DevHeads.net

Bounced mails while reloading maps

Hi,

I have a cronjob that rebuilds my /etc/postfix/virtual_alias
and /etc/postfix/virtual_transport files every 15 minutes. I have
noticed that while the rebuild is going on and all processes realize
that the files have changed and restart I often get bounced mails.

For example, this is an excerpt from my log file from today:

Oct 9 15:30:27 thor postfix/lsf-relay/smtpd[25537]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting
Oct 9 15:30:27 thor postfix/lsf-relay/smtpd[25536]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting
Oct 9 15:30:27 thor postfix/lsf-relay/smtpd[25088]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting
Oct 9 15:30:27 thor postfix/smtpd[24267]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting
Oct 9 15:30:27 thor postfix/smtpd[24239]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting
Oct 9 15:30:27 thor postfix/cleanup[26125]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting
Oct 9 15:30:27 thor postfix/cleanup[26562]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting
Oct 9 15:30:27 thor postfix/lmtp[22259]: 8C49D31180: to=<alias1@uni-duesseldorf.de>, orig_to=<main-address1@uni-duesseldorf.de>, relay=none, delay=0.03, delays=0.02/0/0/0, dsn=5.4.4, status=bounced (unable to look up host uni-duesseldorf.de: Name or service not known)
Oct 9 15:30:27 thor postfix/submission/smtpd[20882]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting
Oct 9 15:30:27 thor postfix/submission/smtpd[20973]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting
Oct 9 15:30:29 thor postfix/submission/smtpd[20853]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting
Oct 9 15:30:33 thor postfix/trivial-rewrite[26561]: table hash:/etc/postfix/virtual_transport(0,lock|no_regsub|fold_fix) has changed -- restarting
Oct 9 15:30:34 thor postfix/lmtp[21070]: 9ACD74BD83: to=<alias2@uni-duesseldorf.de>, orig_to=<main- ... at hhu dot de>, relay=none, delay=0.01, delays=0/0/0/0, dsn=5.4.4, status=bounced (unable to look up host uni-duesseldorf.de: Name or service not known)
Oct 9 15:30:36 thor postfix/trivial-rewrite[17489]: table hash:/etc/postfix/virtual_transport(0,lock|no_regsub|fold_fix) has changed -- restarting
Oct 9 15:30:39 thor postfix/submission/smtpd[20864]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting
Oct 9 15:30:59 thor postfix/smtpd[24159]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting
Oct 9 15:31:02 thor postfix/cleanup[24909]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting
Oct 9 15:31:34 thor postfix/submission/smtpd[20940]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting
Oct 9 15:32:05 thor postfix/submission/smtpd[20874]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting
Oct 9 15:32:08 thor postfix/submission/smtpd[18477]: table hash:/etc/postfix/virtual_alias(0,lock|fold_fix) has changed -- restarting

My only idea how to fix this would be modifying the cronjob to hold all mails
before rebuilding the files and releasing all mails after. Is there a better way
or is my setup just stupid?

Obligatory postconf -n:

postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broadcaster_only = check_policy_service inet:localhost:2000
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
delay_warning_time = 4h
header_checks = regexp:/etc/postfix/header_checks
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
lmtp_host_lookup = native
local_recipient_maps = $virtual_mailbox_maps
mail_owner = postfix
mailbox_size_limit = 14336000000
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 143360000
mydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = 127.0.0.0/8 cidr:/etc/postfix/mynetworks-25.cidr
mynetworks_style = host
newaliases_path = /usr/bin/newaliases.postfix
propagate_unmatched_extensions =
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
recipient_delimiter = +
relay_domains = ddz.uni-duesseldorf.de mail.ddz.uni-duesseldorf.de ddfi.uni-duesseldorf.de mail.ddfi.uni-duesseldorf.de dfi.uni-duesseldorf.de mail.ddfi.uni-duesseldorf.de frodo.rz.uni-duesseldorf.de osxpr.fon.hhu.de
relay_recipient_maps = hash:/etc/postfix/relay_recipients
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_host_lookup = native
smtp_tls_cert_file = /etc/postfix/cert/thor-cert.pem
smtp_tls_key_file = /etc/postfix/cert/thor-key.pem
smtp_tls_security_level = may
smtpd_policy_service_timeout = 200s
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtpd_restriction_classes = broadcaster_only
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = inet:192.168.25.210:12345
smtpd_sasl_type = dovecot
smtpd_tls_cert_file = /etc/postfix/cert/thor-cert.pem
smtpd_tls_key_file = /etc/postfix/cert/thor-key.pem
smtpd_tls_security_level = may
transport_maps = hash:/etc/postfix/virtual_transport hash:/etc/postfix/relay_transport_maps
unknown_local_recipient_reject_code = 550
virtual_alias_expansion_limit = 50000
virtual_alias_maps = hash:/etc/postfix/virtual_alias
virtual_mailbox_domains = hash:/etc/postfix/virtual_mailbox_domains
virtual_mailbox_maps = $virtual_alias_maps
virtual_transport = lmtp

Thanks
Julian

Comments

Re: Bounced mails while reloading maps

By Wietse Venema at 10/09/2017 - 10:29

Julian Kippels:
See <a href="http://www.postfix.org/DATABASE_README.html#safe_db" title="http://www.postfix.org/DATABASE_README.html#safe_db">http://www.postfix.org/DATABASE_README.html#safe_db</a>
for updating Berkeley DB safely.

In addition, automatic builds should check that the size of the
source file has not suddenly changed by a lot, before exposing the
new data to Postfix.

Wietse