Postfix bouncing emails??

Discussion in 'Server Operation' started by RadaR, Mar 29, 2007.

  1. RadaR

    RadaR New Member

    I seem to be having issues with postfix on my server. It’s bouncing emails back to our clients at random. Meaning every once in a while some can get through. The system has worked fine since I started here in June '06. I didn’t change anything recently, and I’m the only one that would have. I’ve been reading on here the past few days and have tried some suggestions to no avail; I’m not sure where to go from here. I’d appreciate any help. Here is some of the information I’ve seen asked for in the related posts I’ve read so far. Sorry if it’s a lot, just want to give you as much info as I could.

    Running:
    Debian 3.1 (sarge)
    Postfix 2.1.5
    MySQL 4.1.11

    I have this excerpt from one of the emails that was bounced back:

    “This is a delivery status notification, automatically generated by MTA
    kvsmtp1.senders-domain.com on Wed, 28 Mar 2007 14:09:33 -0500
    Regarding recipient(s) : [email protected] Delivery status : Failed.
    None of the mail servers for the destination domain has so far
    responded. (domain.com). We have been attempting delivery for 5
    times. Maximum delivery tries attempted. Please contact your
    administrator to contact the destination domain or resend your message.”

    Last entries in mail.err log
    Jan 10 11:39:14 host postfix/smtpd[15635]: fatal: dict_open: unsupported dictionary type: pcre: Is the postfix-pcre package instal$
    (this error repeats 20ish times)
    Jan 10 11:59:35 host postfix/trivial-rewrite[16649]: fatal: mysql:/etc/postfix/mysql-virtual_domains.cf(0,100): table lookup problem
    (this error repeats 10ish times)
    Jan 10 12:25:54 host pop3d-ssl: LOGIN FAILED, ip=[::ffff:65.16.81.99]
    Jan 10 12:26:40 host last message repeated 2 times
    (above two repeat twice)
    That’s the end of the mail errors, nothing else todate.

    Problem entries in mail.log
    (note this file is 185MB and ranges from 3-4-07 to 3-29-07. Can I save as mail.log.bak and start new mail.log?)
    Mar 29 03:08:01 www postfix/smtpd[14259]: warning: database /etc/postfix/access.db is older than source file /etc/postfix/access
    (this appears a lot in recent days)
    Mar 29 03:08:04 www postfix/smtpd[14259]: NOQUEUE: reject: RCPT from aacm203.neoplus.adsl.tpnet.pl[83.4.64.203]: 550 <aacm203.neopl$
    (I see many like this and the one below)
    Mar 29 03:02:47 www postfix/smtpd[13203]: NOQUEUE: reject: RCPT from unknown[211.116.32.128]: 554 <69.16.202.46>: Helo command reje$
    Mar 29 03:02:47 www postfix/smtpd[13203]: lost connection after RCPT from unknown[211.116.32.128]

    My netstat –tap:
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 localhost.domai:60000 *:* LISTEN 2074/postgrey.pid -
    tcp 0 0 localhost.domai:10024 *:* LISTEN 2069/amavisd (maste
    tcp 0 0 localhost.domai:10025 *:* LISTEN 28422/master
    tcp 0 0 *:mysql *:* LISTEN 2198/mysqld
    tcp 0 0 www.domain.com:www 147.124.33.132:3883 SYN_RECV -
    tcp 0 0 www.domain.com:www user-54460eb0.lns1:2265 SYN_RECV -
    tcp 0 0 www.domain.com:www 147.124.33.132:3885 SYN_RECV -
    tcp 0 0 www.domain.com:www 147.124.33.132:3884 SYN_RECV -
    tcp 0 0 www.domain.com:www 147.124.33.132:3896 SYN_RECV -
    tcp 0 0 www.domain.com:www 147.124.33.132:3895 SYN_RECV -
    tcp 0 0 www.domain.com:www user-54460eb0.lns1:2266 SYN_RECV -
    tcp 0 0 www.domain.com:www 203.81.208.237:1378 SYN_RECV -
    tcp 0 0 www.domain.com:www 147.124.33.132:3894 SYN_RECV -
    tcp 0 0 *:smtp *:* LISTEN 28422/master
    tcp 0 0 localhost.domai:mysql localhost.domai:32777 ESTABLISHED2198/mysqld
    tcp 0 0 localhost.domai:mysql localhost.domai:32778 ESTABLISHED2198/mysqld
    tcp 0 0 localhost.domai:mysql localhost.domai:53776 ESTABLISHED2198/mysqld
    tcp 0 0 localhost.domai:10025 localhost.domai:53766 TIME_WAIT -
    tcp 0 0 localhost.domai:mysql localhost.domai:32828 ESTABLISHED2198/mysqld
    tcp 0 0 localhost.domai:53776 localhost.domai:mysql ESTABLISHED28501/trivial-rewri
    tcp 0 0 localhost.domai:53742 localhost.domai:mysql TIME_WAIT -
    tcp 0 0 localhost.domai:mysql localhost.domai:32873 ESTABLISHED2198/mysqld
    tcp 0 0 localhost.domai:32873 localhost.domai:mysql ESTABLISHED2133/authdaemond.my
    tcp 0 0 localhost.domai:32828 localhost.domai:mysql ESTABLISHED2131/authdaemond.my
    tcp 0 0 localhost.domai:32778 localhost.domai:mysql ESTABLISHED2134/authdaemond.my
    tcp 0 0 localhost.domai:32777 localhost.domai:mysql ESTABLISHED2135/authdaemond.my
    tcp 0 0 localhost.domai:32910 localhost.domai:mysql ESTABLISHED2132/authdaemond.my
    tcp 0 0 localhost.domai:mysql localhost.domai:32910 ESTABLISHED2198/mysqld
    tcp 0 1 www.domain.com:smtp ppp130-81.adsl.for:4440 LAST_ACK -
    tcp 0 0 www.domain.co:mysql host252-83.discor:55424 ESTABLISHED2198/mysqld
    tcp 0 0 www.domain.co:mysql host252-83.discor:55451 ESTABLISHED2198/mysqld
    tcp6 0 0 *:pop3s *:* LISTEN 2153/couriertcpd
    tcp6 0 0 *:pop3 *:* LISTEN 2140/couriertcpd
    tcp6 0 0 *:www *:* LISTEN 25379/apache2
    tcp6 0 0 *:ssh *:* LISTEN 2371/sshd
    tcp6 0 0 *:smtp *:* LISTEN 28422/master
    tcp6 0 0 *:https *:* LISTEN 25379/apache2
    tcp6 0 0 ip6-localhost:53760 ip6-localhost:https TIME_WAIT -
    tcp6 0 0 ip6-localhost:53777 ip6-localhost:https TIME_WAIT -
    tcp6 0 0 www.domain.com:www sparky.fhlbatl.co:48254 TIME_WAIT -
    tcp6 0 0 www.domain.com:www adsl-67-120-50-78.:1840 TIME_WAIT -
    tcp6 0 0 www.domain.com:www adsl-67-120-50-78.:1841 TIME_WAIT -
    tcp6 0 0 www.domain.com:www adsl-67-120-50-78.:1842 TIME_WAIT -
    tcp6 0 0 www.domain.com:www adsl-67-120-50-78.:1843 ESTABLISHED28442/apache2
    tcp6 0 0 www.domain.com:ssh host252-83.discor:52137 ESTABLISHED24113/0
    tcp6 0 832 www.domain.com:ssh host252-83.discor:56237 ESTABLISHED24521/1
    tcp6 0 0 www.domain.com:pop3 host252-83.discor:56226 TIME_WAIT -
    tcp6 0 0 www.domain.com:www ::ffff:147.124.33.:3872 TIME_WAIT -

    I noticed mine is quite a bit longer than the rest I've seen on here. I actually had to cut out 86 TIME_WAIT lines from you see above to meet the max amount of characters allowed by a post. Is it normal to have that many? Would that be based on the server's traffic volume? Also the instances where you see “localhost.domai.” – that’s no typo for some reason it drops off the last few letters from the actual domain, it appears fine in other spots. Whats the reason for this?


    NOTE:
    Also I should point out I’m no system admin. I’m a programmer with only a small amount of Linux knowledge. I’m perfectly find getting around in the OS, but not quite clear on what process are doing what etc. Somehow the server admin role here has kind of been left up to me.

    TIA
     
    RadaR, Mar 29, 2007
    #1
  2. falko

    falko Super Moderator Howtoforge Staff

    Please run
    Code:
    postmap /etc/postfix/access
/etc/init.d/postfix restart
    and see if the problem persists.
     
    falko, Mar 30, 2007
    #2

Share This Page