I have a custom archive system that I have used for decades and I lost the ability to send mail through the mailing list to its user account.
Jan 05 01:13:13 2018 (3042) delivery to archive@xxx.com failed the code 550: 5.1.1 archive@xxx.com: Recipient address rejected: User unknown in local recipient table
I am using postfix
I have delivery when I use mutt to just send email to the account.
I tried to add this to postfix main.cf but no change in behavior
# local_recipient_maps settings are OK. unknown_local_recipient_reject_code = 550 local_recipient_maps = unix:passwd.byname $alias_maps <<==
the user is sitting in /etc/passwd
www2:/var/lib/mailman/logs # grep archive /etc/passwd archive:x:1001:100::/home/archive:/bin/bash
dns record looks good www2:/var/lib/mailman/logs # dig mx xxx.com
; <<>> DiG 9.9.2 <<>> mx xxx.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26171 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;xxx.com. IN MX
;; ANSWER SECTION: xxx.com. 86400 IN MX 10 www2.xxx.com.
;; AUTHORITY SECTION: xxx.com. 86400 IN NS www2.xxx.com. xxx.com. 86400 IN NS ns1.linuxmafia.com. xxx.com. 86400 IN NS www3.xxx.com.
;; ADDITIONAL SECTION: www2.xxx.com. 86400 IN A 96.57.23.82 www3.xxx.com. 86400 IN A 96.57.23.83
;; Query time: 12 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Jan 5 09:13:42 2018 ;; MSG SIZE rcvd: 156
-- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com
Being so tracked is for FARM ANIMALS and and extermination camps, but incompatible with living as a free human being. -RI Safir 2013
-- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com
Being so tracked is for FARM ANIMALS and and extermination camps, but incompatible with living as a free human being. -RI Safir 2013
On 01/05/2018 09:59 AM, Ruben Safir wrote:
I have a custom archive system that I have used for decades and I lost the ability to send mail through the mailing list to its user account.
Jan 05 01:13:13 2018 (3042) delivery to archive@xxx.com failed the code 550: 5.1.1 archive@xxx.com: Recipient address rejected: User unknown in local recipient table
I am using postfix
I have delivery when I use mutt to just send email to the account.
I tried to add this to postfix main.cf but no change in behavior
# local_recipient_maps settings are OK. unknown_local_recipient_reject_code = 550 local_recipient_maps = unix:passwd.byname $alias_maps <<==
the user is sitting in /etc/passwd
www2:/var/lib/mailman/logs # grep archive /etc/passwd archive:x:1001:100::/home/archive:/bin/bash
dns record looks good www2:/var/lib/mailman/logs # dig mx xxx.com
; <<>> DiG 9.9.2 <<>> mx xxx.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26171 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;xxx.com. IN MX
;; ANSWER SECTION: xxx.com. 86400 IN MX 10 www2.xxx.com.
;; AUTHORITY SECTION: xxx.com. 86400 IN NS www2.xxx.com. xxx.com. 86400 IN NS ns1.linuxmafia.com. xxx.com. 86400 IN NS www3.xxx.com.
;; ADDITIONAL SECTION: www2.xxx.com. 86400 IN A 96.57.23.82 www3.xxx.com. 86400 IN A 96.57.23.83
;; Query time: 12 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Jan 5 09:13:42 2018 ;; MSG SIZE rcvd: 156
It seems to be reaching across to another machine in order to get smtp information, on a postfix installation on that remote machine. They used to be on the same machine, webserver and mail server, but I split them up. When I turned off postfix on the remote machine, which is the mail server, I now get this error
Jan 05 11:40:24 2018 (10329) delivery to archive@xxx.com failed with code -1: [Errno 111] Connection refused
But I don't see why it does this. It doesn't seem to be dns confusion because that works correctly for the mx records. It seems to be confusion restricted to mailman
Ruben
-- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com
Being so tracked is for FARM ANIMALS and and extermination camps, but incompatible with living as a free human being. -RI Safir 2013
On 01/05/2018 12:17 PM, Ruben Safir wrote:
But I don't see why it does this. It doesn't seem to be dns confusion because that works correctly for the mx records. It seems to be confusion restricted to mailman
OK - I found the problem
SMTPHost should be documented to need the FQDN of the host.
I was using the dns mx record mydomain.com, which points to the mail server
that was different from the ordinary dns record for mydomain.com which points to the web server.
SMTPHost seems to do a non-mx record lookup for the value ... which is a little strange.
Ruben
-- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com
Being so tracked is for FARM ANIMALS and and extermination camps, but incompatible with living as a free human being. -RI Safir 2013
On 01/05/2018 11:49 AM, Ruben Safir wrote:
SMTPHost seems to do a non-mx record lookup for the value ... which is a little strange.
When you look up a *host*, you look for A/PTR or CNAME. When you look up an MX, you can look up an MX for a *domain*, *or* you could look up an MX for a *host*. I expect in most cases if you query for MX for SMTP*Host* you'll get nothing -- I wonder how many admins define MXers for each host these days.
It shouldn't need FQDN though, it should add search domain suffix(es) from /etc/resolv.conf.
-- Dimitri Maziuk Programmer/sysadmin BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu
On 01/05/2018 01:41 PM, Dimitri Maziuk wrote:
On 01/05/2018 11:49 AM, Ruben Safir wrote:
SMTPHost seems to do a non-mx record lookup for the value ... which is a little strange. When you look up a *host*, you look for A/PTR or CNAME.
No, all dns look ups are for hosts. Since this is SMTP, it would be proper to assume it is an mx host
When you look up an MX, you can look up an MX for a *domain*, *or* you could look up an MX for a *host*.
NO NO NO
You are looking up a host. You can do that with a domain name, or a specific host name, but you are looking up for a HOST, or more than a single host with rankings, with a specific ip addresses.
[ruben@flatbush ~]$ dig mx gmail.com
; <<>> DiG 9.11.2 <<>> mx gmail.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45910 ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 6
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: 55cb7894025bd1ae2219142e5a4fd300fac0b1a609978ecb (good) ;; QUESTION SECTION: ;gmail.com. IN MX
;; ANSWER SECTION: gmail.com. 3487 IN MX 40 alt4.gmail-smtp-in.l.google.com. gmail.com. 3487 IN MX 30 alt3.gmail-smtp-in.l.google.com. gmail.com. 3487 IN MX 10 alt1.gmail-smtp-in.l.google.com. gmail.com. 3487 IN MX 20 alt2.gmail-smtp-in.l.google.com. gmail.com. 3487 IN MX 5 gmail-smtp-in.l.google.com.
;; AUTHORITY SECTION: gmail.com. 161107 IN NS ns1.google.com. gmail.com. 161107 IN NS ns3.google.com. gmail.com. 161107 IN NS ns4.google.com. gmail.com. 161107 IN NS ns2.google.com.
;; ADDITIONAL SECTION: gmail-smtp-in.l.google.com. 296 IN A 209.85.232.26 ns2.google.com. 161618 IN A 216.239.34.10 ns1.google.com. 161618 IN A 216.239.32.10 ns3.google.com. 161618 IN A 216.239.36.10 ns4.google.com. 161618 IN A 216.239.38.10
;; Query time: 1 msec ;; SERVER: 10.0.0.37#53(10.0.0.37) ;; WHEN: Fri Jan 05 14:33:20 EST 2018 ;; MSG SIZE rcvd: 341
[ruben@flatbush ~]$ dig gmail-smtp-in.l.google.com
; <<>> DiG 9.11.2 <<>> gmail-smtp-in.l.google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3649 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: e107a7eb3dd41c69bad19c635a4fd3209ed6a84ada3378fd (good) ;; QUESTION SECTION: ;gmail-smtp-in.l.google.com. IN A
;; ANSWER SECTION: gmail-smtp-in.l.google.com. 264 IN A 209.85.232.26
I expect in most cases if you query for MX for SMTP*Host* you'll get nothing -- I wonder how many admins define MXers for each host these days.
It shouldn't need FQDN though, it should add search domain suffix(es) from /etc/resolv.conf.
--
-- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com
Being so tracked is for FARM ANIMALS and and extermination camps, but incompatible with living as a free human being. -RI Safir 2013
On 01/05/2018 01:34 PM, Ruben Safir wrote:
On 01/05/2018 01:41 PM, Dimitri Maziuk wrote:
On 01/05/2018 11:49 AM, Ruben Safir wrote:
SMTPHost seems to do a non-mx record lookup for the value ... which is a little strange.
When you look up an MX, you can look up an MX for a *domain*, *or* you could look up an MX for a *host*.
NO NO NO
You are looking up a host. You can do that with a domain name, or a specific host name, but you are looking up for a HOST, or more than a single host with rankings, with a specific ip addresses.
I think you are confused: I am not talking about what you get back, I am talking about what you ask *for*.
You can ask for an MX record for *FOOHost*.
You can ask an MX record for FOOHost's *domain*.
They are *not the same* MX record and there is no mechanism to return the latter if you ask for the former.
When you are *looking up a host*, you are asking for A/CNAME. That's a "non-mx record lookup" which you find "a little strange". It isn't.
-- Dimitri Maziuk Programmer/sysadmin BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu
On 01/05/2018 02:56 PM, Dimitri Maziuk wrote:
I think you are confused: I am not talking about what you get back, I am talking about what you ask *for*.
I think you are confused: I am not talking about what you get back, I am talking about what you ask *for*.
That is just not logical. WHen you ask FOR something, that is what you get back.
You can ask for an MX record for *FOOHost*.
You can ask an MX record for FOOHost's *domain*.
That has nothing to do with this.
They are *not the same* MX record and there is no mechanism to return the latter if you ask for the former.
again, that has nothing to do with this.
When you are *looking up a host*, you are asking for A/CNAME.
That is not a true statement. When you are looking for a MAIL host, it is logical to ask for it with an MX record.
That's a "non-mx record lookup" which you find "a little strange". It isn't.
To you. But in the world of mail and DNS, you look up a SMTP hosts with mx records. That was why we invented them...
-- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com
Being so tracked is for FARM ANIMALS and and extermination camps, but incompatible with living as a free human being. -RI Safir 2013
On 01/05/2018 02:13 PM, Ruben Safir wrote:
That is not a true statement. When you are looking for a MAIL host, it is logical to ask for it with an MX record.
Fine. Dig for an MX record for your defined SMTPHost and see what you get.
-- Dimitri Maziuk Programmer/sysadmin BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu
On 01/05/2018 03:32 PM, Dimitri Maziuk wrote:
On 01/05/2018 02:13 PM, Ruben Safir wrote:
That is not a true statement. When you are looking for a MAIL host, it is logical to ask for it with an MX record. Fine. Dig for an MX record for your defined SMTPHost and see what you get.
not what mailman does with the SMTPHost, and that is my point. It should be documented clearer (or fixed?).
Reuvain
-- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com
Being so tracked is for FARM ANIMALS and and extermination camps, but incompatible with living as a free human being. -RI Safir 2013
On 01/05/2018 02:38 PM, Ruben Safir wrote:
not what mailman does with the SMTPHost, and that is my point. It should be documented clearer (or fixed?).
I think MX record is documented fairly clearly on e.g. wikipedia. The rest of it spelled out in Defaults.py in my installation:
"delivery module for *outgoing* mail" (emphasis mine: "outgoing" means MX doesn't apply), and
"make sure the host exists and is resolvable".
Presumably mailman is not doing anything fancier than import socket socket.gethostbyname() and your non-fqdn SMTPHost will not resolve if you try the above in python shell.
-- Dimitri Maziuk Programmer/sysadmin BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu
participants (2)
-
Dimitri Maziuk -
Ruben Safir