Help: incoming mail problem and settings
Hi All,
I've been running OX Server and its Mail Service for many years and it has worked fine, except the occasional snafu with the mail queue getting stuck by some seemingly corrupt emails (deleting these using Server Admin seemed to fix things). I run multiple domains, have DNS setup (with correct reverse DNS). I am still on OS X Server 10.6.8 Snow Leopard.
Recently though I am having big problems with the Mail Service, particularly not accepting any incoming email (and this time it is not getting stuck in the queue). I am aware that server has graylisting enabled and that has been ok in the past. I've also had some trouble with virus filtering in the past and recently manually updated the data files (but this was after my problems started).
Looking at my logs and system I have noticed for the last incident last nightthat:
The last postfix/smtpd NOQUEUE reject occurs around 1:39am
No mail seems to be accepted (or rejected) after this time (although it could of course been a little while after this).
When I noticed no email this morning I checked the Mail Service in Server Admin and everything looked the same as usual.
I restarted the Mail Service - no change, still not receiving email.
I restarted the Server - no change, still not receiving email.
When I reboot my ADSL2+ modem/router (Fritz!box) I then saw that Mail Service configuration had somehow changed Settings > General > Host name: to "local". Setting this back to mydomain.com (where mydomain is a placeholder for my real domain), I started to receive incoming emails again. I explicitly checked this setting before restarting and it was NOT showing this value in Server Admin.
I don't believe this setting had changed when I restarted the Mail Service or rebooted the server.
I noticed the same thing last week when I experienced the same problem.
I've always had some difficulty with the "Domain name" and "Host name" settings in Mail Service > Settings > General. I am not sure why but I have generally had Domain name: local and Host name: mydomain.com My server reverse DNS is server.mydomain.com and my MX records are server.mydomain.com (or mail.mydomain.com, which I no could be problematic).
I have tried setting Host name to server.mydomain.com or mail.mydomain.com but emails then seem to have form username@mail.mydomain.com or username@server.mydomain.com which confuses people as to my email addesses. Things have seemed to work find with Host name set to mydomain.com in the past so I have used that.
My questions:
1. Any ideas what is causing the Host name to be reset to local on its own?
2. What should Domain name and Host name really be (and please explain why)?
I include here postfix entries in the console after the time of the last reject (indicating things were ok) before nothing else was processed:
10/03/13 1:39:16 AM | postfix/smtpd[38594] | NOQUEUE: reject: RCPT from mail-ee0-f62.google.com[74.125.83.62]: 450 4.7.1 <a.b@myotherdomain1.com.au>: Recipient address rejected: Service is unavailable; from=<lean-startup-circle+bncBDAYZKMN3UFBBOU45CEQKGQEKLK6NKA@googlegroups.com> to=<a.b@myotherdomain1.com.au> proto=ESMTP helo=<mail-ee0-f62.google.com> |
10/03/13 1:39:16 AM | postfix/smtpd[38594] | disconnect from mail-ee0-f62.google.com[74.125.83.62] |
10/03/13 1:40:05 AM | postfix/smtpd[38546] | disconnect from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:42:58 AM | postfix/smtpd[38661] | connect from mrhatken.mydomain .com[192.168.1.6] |
10/03/13 1:42:59 AM | postfix/smtpd[38665] | connect from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:42:59 AM | postfix/smtpd[38668] | connect from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:42:59 AM | postfix/smtpd[38665] | SSL_accept error from osr.mydomain.com[my.ip.4.address]: -1 |
10/03/13 1:42:59 AM | postfix/smtpd[38665] | warning: TLS library problem: 38665:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:/SourceCache/OpenSSL098/OpenSSL098-35.1/src/ssl/s23_srvr.c:578: |
10/03/13 1:42:59 AM | postfix/smtpd[38665] | lost connection after STARTTLS from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:42:59 AM | postfix/smtpd[38665] | disconnect from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:42:59 AM | postfix/smtpd[38670] | connect from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:42:59 AM | postfix/smtpd[38672] | connect from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:42:59 AM | postfix/smtpd[38674] | connect from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:42:59 AM | postfix/smtpd[38670] | disconnect from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:42:59 AM | postfix/smtpd[38674] | disconnect from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:42:59 AM | postfix/smtpd[38661] | disconnect from mrhatken.mydomain.com[192.168.1.6] |
10/03/13 1:42:59 AM | postfix/smtpd[38670] | connect from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:43:00 AM | postfix/smtpd[38670] | disconnect from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:43:00 AM | postfix/smtpd[38672] | disconnect from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:43:00 AM | postfix/smtpd[38674] | connect from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:43:00 AM | postfix/smtpd[38668] | error: CF: Credentials could not be verified username or password is invalid. |
10/03/13 1:43:00 AM | postfix/smtpd[38668] | warning: osr.mydomain.com[my.ip.4.address]: SASL PLAIN authentication failed |
10/03/13 1:43:00 AM | postfix/smtpd[38668] | disconnect from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:43:00 AM | postfix/smtpd[38674] | disconnect from osr.mydomain.com[my.ip.4.address] |
10/03/13 1:46:20 AM | postfix/anvil[38551] | statistics: max connection rate 6/60s for (submission:my.ip.4.address) at Mar 10 01:43:00 |
10/03/13 1:46:20 AM | postfix/anvil[38551] | statistics: max connection count 4 for (submission:my.ip.4.address) at Mar 10 01:42:59 |
10/03/13 1:46:20 AM | postfix/anvil[38551] | statistics: max cache size 2 at Mar 10 01:39:13 |
Finally, I was on a client machine (192.168.1.6) on this local network at this time (working late) and I did something on the client that may be related. Just a guess. I changed the client to use an external DNS name server rather than the internal name server running on the machine above. Of course, the external DNS has a different IP for the server machine (external not internal).
I wonder if this could have confused the modem/router?
Also, I note that in my server DNS Service the reverse entry for my external IP address comes up as osr.mydomain.com not server.mydomain.com However, when I use changeip -checkhostname it reports everything is ok and reverse dns matches server name as server.mydomain.com I have since removed the entry for osr.mydomain.com in my local DNS.
Having email bounce for our business (and personal domains) is a real problem and I need to get this fixed.
Thanks for any assistance.
Cheers,
Ashley.