connections from ipv4 localhost logged as unknown[127.0.0.1]
in [Postfix]
|
Prev: postscreen stress=yes
Next: Pflogsumm Status
From: Tom Hendrikx on 13 Jan 2010 17:20 Hi, After setting up postfix up on a ipv4/ipv6 dualstack machine I'm seeing the following issue: connections on 127.0.0.1 (where my content_filter re-injects mail) are logged as: 010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: warning: 127.0.0.1: address not listed for hostname ip6-localhost 2010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: connect from unknown[127.0.0.1] After some time reading google and debugging this is what I found out: - /etc/hosts contains the following stuff regarding localhost (in the specified order): ::1 ip6-localhost ip6-loopback 127.0.0.1 localhost - The test utils in auxiliary/name-addr-test show the same behaviour as postfix itself: ./getnameinfo 127.0.0.1 Hostname: ip6-localhost Address: 127.0.0.1 ./gethostbyaddr 127.0.0.1 Hostname: ip6-localhost Aliases: ip6-loopback Addresses: 127.0.0.1 - After some tests, I can (temporarily) fix this in 3 ways: 1) Changing postfix's main.cf to use only ipv4 (comment inet_protocols=all + restart) 2) Removing the line for ::1 in /etc/hosts 3) Change the order of /etc/hosts, placing the line for ::1 below 127.0.0.1 All of the above on Gentoo Linux, 2.6.27-openvz-briullov.1-r4 kernel, Postfix 2.6.5 and glibc 2.10 (also tested with 2.9). Postconf -n looks like this: command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = //usr/lib/postfix data_directory = /var/lib/postfix debug_peer_level = 2 home_mailbox = .maildir/ html_directory = /usr/share/doc/postfix-2.6.5/html inet_protocols = all local_recipient_maps = $alias_maps mail_owner = postfix mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man mydomain = whyscream.net myhostname = a.mx.whyscream.net mynetworks = cidr:/etc/postfix/mynetworks myorigin = $myhostname newaliases_path = /usr/bin/newaliases proxy_interfaces = 217.149.194.147 proxy_read_maps = $virtual_mailbox_domains, $virtual_mailbox_maps, $virtual_alias_maps queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.5/readme sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks reject_non_fqdn_hostname reject_invalid_hostname permit smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_sender_domain reject_unknown_recipient_domain reject_unauth_pipelining check_client_access hash:/etc/postfix/access_whitelist check_policy_service unix:private/postgrey permit smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/ssl/postfix/a.mx.whyscream.net-cert.pem smtpd_tls_key_file = /etc/ssl/postfix/a.mx.whyscream.net-key.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 virtual_alias_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_alias_maps.conf proxy:pgsql:/etc/postfix/pgsql/virtual_alias_domain_maps.conf proxy:pgsql:/etc/postfix/pgsql/virtual_alias_domain_catchall_maps.conf virtual_gid_maps = static:12 virtual_mailbox_base = /var/spool/vmail virtual_mailbox_domains = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_domains.conf virtual_mailbox_maps = proxy:pgsql:/etc/postfix/pgsql/virtual_mailbox_maps.conf pgsql:/etc/postfix/pgsql/virtual_alias_domain_mailbox_maps.conf virtual_minimum_uid = 100 virtual_transport = dovecot virtual_uid_maps = static:251 I've also read this (famous/dreaded) bug: http://sourceware.org/bugzilla/show_bug.cgi?id=4980 which seems related, but since I'm well past glibc 2.7, I'd expect not to bitten by that one. However I'm no expert on the subject and I have no idea how the fix as mentioned in bug looks like. Now my question is: is this the place where you'd say "your glibc is broken, talk to your os vendor" or could there some other issue that I overlooked? -- Regards, Tom
From: Wietse Venema on 13 Jan 2010 17:39 Tom Hendrikx: > Hi, > > After setting up postfix up on a ipv4/ipv6 dualstack machine I'm seeing > the following issue: connections on 127.0.0.1 (where my content_filter > re-injects mail) are logged as: > > 010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: warning: > 127.0.0.1: address not listed for hostname ip6-localhost Given the client IP address 127.0.0.1, Postfix gets the name ip6-localhost, but that name does have the address 127.0.0.1. > After some time reading google and debugging this is what I found out: > - /etc/hosts contains the following stuff regarding localhost (in the > specified order): > ::1 ip6-localhost ip6-loopback > 127.0.0.1 localhost And indeed. Name ip6-localhost does not list address 127.0.0.1. Somewhere, you have a mapping from 127.0.0.1 that returns ip6-localhost, and that mapping is screwing things up, because 127.0.0.1 is not listed as an address for ip6-localhost. Wietse
From: Michael Saldivar on 13 Jan 2010 17:41 On Wed, Jan 13, 2010 at 3:20 PM, Tom Hendrikx <tom(a)whyscream.net> wrote: > Hi, > > After setting up postfix up on a ipv4/ipv6 dualstack machine I'm seeing > the following issue: connections on 127.0.0.1 (where my content_filter > re-injects mail) are logged as: > > 010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: warning: > 127.0.0.1: address not listed for hostname ip6-localhost > 2010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: connect > from unknown[127.0.0.1] > > After some time reading google and debugging this is what I found out: > - /etc/hosts contains the following stuff regarding localhost (in the > specified order): > ::1 ip6-localhost ip6-loopback > 127.0.0.1 localhost > > [snip] > mydomain = whyscream.net > myhostname = a.mx.whyscream.net > Add your machine's hostname and FQDN to /etc/hosts: ::1 ip6-localhost ip6-loopback 127.0.0.1 localhost a a.mx.whyscream.net -Mike
From: Tom Hendrikx on 13 Jan 2010 18:06 Wietse Venema wrote: > Tom Hendrikx: >> Hi, >> >> After setting up postfix up on a ipv4/ipv6 dualstack machine I'm seeing >> the following issue: connections on 127.0.0.1 (where my content_filter >> re-injects mail) are logged as: >> >> 010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: warning: >> 127.0.0.1: address not listed for hostname ip6-localhost > > Given the client IP address 127.0.0.1, Postfix gets the name > ip6-localhost, but that name does have the address 127.0.0.1. > >> After some time reading google and debugging this is what I found out: >> - /etc/hosts contains the following stuff regarding localhost (in the >> specified order): >> ::1 ip6-localhost ip6-loopback >> 127.0.0.1 localhost > > And indeed. Name ip6-localhost does not list address 127.0.0.1. > > Somewhere, you have a mapping from 127.0.0.1 that returns ip6-localhost, > and that mapping is screwing things up, because 127.0.0.1 is not > listed as an address for ip6-localhost. > I got as far as this conclusion too, which got me checking for the contents of /etc/hosts. Since I can influence the lookup results easily by shuffling the contents of /etc/hosts, can I conclude that this is an issue with my glibc? Example: changing the contents of the hosts file to: ::1 ip6-foobar ip6-localhost ip6-loopback 127.0.0.1 localhost yields the following result: postfix/smtpd[5128]: warning: 127.0.0.1: address not listed for hostname ip6-foobar -- Regards, Tom
From: Wietse Venema on 13 Jan 2010 19:44 Tom Hendrikx: > Wietse Venema wrote: > > Tom Hendrikx: > >> Hi, > >> > >> After setting up postfix up on a ipv4/ipv6 dualstack machine I'm seeing > >> the following issue: connections on 127.0.0.1 (where my content_filter > >> re-injects mail) are logged as: > >> > >> 010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: warning: > >> 127.0.0.1: address not listed for hostname ip6-localhost > > > > Given the client IP address 127.0.0.1, Postfix gets the name > > ip6-localhost, but that name does have the address 127.0.0.1. > > > >> After some time reading google and debugging this is what I found out: > >> - /etc/hosts contains the following stuff regarding localhost (in the > >> specified order): > >> ::1 ip6-localhost ip6-loopback > >> 127.0.0.1 localhost > > > > And indeed. Name ip6-localhost does not list address 127.0.0.1. > > > > Somewhere, you have a mapping from 127.0.0.1 that returns ip6-localhost, > > and that mapping is screwing things up, because 127.0.0.1 is not > > listed as an address for ip6-localhost. > > > > I got as far as this conclusion too, which got me checking for the > contents of /etc/hosts. Since I can influence the lookup results easily > by shuffling the contents of /etc/hosts, can I conclude that this is an > issue with my glibc? Obviously, there is no 127.0.0.1 <-> ip6-localhost mapping in /etc/hosts. Therefore, when Postfix gets ip6-localhost when it asks the name for 127.0.0.1, then that information did not come from /etc/hosts. You can tweak your /etc/hosts until the cows come home, or you can try to find out were that 127.0.0.1->ip6-localhost is coming from. Wietse
|
Pages: 1 Prev: postscreen stress=yes Next: Pflogsumm Status |