas.manaxa.com, but it still connects (from unknown 10.0.0.33, which is my server on its internal ip-address), and then it connects and sends out the mail.
Mail sent to external mail address:

Feb 10 20:08:27 atlas postfix/smtpd[19264]: warning: 10.0.0.33: address not listed for hostname atlas.manaxa.com
Feb 10 20:08:27 atlas postfix/smtpd[19264]: connect from unknown[10.0.0.33]
Feb 10 20:08:27 atlas postfix/smtpd[19264]: 259B81D41A3: client=unknown[10.0.0.33], sasl_method=PLAIN, sasl_username=sto_mendel
Feb 10 20:08:27 atlas postfix/cleanup[19304]: 259B81D41A3: message-id=<45CE182A.4010106@stecher.org>
Feb 10 20:08:27 atlas postfix/qmgr[6172]: 259B81D41A3: from=<mendel@stecher.org>, size=493, nrcpt=1 (queue active)
Feb 10 20:08:27 atlas postfix/smtpd[19264]: disconnect from unknown[10.0.0.33]
Feb 10 20:08:27 atlas postfix/smtp[19438]: 259B81D41A3: to=<mendel@stecher.nl>, relay=stecher.nl[83.160.215.82], delay=0, status=sent (250 Message queued)
Feb 10 20:08:27 atlas postfix/qmgr[6172]: 259B81D41A3: removed
Feb 10 20:08:40 atlas postfix/smtp[19239]: connect to manaxa.com[194.109.228.119]: Connection timed out (port 25)
Feb 10 20:08:41 atlas postfix/smtp[19239]: 12D581D4193: to=<root@atlas.manaxa.com>, relay=relay.transip.nl[80.69.67.21], delay=31, status=sent (250 Ok: queued as E86EC87D2A4)
Feb 10 20:08:41 atlas postfix/qmgr[6172]: 12D581D4193: removed
Feb 10 20:08:41 atlas postfix/smtpd[19312]: connect from relay0.transip.nl[80.69.67.21]
Feb 10 20:08:41 atlas postfix/smtpd[19312]: 46D991D4193: client=relay0.transip.nl[80.69.67.21]
Feb 10 20:08:41 atlas postfix/smtp[16096]: connect to manaxa.com[194.109.228.119]: Connection timed out (port 25)
Feb 10 20:08:41 atlas postfix/cleanup[19236]: 46D991D4193: message-id=<20070210190247.CC1BA1D41A3@atlas.manaxa.com>
Feb 10 20:08:41 atlas postfix/qmgr[6172]: 46D991D4193: from=<logcheck@atlas.manaxa.com>, size=16028, nrcpt=1 (queue active)
Feb 10 20:08:41 atlas postfix/smtpd[19312]: disconnect from relay0.transip.nl[80.69.67.21]
Feb 10 20:08:42 atlas postfix/smtp[14644]: connect to manaxa.com[194.109.228.119]: Connection timed out (port 25)
Feb 10 20:08:42 atlas postfix/smtp[16096]: 8A5F71D4194: to=<root@atlas.manaxa.com>, relay=relay.transip.nl[80.69.67.21], delay=32, status=sent (250 Ok: queued as 4D8D987D2B6)
Feb 10 20:08:42 atlas postfix/qmgr[6172]: 8A5F71D4194: removed


Mail sent to another domain on the same server:

Feb 10 20:22:04 atlas postfix/smtp[19980]: connect to manaxa.com[194.109.228.119]: Connection timed out (port 25)
Feb 10 20:22:05 atlas postfix/smtp[19980]: C3B301D4194: to=<mnx_ikke@atlas.manaxa.com>, orig_to=<ikke@manaxa.com>, relay=relay.transip.nl[80.69.67.19], delay=31, status=sent (250 Ok: queued as 39B973C1CC0)
Feb 10 20:22:05 atlas postfix/qmgr[6172]: C3B301D4194: removed
Feb 10 20:22:05 atlas postfix/smtpd[19856]: connect from relayout1.transip.nl[80.69.67.35]
Feb 10 20:22:05 atlas postfix/smtpd[19856]: 6022C1D4194: client=relayout1.transip.nl[80.69.67.35]
Feb 10 20:22:05 atlas postfix/cleanup[19866]: 6022C1D4194: message-id=<45CE1B3E.5070908@stecher.org>
Feb 10 20:22:05 atlas postfix/qmgr[6172]: 6022C1D4194: from=<mendel@stecher.org>, size=4071, nrcpt=1 (queue active)
Feb 10 20:22:05 atlas postfix/smtpd[19856]: disconnect from relayout1.transip.nl[80.69.67.35]

First mail arrives, second doesn't...

falko
11th February 2007, 15:36
Maybe Courier IMAP broke? I can send out mails now again, but incoming still goes nowhere. In my mail.log I get errors like 10.0.0.33 address not listed for hostname atlas.manaxa.com, but it still connects (from unknown 10.0.0.33, which is my server on its internal ip-address), and then it connects and sends out the mail.I think the problem is that you listed atlas.manaxa.com for two IP addresses in /etc/hosts. Please remove atlas.manaxa.com from the 127.0.0.1 line.

farao
11th February 2007, 20:39
Nope, doesn't change anything. It looks like there's a loop somewhere:
mail comes in, sender does dns-lookup and gets external IP, mail gets delivered here, my mailserver goes looking for correct domain and looks up its own ip-address through an external server, so mail gets held up and passed to secondary mailserver. That mailserver does a lookup, finds my external ip, delivers the mail, and the proces starts again...
how do I break the loop?

falko
12th February 2007, 15:58
You could try this: http://www.howtoforge.com/forums/showpost.php?p=41710&postcount=4

farao
12th February 2007, 21:46
Falko, you're the man! I can't figure out for the life of me why I need this switch all of a sudden, but it works.
Thanks a million guys, for sticking with me and for making me an even stronger believer in Linux and ISPConfig (ok, so I'm just really, really glad).