[CentOS] Postfix - message queue filling with Host or name not found - try again

Mon Nov 22 08:44:15 UTC 2010
Ben McGinnes <ben at adversary.org>

On 22/11/10 2:47 PM, Rob Kampen wrote:
> Ben McGinnes wrote:
>>
>> What is the complete output of postqueue -p?  What is the From address
>> and, more to the point, is it MAILER-DAEMON?
>>   
> Yes it is

Cool.

>> Where $MSGID is one of the messages in the queue.  That will show
>> you the message and headers.  I'd be willing to bet it's your
>> server trying to send a rejection/spam detection to a server.
>
> Correct - thanks for the pointers on how to track it down -

No problem.

> so now my question is how do I set things up to simply try this once
> and then drop it, rather than queue it up for the next five days
> with all the attendant dns errors.

That would be difficult to do without it affecting all mail and
resolution problems are supposed to induce temporary failures for a
reason.  The reason normally being that if you are isolated from the
Internet for any length of time (e.g. link outage), you don't want
mail queued on the server being bounced or dropped because you can't
reach an external name server to find an A record or MX record.

> This is definitely at the boundaries of my mail setup experience -
> for some reason the other two mail servers I run do not seem to get
> the same level of spam and thus I seldom notice this.

Are they both running Postfix too?  If so, compare the output of
postconf -n between the three servers and look for what is different.

In this case, the email address that the bounces are trying to be
delivered to is what appeared in the MAIL FROM section during
delivery.  It is almost certainly intended to bounce and the mail will
all be spam.  I haven't been able to find any A records for that
domain and the registration is in Russia.  It's a fairly safe bet that
they're spammers.

I would recommend that you add the following to your
smtpd_recipient_restrictions in main.cf:

    check_sender_access
        hash:/etc/postfix/sender_access,

Probably immediately above or below the line for
"check_recipient_access" which is listed in your original post.

Create a file called /etc/postfix/sender_access with the text editor
of your choice and include the following line:

po6e4ina.com   	   REJECT

Then run the following commands:

postmap /etc/postfix/sender_access
postfix reload

That should do the trick nicely.


Regards,
Ben

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20101122/6c07f45d/attachment-0005.sig>