postfix receiving mail , but holding it in que ,, dns issue i think

17 posts / 0 new
Last post
#1 Thu, 08/05/2010 - 17:24
thegeekshop

postfix receiving mail , but holding it in que ,, dns issue i think

Hi all, I have been using this forum alot for troubleshooting and info with great success, however today i have had to set up an account cause i just cant get my finger on the issue at hand and any help would be great.

general info:

webmin/virtualmin ( most recent) ubuntu 8.04 LTS

This server is purposed for a production hosting server with several vhosts

dig info:

<<>> DiG 9.4.2-P2.1 <<>> mail.thegeekshop.ca ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22014 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION: ;mail.thegeekshop.ca. IN A

;; ANSWER SECTION: mail.thegeekshop.ca. 38400 IN A 96.54.140.171

;; AUTHORITY SECTION: thegeekshop.ca. 38400 IN NS geekfs01.thegeekshop.ca.

;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Thu Aug 5 12:56:48 2010 ;; MSG SIZE rcvd: 76

localhost info

rik@geekfs01:/$ hostname --fqd geekfs01.thegeekshop.ca.thegeekshop.ca rik@geekfs01:/$ hostname -s geekfs01 rik@geekfs01:/$ hostname -f geekfs01.thegeekshop.ca.thegeekshop.ca

i just cant pinpoint what is wrong ,, all email arrives but sits in que with the following error

Host or domain name not found. Name service error for name=yahoo.com.tw type=MX: Host not found, try again

i can also ping mail.thegeekshop.ca from external network without any problem and resolves to my ip

any help ,,,,,,, please

Thu, 08/05/2010 - 18:04
andreychek

Howdy,

You may want to verify that the nameservers you have setup for your server are correct.

Take a peek in /etc/resolv.conf, what are the contents of that file?

There should be one or more "nameserver" entries. What you need to do is verify that those nameservers are correct.

-Eric

Thu, 08/05/2010 - 18:23 (Reply to #2)
thegeekshop

Just for clarity,

i should have put in original post that i am using ns1,2,3,4.afraid.org

this is what i have there

thegeekshop.ca (G) A 96.54.140.171 thegeekshop.ca (G) MX 10:mail.thegeekshop.ca ftp.thegeekshop.ca (G) A 96.54.140.171 mail.thegeekshop.ca (G) A 96.54.140.171 support.thegeekshop.ca (G) A 96.54.140.171 www.thegeekshop.ca (G) URL http://thegeekshop.ca

/etc/resolv.conf looks like

nameserver 192.168.2.1 nameserver 127.0.0.1 domain thegeekshop.ca

should i put the nameserver addresses for afraid.org here as well ?

looking at that i know its wrong , but am somewhat wet behind the ears with nix ,,, i certified as a m$ admin before i saw the light.

any suggestions would be great

rik

Thu, 08/05/2010 - 18:34
andreychek

Howdy,

Is your server's IP address "191.168.2.1"? That's the only questionable entry I see in there.

What output do you receive from these two commands:

dig @127.0.0.1

And:

dig @192.168.2.1

Thu, 08/05/2010 - 19:18
thegeekshop

dig @127.....

<<>> DiG 9.4.2-P2.1 <<>> @127.0.0.1 ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50878 ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13

;; QUESTION SECTION: ;. IN NS

;; ANSWER SECTION: . 515768 IN NS h.root-servers.net. . 515768 IN NS a.root-servers.net. . 515768 IN NS l.root-servers.net. . 515768 IN NS f.root-servers.net. . 515768 IN NS i.root-servers.net. . 515768 IN NS d.root-servers.net. . 515768 IN NS k.root-servers.net. . 515768 IN NS g.root-servers.net. . 515768 IN NS e.root-servers.net. . 515768 IN NS m.root-servers.net. . 515768 IN NS j.root-servers.net. . 515768 IN NS c.root-servers.net. . 515768 IN NS b.root-servers.net.

;; ADDITIONAL SECTION: b.root-servers.net. 602168 IN A 192.228.79.201 e.root-servers.net. 602168 IN A 192.203.230.10 a.root-servers.net. 602168 IN A 198.41.0.4 a.root-servers.net. 602168 IN AAAA 2001:503:ba3e::2:30 l.root-servers.net. 602168 IN A 199.7.83.42 l.root-servers.net. 602168 IN AAAA 2001:500:3::42 m.root-servers.net. 602168 IN A 202.12.27.33 m.root-servers.net. 602168 IN AAAA 2001:dc3::35 f.root-servers.net. 602168 IN A 192.5.5.241 f.root-servers.net. 602168 IN AAAA 2001:500:2f::f h.root-servers.net. 602168 IN A 128.63.2.53 h.root-servers.net. 602168 IN AAAA 2001:500:1::803f:235 j.root-servers.net. 602168 IN A 192.58.128.30

;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Thu Aug 5 17:17:59 2010 ;; MSG SIZE rcvd: 496

dig @192.168.2.1 tanked,, so for giggles i tried 192.168.2.100 and this is output

<<>> DiG 9.4.2-P2.1 <<>> @192.168.2.100 ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52993 ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13

;; QUESTION SECTION: ;. IN NS

;; ANSWER SECTION: . 515679 IN NS b.root-servers.net. . 515679 IN NS h.root-servers.net. . 515679 IN NS f.root-servers.net. . 515679 IN NS g.root-servers.net. . 515679 IN NS i.root-servers.net. . 515679 IN NS c.root-servers.net. . 515679 IN NS a.root-servers.net. . 515679 IN NS k.root-servers.net. . 515679 IN NS d.root-servers.net. . 515679 IN NS j.root-servers.net. . 515679 IN NS l.root-servers.net. . 515679 IN NS m.root-servers.net. . 515679 IN NS e.root-servers.net.

;; ADDITIONAL SECTION: b.root-servers.net. 602079 IN A 192.228.79.201 e.root-servers.net. 602079 IN A 192.203.230.10 a.root-servers.net. 602079 IN A 198.41.0.4 a.root-servers.net. 602079 IN AAAA 2001:503:ba3e::2:30 l.root-servers.net. 602079 IN A 199.7.83.42 l.root-servers.net. 602079 IN AAAA 2001:500:3::42 m.root-servers.net. 602079 IN A 202.12.27.33 m.root-servers.net. 602079 IN AAAA 2001:dc3::35 f.root-servers.net. 602079 IN A 192.5.5.241 f.root-servers.net. 602079 IN AAAA 2001:500:2f::f h.root-servers.net. 602079 IN A 128.63.2.53 h.root-servers.net. 602079 IN AAAA 2001:500:1::803f:235 j.root-servers.net. 602079 IN A 192.58.128.30

;; Query time: 0 msec ;; SERVER: 192.168.2.100#53(192.168.2.100) ;; WHEN: Thu Aug 5 17:19:28 2010 ;; MSG SIZE rcvd: 496

does this mean i should change it accordingly?

Thu, 08/05/2010 - 19:50
andreychek

Well, you could change it... or, on my system, I just have the one line, "nameserver 127.0.0.1", since both lines end up directing queries to the same server.

Either option will solve it, though I might vote for removing the line that doesn't work altogether.

-Eric

Thu, 08/05/2010 - 20:18
thegeekshop

will try removing the line now

k resolv.conf is = nameserver 127.0.0.1

whan i restart apache in webmin i get

Failed to start service :

  • Starting web server apache2 (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down Unable to open logs ...fail!

wait ,,, i just restarted bind , and apache started to will test email now

no joy , would this have to propogate?

Thu, 08/05/2010 - 20:26
andreychek

Well, let's start simple first -- what output do you receive if you type this on the command line:

host yahoo.com.tw

That should show if DNS is working.

-Eric

Thu, 08/05/2010 - 20:27
thegeekshop

;; connection timed out; no servers could be reached

Thu, 08/05/2010 - 20:30
thegeekshop

for the record my server is behind a router in dmz

Thu, 08/05/2010 - 20:30
andreychek

Out of curiosity, take another look at /etc/resolv.conf, does it look the same as you left it? That is, is there still only one nameserver record in it?

-Eric

Thu, 08/05/2010 - 20:34
thegeekshop

nope ,

search thegeekshop.ca nameserver 192.168.2.1

so i changed it back ,,,, i did reboot after restarting services ,,, bad form ?

should i just restart services ,,, reboot to push a change is such an M$ thing im learning

Thu, 08/05/2010 - 20:38
thegeekshop

k , now i have the .conf with just nameserver 127.0.0.1

and the host command we tried now shows yahoo.com.tw has address 203.84.202.10 yahoo.com.tw has address 119.160.246.23 yahoo.com.tw mail is handled by 5 mx2.mail.tw.yahoo.com. yahoo.com.tw mail is handled by 5 mx1.mail.tw.yahoo.com.

Thu, 08/05/2010 - 20:39
andreychek

Well, there's a couple of issues :-)

Yeah, it's pretty rare that you need to reboot. Normally, it's as simple as updating a config, restarting a service, and presto, things work.

However, in your case, rebooting helped show a problem with what's probably your router setup.

The contents of your /etc/resolv.conf file come from the DHCP server on your router. That means that your router is giving out the wrong IP addresses for DHCP.

So first, remove the errant line from your resolv.conf file.

Second, you'll need to log into your router, and update the DNS servers that it's setup to give out to clients on the LAN.

-Eric

Thu, 08/05/2010 - 20:56
thegeekshop

just got this from a test email on my external account from email to an internal account

This is the mail system at host geekfs01.thegeekshop.ca. I'm sorry to have to inform you that your message could notbe delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You candelete your own text from the attached returned message. The mail system joy@thegeekshop.ca: mail for thegeekshop.ca loops back to myself

Thu, 08/05/2010 - 22:19
thegeekshop

but at least im getting bounces now ,, that is new

with the router ,not to sound noobish , should i point dns to my ddns provider or my server?

its 8:pm pacific time for me ,, please gimme a shout tomorrow , i will check this over the course of the night as well just in case ,, and ty

Fri, 08/06/2010 - 15:52
andreychek

Well, I'm not entirely certain that I have my head wrapped around your setup there... so let's back up a moment.

In regards to email, what works, and what doesn't work?

Can you send new outgoing emails from your server? If things are working correctly, a new outgoing email shouldn't get caught up in the mail queue.

-Eric