From: Tom Hendrikx on
Hi,

After setting up postfix up on a ipv4/ipv6 dualstack machine I'm seeing
the following issue: connections on 127.0.0.1 (where my content_filter
re-injects mail) are logged as:

010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: warning:
127.0.0.1: address not listed for hostname ip6-localhost
2010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: connect
from unknown[127.0.0.1]

After some time reading google and debugging this is what I found out:
- /etc/hosts contains the following stuff regarding localhost (in the
specified order):
::1 ip6-localhost ip6-loopback
127.0.0.1 localhost

- The test utils in auxiliary/name-addr-test show the same behaviour as
postfix itself:
./getnameinfo 127.0.0.1
Hostname: ip6-localhost
Address: 127.0.0.1
./gethostbyaddr 127.0.0.1
Hostname: ip6-localhost
Aliases: ip6-loopback
Addresses: 127.0.0.1

- After some tests, I can (temporarily) fix this in 3 ways:
1) Changing postfix's main.cf to use only ipv4 (comment
inet_protocols=all + restart)
2) Removing the line for ::1 in /etc/hosts
3) Change the order of /etc/hosts, placing the line for ::1 below 127.0.0.1

All of the above on Gentoo Linux, 2.6.27-openvz-briullov.1-r4 kernel,
Postfix 2.6.5 and glibc 2.10 (also tested with 2.9). Postconf -n looks
like this:

command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = //usr/lib/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
home_mailbox = .maildir/
html_directory = /usr/share/doc/postfix-2.6.5/html
inet_protocols = all
local_recipient_maps = $alias_maps
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydomain = whyscream.net
myhostname = a.mx.whyscream.net
mynetworks = cidr:/etc/postfix/mynetworks
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases
proxy_interfaces = 217.149.194.147
proxy_read_maps = $virtual_mailbox_domains, $virtual_mailbox_maps,
$virtual_alias_maps
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.5/readme
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks reject_non_fqdn_hostname
reject_invalid_hostname permit
smtpd_recipient_restrictions = permit_mynetworks
reject_unauth_destination reject_non_fqdn_sender
reject_non_fqdn_recipient reject_unknown_sender_domain
reject_unknown_recipient_domain reject_unauth_pipelining
check_client_access hash:/etc/postfix/access_whitelist
check_policy_service unix:private/postgrey permit
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_cert_file = /etc/ssl/postfix/a.mx.whyscream.net-cert.pem
smtpd_tls_key_file = /etc/ssl/postfix/a.mx.whyscream.net-key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps =
proxy:pgsql:/etc/postfix/pgsql/virtual_alias_maps.conf
proxy:pgsql:/etc/postfix/pgsql/virtual_alias_domain_maps.conf
proxy:pgsql:/etc/postfix/pgsql/virtual_alias_domain_catchall_maps.conf
virtual_gid_maps = static:12
virtual_mailbox_base = /var/spool/vmail
virtual_mailbox_domains =
proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_domains.conf
virtual_mailbox_maps =
proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.conf
pgsql:/etc/postfix/pgsql/virtual_alias_domain_mailbox_maps.conf
virtual_minimum_uid = 100
virtual_transport = dovecot
virtual_uid_maps = static:251

I've also read this (famous/dreaded) bug:
http://sourceware.org/bugzilla/show_bug.cgi?id=4980 which seems related,
but since I'm well past glibc 2.7, I'd expect not to bitten by that one.
However I'm no expert on the subject and I have no idea how the fix as
mentioned in bug looks like.

Now my question is: is this the place where you'd say "your glibc is
broken, talk to your os vendor" or could there some other issue that I
overlooked?


--
Regards,
Tom

From: Wietse Venema on
Tom Hendrikx:
> Hi,
>
> After setting up postfix up on a ipv4/ipv6 dualstack machine I'm seeing
> the following issue: connections on 127.0.0.1 (where my content_filter
> re-injects mail) are logged as:
>
> 010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: warning:
> 127.0.0.1: address not listed for hostname ip6-localhost

Given the client IP address 127.0.0.1, Postfix gets the name
ip6-localhost, but that name does have the address 127.0.0.1.

> After some time reading google and debugging this is what I found out:
> - /etc/hosts contains the following stuff regarding localhost (in the
> specified order):
> ::1 ip6-localhost ip6-loopback
> 127.0.0.1 localhost

And indeed. Name ip6-localhost does not list address 127.0.0.1.

Somewhere, you have a mapping from 127.0.0.1 that returns ip6-localhost,
and that mapping is screwing things up, because 127.0.0.1 is not
listed as an address for ip6-localhost.

Wietse

From: Michael Saldivar on
On Wed, Jan 13, 2010 at 3:20 PM, Tom Hendrikx <tom(a)whyscream.net> wrote:

> Hi,
>
> After setting up postfix up on a ipv4/ipv6 dualstack machine I'm seeing
> the following issue: connections on 127.0.0.1 (where my content_filter
> re-injects mail) are logged as:
>
> 010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: warning:
> 127.0.0.1: address not listed for hostname ip6-localhost
> 2010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: connect
> from unknown[127.0.0.1]
>
> After some time reading google and debugging this is what I found out:
> - /etc/hosts contains the following stuff regarding localhost (in the
> specified order):
> ::1 ip6-localhost ip6-loopback
> 127.0.0.1 localhost
>
> [snip]

> mydomain = whyscream.net
> myhostname = a.mx.whyscream.net
>

Add your machine's hostname and FQDN to /etc/hosts:

::1 ip6-localhost ip6-loopback
127.0.0.1 localhost a a.mx.whyscream.net

-Mike
From: Tom Hendrikx on
Wietse Venema wrote:
> Tom Hendrikx:
>> Hi,
>>
>> After setting up postfix up on a ipv4/ipv6 dualstack machine I'm seeing
>> the following issue: connections on 127.0.0.1 (where my content_filter
>> re-injects mail) are logged as:
>>
>> 010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: warning:
>> 127.0.0.1: address not listed for hostname ip6-localhost
>
> Given the client IP address 127.0.0.1, Postfix gets the name
> ip6-localhost, but that name does have the address 127.0.0.1.
>
>> After some time reading google and debugging this is what I found out:
>> - /etc/hosts contains the following stuff regarding localhost (in the
>> specified order):
>> ::1 ip6-localhost ip6-loopback
>> 127.0.0.1 localhost
>
> And indeed. Name ip6-localhost does not list address 127.0.0.1.
>
> Somewhere, you have a mapping from 127.0.0.1 that returns ip6-localhost,
> and that mapping is screwing things up, because 127.0.0.1 is not
> listed as an address for ip6-localhost.
>

I got as far as this conclusion too, which got me checking for the
contents of /etc/hosts. Since I can influence the lookup results easily
by shuffling the contents of /etc/hosts, can I conclude that this is an
issue with my glibc?

Example: changing the contents of the hosts file to:
::1 ip6-foobar ip6-localhost ip6-loopback
127.0.0.1 localhost

yields the following result:
postfix/smtpd[5128]: warning: 127.0.0.1: address not listed for hostname
ip6-foobar

--
Regards,
Tom

From: Wietse Venema on
Tom Hendrikx:
> Wietse Venema wrote:
> > Tom Hendrikx:
> >> Hi,
> >>
> >> After setting up postfix up on a ipv4/ipv6 dualstack machine I'm seeing
> >> the following issue: connections on 127.0.0.1 (where my content_filter
> >> re-injects mail) are logged as:
> >>
> >> 010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: warning:
> >> 127.0.0.1: address not listed for hostname ip6-localhost
> >
> > Given the client IP address 127.0.0.1, Postfix gets the name
> > ip6-localhost, but that name does have the address 127.0.0.1.
> >
> >> After some time reading google and debugging this is what I found out:
> >> - /etc/hosts contains the following stuff regarding localhost (in the
> >> specified order):
> >> ::1 ip6-localhost ip6-loopback
> >> 127.0.0.1 localhost
> >
> > And indeed. Name ip6-localhost does not list address 127.0.0.1.
> >
> > Somewhere, you have a mapping from 127.0.0.1 that returns ip6-localhost,
> > and that mapping is screwing things up, because 127.0.0.1 is not
> > listed as an address for ip6-localhost.
> >
>
> I got as far as this conclusion too, which got me checking for the
> contents of /etc/hosts. Since I can influence the lookup results easily
> by shuffling the contents of /etc/hosts, can I conclude that this is an
> issue with my glibc?

Obviously, there is no 127.0.0.1 <-> ip6-localhost mapping in /etc/hosts.

Therefore, when Postfix gets ip6-localhost when it asks the name
for 127.0.0.1, then that information did not come from /etc/hosts.

You can tweak your /etc/hosts until the cows come home, or you can try
to find out were that 127.0.0.1->ip6-localhost is coming from.

Wietse

 | 
Pages: 1
Prev: postscreen stress=yes
Next: Pflogsumm Status