DevHeads.net

postfix PTR Lookup internals

Hello everybody!

I see following *maillog* records when new mail comes to server

connect from unknown [209.85.223.195]
client=unknown[209.85.223.195]

But that IP address is GMail IP and it has valid PTR-record which
points to *mail-io0-f195.google.com
<http://mail-io0-f195.google.com>* My main.cf is here
<https://pastebin.com/eyGUeN2U>

*resolv.conf* content for Postfix listed below

# Generated by NetworkManager
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver [hosting_dns_servers_here]
# NOTE: the libc resolver may not support more than 3 nameservers.
# The nameservers listed below may not be recognized.
nameserver 1.1.1.1
nameserver 1.0.0.1
nameserver 77.88.8.8
nameserver 77.88.8.1

So, how can I force Postfix to make reverse lookup and logs a domain name
of mailserver not IP address? I'm running CentOS 7.4

And at the second where I can read about postfix reverse lookup process?

May be you would point me to some place in the postfix sources, I don't
know, indeed...

I guess it's some kind of internal issue of my VDS provider. Caused by the
internal network architecture of dedicated server hoster. Anyway, I want to
read postfix source code which related to reverse DNS lookup procedures and
try to understand, why it doesn't work as expected in my case.

Comments

Re: postfix PTR Lookup internals

By Noel Jones at 05/14/2018 - 15:46

On 5/14/2018 3:19 PM, Vivaldi Vivaldi wrote:
My wild guess is that you have postfix set for chroot, the the
chroot environment is incomplete. See:
<a href="http://www.postfix.org/DEBUG_README.html#no_chroot" title="http://www.postfix.org/DEBUG_README.html#no_chroot">http://www.postfix.org/DEBUG_README.html#no_chroot</a>

If you need more help, see:
<a href="http://www.postfix.org/DEBUG_README.html#mail" title="http://www.postfix.org/DEBUG_README.html#mail">http://www.postfix.org/DEBUG_README.html#mail</a>

-- Noel Jones

Re: postfix PTR Lookup internals

By Vivaldi Vivaldi at 05/14/2018 - 16:00

Yes, your are right postfix chained in the chroot environment for security
reasons as usual.
Though, at another VPS running Debian 7 and Postfix 2.9.6 also chrooted
everithing, works perfect
as for reverse lookup. So I get confused a lot with that "quirk"

2018-05-14 23:46 GMT+03:00 Noel Jones < ... at megan dot vbhcs.org>:

Re: postfix PTR Lookup internals

By Vivaldi Vivaldi at 05/14/2018 - 16:03

Where can I find complete example of postfix chroot environment?

2018-05-15 0:00 GMT+03:00 Vivaldi Vivaldi < ... at gmail dot com>:

Re: postfix PTR Lookup internals

By Vivaldi Vivaldi at 05/14/2018 - 16:07

I've already found
<a href="http://www.postfix.org/BASIC_CONFIGURATION_README.html#chroot_setup" title="http://www.postfix.org/BASIC_CONFIGURATION_README.html#chroot_setup">http://www.postfix.org/BASIC_CONFIGURATION_README.html#chroot_setup</a>,
but may be more detailed description exists, I hope.

2018-05-15 0:03 GMT+03:00 Vivaldi Vivaldi < ... at gmail dot com>:

Re: postfix PTR Lookup internals

By Noel Jones at 05/14/2018 - 16:17

The chroot details are different for each operating system. If you
installed postfix from a package for your OS, often a script is
included with the package to build the chroot environment. If you
didn't install from a package, or you did but the supplied script
didn't work, you may get better support for this OS-specific issue
on a forum dedicated to your OS.

Consider (temporarily) turning chroot off to verify this is the problem.

-- Noel Jones

On 5/14/2018 4:07 PM, Vivaldi Vivaldi wrote:

Re: postfix PTR Lookup internals

By Vivaldi Vivaldi at 05/14/2018 - 16:46

Well spotted again!
Everything resolves as expected after chroot is disabled.
So, I'm digging that way.
Thanks for your help, regards!

2018-05-15 0:17 GMT+03:00 Noel Jones < ... at megan dot vbhcs.org>:

Re: postfix PTR Lookup internals

By Vivaldi Vivaldi at 05/15/2018 - 00:22

My problem is solved.
Solution in one line

*cp -vl /usr/lib64/libnss_* /var/spool/postfix/lib64*

Cheers!

2018-05-15 0:46 GMT+03:00 Vivaldi Vivaldi < ... at gmail dot com>: