MailScanner w/Postfix and Postgrey Question on rejected messages
am.lists
am.lists at gmail.com
Fri Feb 9 03:07:04 CET 2007
Unfortunately, the 1.1.5.5 is a NS cache that I can control, while the
2.2.6.6 and 2.2.7.7 are the ones provided by my co-lo facility. They
are also the ones that seem less reliable (shrug)... Now, I know the
difference between authoritative and cache dns servers, and these are
all caches that I point to, but my co-lo owns the reverse lookup on
their authoritative servers. My inbound SMTP usually is able to
successfully reverse-lookup my gateway's IP, but I've seen
historically a time in the 5am hour where the SMTP is getting
"received from unknown" where it should be saying "received from
mail-gw" --
I know, it's not the "correct" answer, but it's at least my reasoning.
I thought about turning on nscd. But I await feedback from those that
might see this first and either warn or praise the idea.
Angelo
On 2/8/07, Doc Schneider <doc at maddoc.net> wrote:
> am.lists wrote:
> > I use MS/PF/PG as a gateway.
> >
> > I'm not sure if this is the right place to ask this question, but I
> > had a slew of messages not arriving today for a period of a few hours.
> > It's still too early to tell if they were rejected permanently or just
> > deferred and I should see them arriving later.
> >
> > My config is as per the subject line...
> >
> > My /etc/resolf.conf contains three DNS servers:
> >
> > for discussion, they are
> >
> > nameserver 1.1.5.5
> > nameserver 2.2.6.6
> > nameserver 2.2.7.7
> >
> > (e.g. at least two of them are on separate networks...)
> >
> > In the above example, server 1.1.5.5 went offline (crashed).
> >
> > With only the first DNS server down, why did the appropriate piece
> > (again, not sure which application is responsible for managing DNS
> > lookups on domains) did not failover to the next nameserver on the
> > list?
> >
> > If you guys redirect me to another list, I'll understand, but I'd be
> > very surprised if I'm the first one to see this problem.
> >
> > Best,
> > Angelo
>
> I'd recommend moving that 1.1.5.5 to the end of that file and let the
> secondary pick up the slack. While most DNS lookups should fall to the
> next server I've seen it happen that the first one is the only one that
> is ever tried. I seem to recall this was something to do with one of the
> perl DNS package (though I could be mistaken). Anyway that's what I'd
> do. 8*)
>
> --
> -Doc
> Lincoln, NE.
> http://www.genealogyforyou.com/
> http://www.cairnproductions.com/
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
More information about the MailScanner
mailing list