Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

warning: Unable to look up NS host

52 views
Skip to first unread message

John Beaver

unread,
Aug 2, 2006, 6:09:11 PM8/2/06
to
I am getting this error and I'm not sure what is means.

Aug 2 05:08:32 mg-v1 postfix-gw/smtpd[28688]: connect from
news.ecpsourcebuys.com[205.177.90.167]
Aug 2 05:08:33 mg-v1 postfix-gw/smtpd[28688]: warning: Unable to look
up NS host NS2.ECPSRCEDNS.com for Sender address
CruiseD...@ecpsourcebuys.com: hostname nor servname provided, or not
known
Aug 2 05:08:33 mg-v1 postfix-gw/smtpd[28688]: warning: Unable to look
up NS host NS1.ECPSRCEDNS.com for Sender address
CruiseD...@ecpsourcebuys.com: hostname nor servname provided, or not
known
Aug 2 05:08:33 mg-v1 postfix-gw/cleanup[28693]: A2F23C0F7:
message-id=<200608021008...@mg-v2.leaveittobeaver.net>
Aug 2 05:08:33 mg-v1 postfix-gw/qmgr[28511]: A2F23C0F7:
from=<sav-pos...@leaveittobeaver.net>, size=287, nrcpt=1 (queue active)
Aug 2 05:08:34 mg-v1 postfix-gw/smtp[28699]: A2F23C0F7:
to=<CruiseD...@ecpsourcebuys.com>,
relay=news.ecpsourcebuys.com[205.177.90.167]:25, delay=0.48,
delays=0.03/0.23/0.17/0.05, dsn=2.0.0, status=deliverable (250 Ok)
Aug 2 05:08:34 mg-v1 postfix-gw/qmgr[28511]: A2F23C0F7: removed
Aug 2 05:08:36 mg-v1 postfix-gw/smtpd[28688]: NOQUEUE: reject: RCPT
from news.ecpsourcebuys.com[205.177.90.167]: 450 4.7.1
<rem...@example.net>: Recipient address rejected: Policy Rejection-
Please try later.; from=<CruiseD...@ecpsourcebuys.com>
to=<rem...@example.net> proto=ESMTP helo=<news.ecpsourcebuys.com>
Aug 2 05:08:36 mg-v1 postfix-gw/smtpd[28688]: disconnect from
news.ecpsourcebuys.com[205.177.90.167]

It has MX records and passes my SAV check. I understand it's a warning
but would like to understand what it's telling me.

postconf -n if needed
--------------------------------
address_verify_map = btree:/var/log/address_verify.map
address_verify_negative_cache = yes
address_verify_negative_expire_time = 3h
address_verify_negative_refresh_time = 1h
address_verify_positive_expire_time = 31d
address_verify_positive_refresh_time = 7d
address_verify_sender = rem...@example.net
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_at_myorigin = yes
biff = no
body_checks = pcre:/etc/postfix/body_checks.pcre
bounce_notice_recipient = rem...@example.net
bounce_size_limit = 50000
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix-gw
content_filter = smtp-amavis:[127.0.0.1]:10026
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 100
default_destination_recipient_limit = 20
delay_notice_recipient = rem...@example.net
disable_vrfy_command = yes
empty_address_recipient = MAILER-DAEMON
error_notice_recipient = rem...@example.net
header_checks = pcre:/etc/postfix/header_checks.pcre
header_size_limit = 102400
html_directory = no
ignore_mx_lookup_error = yes
inet_interfaces = mg-v2.leaveittobeaver.net
local_destination_concurrency_limit = 2
local_recipient_maps =
local_transport = error:local mail delivery is disabled
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
maximal_queue_lifetime = 432000s
message_size_limit = 10240000
mydestination =
mydomain = leaveittobeaver.net
myhostname = mg-v2.leaveittobeaver.net
mynetworks = 127.0.0.0/8, <removed>
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases
notify_classes = resource, software, delay
proxy_read_maps = proxy:mysql:/etc/postfix/policyd_spamtrap_alias_maps.cf
queue_directory = /var/spool/postfix-gw
queue_minfree = 20480000
readme_directory = no
recipient_bcc_maps = hash:/etc/postfix/sender_bcc.map
relay_domains = $mynetworks, hash:/etc/postfix/relay_domains.map
relay_recipient_maps = hash:/etc/postfix/relay_recipient.map,
proxy:mysql:/etc/postfix/policyd_spamtrap_alias_maps.cf
remote_header_rewrite_domain = domain.invalid
sample_directory = /etc/postfix
sender_bcc_maps = hash:/etc/postfix/sender_bcc.map
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
show_user_unknown_table_name = no
smtp_always_send_ehlo = yes
smtp_connect_timeout = 60s
smtp_data_done_timeout = 60s
smtp_data_init_timeout = 60s
smtp_data_xfer_timeout = 60s
smtp_helo_timeout = 60s
smtp_mail_timeout = 60s
smtp_quit_timeout = 60s
smtp_rcpt_timeout = 60s
smtp_rset_timeout = 60s
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd.map
smtp_sasl_security_options =
smtpd_banner = $myhostname ESMTP $mail_name - Attn: All Spammers will be
pursued.
smtpd_client_connection_rate_limit = 4
smtpd_data_restrictions = reject_unauth_pipelining, permit
smtpd_hard_error_limit = 3
smtpd_helo_required = yes
smtpd_junk_command_limit = 2
smtpd_recipient_restrictions = check_client_access
cidr:/etc/postfix/client_checks.cidr, reject_invalid_hostname,
reject_non_fqdn_hostname, reject_non_fqdn_sender,
reject_non_fqdn_recipient, reject_unknown_sender_domain,
reject_unknown_recipient_domain, permit_mynetworks,
reject_unauth_destination, reject_unlisted_recipient, warn_if_reject
reject_unlisted_sender, check_policy_service inet:127.0.0.1:10032,
check_sender_ns_access hash:/etc/postfix/ns_blocked.map,
check_client_access hash:/etc/postfix/client_checks.map,
check_sender_access hash:/etc/postfix/freemail_access.map
check_sender_mx_access hash:/etc/postfix/sender_mx.map,
reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client
sub.mxrate.net=127.0.0.2, reject_rbl_client sub.mxrate.net=127.0.0.4,
reject_rbl_client combined.njabl.org, check_sender_access
hash:/etc/postfix/sav_checks.map, reject_unverified_sender, permit
smtpd_restriction_classes = from_freemail_host
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_timeout = 20s
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
strict_7bit_headers = no
strict_rfc821_envelopes = yes
syslog_name = postfix-gw
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport.map
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 550
unknown_relay_recipient_reject_code = 550
unverified_recipient_reject_code = 554
unverified_sender_reject_code = 554

Evan Platt

unread,
Aug 2, 2006, 6:16:45 PM8/2/06
to

I could be wrong, but..

# nslookup ecpsourcebuys.com
Server: 192.168.1.66
Address: 192.168.1.66#53

Non-authoritative answer:
*** Can't find ecpsourcebuys.com: No answer

# dig mx ecpsourcebuys.com

; <<>> DiG 9.3.1 <<>> mx ecpsourcebuys.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10357
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 4

;; QUESTION SECTION:
;ecpsourcebuys.com. IN MX

;; ANSWER SECTION:
ecpsourcebuys.com. 7062 IN MX 10 rss.ecpsourcebuys.com.
ecpsourcebuys.com. 7062 IN MX 10 news.ecpsourcebuys.com.
ecpsourcebuys.com. 7062 IN MX 10 groups.ecpsourcebuys.com.
ecpsourcebuys.com. 7062 IN MX 10 orders.ecpsourcebuys.com.


I don't know if it's 'valid' to have all the mx records have the same
priority. Don't know if that's a problem or the problem.

Noel Jones

unread,
Aug 2, 2006, 6:51:52 PM8/2/06
to
At 05:09 PM 8/2/2006, John Beaver wrote:
>I am getting this error and I'm not sure what is means.
>
>Aug 2 05:08:32 mg-v1 postfix-gw/smtpd[28688]: connect
>from news.ecpsourcebuys.com[205.177.90.167]
>Aug 2 05:08:33 mg-v1 postfix-gw/smtpd[28688]: warning:
>Unable to look up NS host NS2.ECPSRCEDNS.com for Sender
>address CruiseD...@ecpsourcebuys.com: hostname nor
>servname provided, or not known
>Aug 2 05:08:33 mg-v1 postfix-gw/smtpd[28688]: warning:
>Unable to look up NS host NS1.ECPSRCEDNS.com for Sender
>address CruiseD...@ecpsourcebuys.com: hostname nor
>servname provided, or not known

Postfix tried to look up the Name Server records for
ecpsourcebuys.com, but the specified host doesn't exist.

This happens when the domain owner lists a non-existent
host as their name server, or has inconsistent DNS
records. This is a misconfiguration on the domain owner's
part, and doesn't by itself mean the message is spam.

This NS lookup is triggered by your check_sender_ns_access
table.

--
Noel Jones

Rick Zeman

unread,
Aug 2, 2006, 9:55:18 PM8/2/06
to
On 8/2/06, Evan Platt <ev...@espphotography.com> wrote:
> At 03:09 PM 8/2/2006, you wrote:
> I could be wrong, but..
>
> # nslookup ecpsourcebuys.com
> Server: 192.168.1.66
> Address: 192.168.1.66#53
>
> Non-authoritative answer:
> *** Can't find ecpsourcebuys.com: No answer
>
> # dig mx ecpsourcebuys.com
>
> ; <<>> DiG 9.3.1 <<>> mx ecpsourcebuys.com
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10357
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 4
>
> ;; QUESTION SECTION:
> ;ecpsourcebuys.com. IN MX
>
> ;; ANSWER SECTION:
> ecpsourcebuys.com. 7062 IN MX 10 rss.ecpsourcebuys.com.
> ecpsourcebuys.com. 7062 IN MX 10 news.ecpsourcebuys.com.
> ecpsourcebuys.com. 7062 IN MX 10 groups.ecpsourcebuys.com.
> ecpsourcebuys.com. 7062 IN MX 10 orders.ecpsourcebuys.com.
>
>
> I don't know if it's 'valid' to have all the mx records have the same
> priority. Don't know if that's a problem or the problem.

That's poor man's load balancing.

0 new messages