mailcow / mailcow-dockerized

mailcow: dockerized - 🐮 + 🐋 = 💕
https://mailcow.email
GNU General Public License v3.0
9.09k stars 1.19k forks source link

DNS Problem? #52

Closed ghost closed 7 years ago

ghost commented 7 years ago

Hello

I can't receive mail from Gmail and Vimeo :-)

Postfix logs:

postfix-mailcow_1    | Feb 15 22:22:54 mx postfix/smtpd[168]: connect from unknown[74.113.233.227]
postfix-mailcow_1    | Feb 15 22:22:55 mx postfix/smtpd[168]: Anonymous TLS connection established from unknown[74.113.233.227]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
postfix-mailcow_1    | Feb 15 22:22:55 mx postfix/smtpd[168]: NOQUEUE: reject: RCPT from unknown[74.113.233.227]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [74.113.233.227]; from=<no-reply@vimeo.com> to=<me+vimeo@domain.com> proto=ESMTP helo=<smtp.vimeo.com>
postfix-mailcow_1    | Feb 15 22:22:56 mx postfix/smtpd[168]: disconnect from unknown[74.113.233.227] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=6/8
postfix-mailcow_1    | Feb 15 22:23:01 mx postfix/smtpd[170]: Anonymous TLS connection established from unknown[209.85.220.193]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
postfix-mailcow_1    | Feb 15 22:23:01 mx postfix/smtpd[170]: NOQUEUE: reject: RCPT from unknown[209.85.220.193]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [209.85.220.193]; from=<user@gmail.com> to=<me+tesx@domain.com> proto=ESMTP helo=<mail-qk0-f193.google.com>
postfix-mailcow_1    | Feb 15 22:23:01 mx postfix/smtpd[170]: disconnect from unknown[209.85.220.193] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 quit=1 commands=5/
andryyy commented 7 years ago

Is the pdns-mailcow container running? And what about its logs (postfix-mailcow)?

ghost commented 7 years ago

one more case

postfix-mailcow_1    | Feb 16 06:38:59 mx postfix/postscreen[125]: CONNECT from [192.30.252.196]:53499 to [172.22.1.9]:25
postfix-mailcow_1    | Feb 16 06:38:59 mx postfix/postscreen[125]: WHITELISTED [192.30.252.196]:53499
postfix-mailcow_1    | Feb 16 06:39:09 mx postfix/smtpd[127]: connect from unknown[192.30.252.196]
postfix-mailcow_1    | Feb 16 06:39:10 mx postfix/smtpd[127]: Anonymous TLS connection established from unknown[192.30.252.196]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
postfix-mailcow_1    | Feb 16 06:39:10 mx postfix/smtpd[127]: NOQUEUE: reject: RCPT from unknown[192.30.252.196]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [192.30.252.196]; from=<noreply@github.com> to=<user@domain.com> proto=ESMTP helo=<github-smtp2a-ext-cp1-prd.iad.github.net>
postfix-mailcow_1    | Feb 16 06:39:10 mx postfix/smtpd[127]: disconnect from unknown[192.30.252.196] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=6/8
postfix-mailcow_1    | Feb 16 06:39:59 mx postfix/postscreen[125]: CONNECT from [192.30.252.194]:38379 to [172.22.1.9]:25
postfix-mailcow_1    | Feb 16 06:39:59 mx postfix/postscreen[125]: WHITELISTED [192.30.252.194]:38379
postfix-mailcow_1    | Feb 16 06:40:09 mx postfix/smtpd[127]: connect from unknown[192.30.252.194]
postfix-mailcow_1    | Feb 16 06:40:09 mx postfix/smtpd[127]: Anonymous TLS connection established from unknown[192.30.252.194]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
postfix-mailcow_1    | Feb 16 06:40:09 mx postfix/smtpd[127]: NOQUEUE: reject: RCPT from unknown[192.30.252.194]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [192.30.252.194]; from=<noreply@github.com> to=<user@domain.com> proto=ESMTP helo=<github-smtp2b-ext-cp1-prd.iad.github.net>
postfix-mailcow_1    | Feb 16 06:40:09 mx postfix/smtpd[127]: disconnect from unknown[192.30.252.194] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=6/8
postfix-mailcow_1    | Feb 16 06:43:30 mx postfix/anvil[129]: statistics: max connection rate 1/60s for (smtpd:192.30.252.196) at Feb 16 06:39:09
postfix-mailcow_1    | Feb 16 06:43:30 mx postfix/anvil[129]: statistics: max connection count 1 for (smtpd:192.30.252.196) at Feb 16 06:39:09
postfix-mailcow_1    | Feb 16 06:43:30 mx postfix/anvil[129]: statistics: max cache size 2 at Feb 16 06:40:09
                      Name                                             Command                                             State                                              Ports
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
mailcowdockerized_dovecot-mailcow_1                /docker-entrypoint.sh /bin ...                     Up                                                 10001/tcp, 127.0.1.1:110->110/tcp,
                                                                                                                                                         127.0.0.1:143->143/tcp, 24/tcp,
                                                                                                                                                         0.0.0.0:4190->4190/tcp, 0.0.0.0:993->993/tcp,
                                                                                                                                                         127.0.0.1:995->995/tcp
mailcowdockerized_memcached-mailcow_1              docker-entrypoint.sh memcached                     Up                                                 11211/tcp
mailcowdockerized_mysql-mailcow_1                  docker-entrypoint.sh mysqld                        Up                                                 3306/tcp
mailcowdockerized_nginx-mailcow_1                  /bin/bash -c envsubst < /e ...                     Up                                                 0.0.0.0:443->443/tcp, 80/tcp
mailcowdockerized_pdns-mailcow_1                   /usr/sbin/pdns_recursor                            Up                                                 53/udp
mailcowdockerized_php-fpm-mailcow_1                /docker-entrypoint.sh php- ...                     Up                                                 9000/tcp
mailcowdockerized_postfix-mailcow_1                /bin/sh -c exec /usr/bin/s ...                     Up                                                 0.0.0.0:25->25/tcp, 127.0.0.1:465->465/tcp,
                                                                                                                                                         0.0.0.0:587->587/tcp, 588/tcp
mailcowdockerized_redis-mailcow_1                  docker-entrypoint.sh redis ...                     Up                                                 6379/tcp
mailcowdockerized_rmilter-mailcow_1                /bin/sh -c exec /usr/bin/s ...                     Up                                                 9000/tcp
mailcowdockerized_rspamd-mailcow_1                 /usr/bin/rspamd -f -u _rsp ...                     Up                                                 11333/tcp, 11334/tcp
mailcowdockerized_sogo-mailcow_1                   /bin/sh -c exec /usr/bin/s ...                     Up
andryyy commented 7 years ago

And pdns logs?

ghost commented 7 years ago

there is nothing there ...

pdns-mailcow_1       | Feb 16 06:59:26 Answer to 1.0.0.127.zen.spamhaus.org|A for 172.22.1.253:52718 validates as Bogus
pdns-mailcow_1       | Feb 16 06:59:27 Answer to 1.0.0.127.zen.spamhaus.org|A for 172.22.1.253:53850 validates as Bogus
pdns-mailcow_1       | Feb 16 06:59:27 Answer to 1.0.0.127.zen.spamhaus.org|A for 172.22.1.253:51259 validates as Bogus
pdns-mailcow_1       | Feb 16 06:59:27 Answer to facebook.sbl.spamhaus.org|A for 172.22.1.253:52603 validates as Bogus
pdns-mailcow_1       | Feb 16 06:59:35 Answer to facebook.multi.surbl.org|A for 172.22.1.253:50689 validates as Bogus
pdns-mailcow_1       | Feb 16 06:59:35 Answer to 1.0.0.127.list.dnswl.org|A for 172.22.1.253:32848 validates as Bogus
pdns-mailcow_1       | Feb 16 06:59:35 Answer to 1.0.0.127.list.dnswl.org|A for 172.22.1.253:45723 validates as Bogus
pdns-mailcow_1       | Feb 16 06:59:35 Answer to facebook.multi.surbl.org|A for 172.22.1.253:41080 validates as Bogus
pdns-mailcow_1       | Feb 16 06:59:35 Answer to facebook.multi.surbl.org|A for 172.22.1.253:39245 validates as Bogus
pdns-mailcow_1       | Feb 16 06:59:36 Answer to facebook.multi.surbl.org|A for 172.22.1.253:40655 validates as Bogus
pdns-mailcow_1       | Feb 16 06:59:36 Answer to 1.0.0.127.list.dnswl.org|A for 172.22.1.253:60706 validates as Bogus
pdns-mailcow_1       | Feb 16 06:59:36 Answer to 1.0.0.127.list.dnswl.org|A for 172.22.1.253:40068 validates as Bogus
pdns-mailcow_1       | Feb 16 06:59:36 Answer to facebook.multi.surbl.org|A for 172.22.1.253:57689 validates as Bogus
pdns-mailcow_1       | Feb 16 06:59:36 Answer to 1.0.0.127.list.dnswl.org|A for 172.22.1.253:35923 validates as Bogus
pdns-mailcow_1       | Feb 16 07:00:05 Answer to facebook.public.sarbl.org|A for 172.22.1.253:49566 validates as Bogus

...

andryyy commented 7 years ago

The local resolver seems not to work... There is no such problem on any machine I'm testing on. Try to restart the docker host.

ghost commented 7 years ago

Reboot and change system resolver to 8.8.8.8 does not solve the problem (

ghost commented 7 years ago

root@docker-h1:~/mailcow-dockerized# nslookup -q=ptr 192.30.252.194 172.22.1.254

Server:     172.22.1.254
Address:    172.22.1.254#53
** server can't find 194.252.30.192.in-addr.arpa: SERVFAIL

root@docker-h1:~/mailcow-dockerized# nslookup -q=ptr 192.30.252.194 8.8.8.8

Server:     8.8.8.8
Address:    8.8.8.8#53

Non-authoritative answer:
194.252.30.192.in-addr.arpa name = github-smtp2-ext3.iad.github.net.

Scaleway VPS uname -a _Linux docker-h1 4.8.14-docker-2 #1 SMP Tue Jan 10 15:35:02 UTC 2017 x8664 GNU/Linux cat /etc/debian_version 8.7

ghost commented 7 years ago
pdns-mailcow_1       | Feb 18 15:46:22 1 [10/1] question for '181.220.85.209.in-addr.arpa|PTR' from 172.22.1.2
pdns-mailcow_1       | Feb 18 15:46:27 1 [11/2] question for '181.220.85.209.in-addr.arpa|PTR' from 172.22.1.2
pdns-mailcow_1       | Feb 18 15:46:30 1 [10/2] answer to question '181.220.85.209.in-addr.arpa|PTR': 0 answers, 0 additional, took 10 packets, 8007.74 ms, 0 throttled, 5 timeouts, 0 tcp connections, rcode=2
arkag commented 7 years ago

I also cannot resolve gmail.com or my university, mtu.edu. I cannot send or receive.

ghost commented 7 years ago

@cwre Scaleway VPS?

arkag commented 7 years ago

Nope, I’m using pacmanVPS. I’m running this on an Arch host.

via Newton Mail [https://cloudmagic.com/k/d/mailapp?ct=dx&cv=9.4.52&pv=10.12.3&source=email_footer_2] On Wed, Feb 22, 2017 at 8:36 AM, aekv notifications@github.com wrote: @cwre [https://github.com/cwre] Scaleway VPS?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub [https://github.com/andryyy/mailcow-dockerized/issues/52#issuecomment-281670873] , or mute the thread [https://github.com/notifications/unsubscribe-auth/AGb-crlEt6ubmS2AQTNmQ1kuZvU4TIyyks5rfDnxgaJpZM4MCYVv] .

ghost commented 7 years ago

Could you check it?

nslookup -q=ptr 192.30.252.194 172.22.1.254

arkag commented 7 years ago

Arch doesn't have nslookup on it, I've used drill with no issue.

andryyy commented 7 years ago

I switched to Bind9 in dev. Too much problems with PowerDNS Recursor.

ghost commented 7 years ago

@andryyy It's good news. I will try it. Thank you!

ghost commented 7 years ago

it seems everything is ok. BIND works great.

arkag commented 7 years ago

I'm trying this now.

arkag commented 7 years ago

Bind9 works!