4 Replies Latest reply: Mar 24, 2013 9:11 AM by Ashley Aitken
Ashley Aitken Level 1 (35 points)

Hi All,


I've been running OX Server and its Mail Service for many years and it has worked fine, except the occasional snafu with the mail queue getting stuck by some seemingly corrupt emails (deleting these using Server Admin seemed to fix things).  I run multiple domains, have DNS setup (with correct reverse DNS). I am still on OS X Server 10.6.8 Snow Leopard.


Recently though I am having big problems with the Mail Service, particularly not accepting any incoming email (and this time it is not getting stuck in the queue). I am aware that server has graylisting enabled and that has been ok in the past.  I've also had some trouble with virus filtering in the past and recently manually updated the data files (but this was after my problems started).


Looking at my logs and system I have noticed for the last incident last nightthat:


The last postfix/smtpd NOQUEUE reject occurs around 1:39am


No mail seems to be accepted (or rejected) after this time (although it could of course been a little while after this).


When I noticed no email this morning I checked the Mail Service in Server Admin and everything looked the same as usual.


I restarted the Mail Service - no change, still not receiving email.


I restarted the Server - no change, still not receiving email.


When I reboot my ADSL2+ modem/router (Fritz!box) I then saw that Mail Service configuration had somehow changed Settings > General > Host name: to "local".  Setting this back to mydomain.com (where mydomain is a placeholder for my real domain), I started to receive incoming emails again.  I explicitly checked this setting before restarting and it was NOT showing this value in Server Admin.


I don't believe this setting had changed when I restarted the Mail Service or rebooted the server.


I noticed the same thing last week when I experienced the same problem.


I've always had some difficulty with  the "Domain name" and "Host name" settings in Mail Service > Settings > General.  I am not sure why but I have generally had Domain name: local and Host name: mydomain.com  My server reverse DNS is server.mydomain.com and my MX records are server.mydomain.com (or mail.mydomain.com, which I no could be problematic).


I have tried setting Host name to server.mydomain.com or mail.mydomain.com but emails then seem to have form username@mail.mydomain.com or username@server.mydomain.com which confuses people as to my email addesses.  Things have seemed to work find with Host name set to mydomain.com in the past so I have used that.


My questions:


1. Any ideas what is causing the Host name to be reset to local on its own?


2. What should Domain name and Host name really be (and please explain why)?



I include here postfix entries in the console after the time of the last reject (indicating things were ok) before nothing else was processed:



10/03/13 1:39:16 AMpostfix/smtpd[38594]NOQUEUE: reject: RCPT from mail-ee0-f62.google.com[]: 450 4.7.1 <a.b@myotherdomain1.com.au>: Recipient address rejected: Service is unavailable; from=<lean-startup-circle+bncBDAYZKMN3UFBBOU45CEQKGQEKLK6NKA@googlegroups.com> to=<a.b@myotherdomain1.com.au> proto=ESMTP helo=<mail-ee0-f62.google.com>
10/03/13 1:39:16 AMpostfix/smtpd[38594]disconnect from mail-ee0-f62.google.com[]
10/03/13 1:40:05 AMpostfix/smtpd[38546]disconnect from osr.mydomain.com[my.ip.4.address]
10/03/13 1:42:58 AMpostfix/smtpd[38661]connect from mrhatken.mydomain  .com[]
10/03/13 1:42:59 AMpostfix/smtpd[38665]connect from osr.mydomain.com[my.ip.4.address]
10/03/13 1:42:59 AMpostfix/smtpd[38668]connect from osr.mydomain.com[my.ip.4.address]
10/03/13 1:42:59 AMpostfix/smtpd[38665]SSL_accept error from osr.mydomain.com[my.ip.4.address]: -1
10/03/13 1:42:59 AMpostfix/smtpd[38665]warning: TLS library problem: 38665:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:/SourceCache/OpenSSL098/OpenSSL098-35.1/src/ssl/s23_srvr.c:578:
10/03/13 1:42:59 AMpostfix/smtpd[38665]lost connection after STARTTLS from osr.mydomain.com[my.ip.4.address]
10/03/13 1:42:59 AMpostfix/smtpd[38665]disconnect from osr.mydomain.com[my.ip.4.address]
10/03/13 1:42:59 AMpostfix/smtpd[38670]connect from osr.mydomain.com[my.ip.4.address]
10/03/13 1:42:59 AMpostfix/smtpd[38672]connect from osr.mydomain.com[my.ip.4.address]
10/03/13 1:42:59 AMpostfix/smtpd[38674]connect from osr.mydomain.com[my.ip.4.address]
10/03/13 1:42:59 AMpostfix/smtpd[38670]disconnect from osr.mydomain.com[my.ip.4.address]
10/03/13 1:42:59 AMpostfix/smtpd[38674]disconnect from osr.mydomain.com[my.ip.4.address]
10/03/13 1:42:59 AMpostfix/smtpd[38661]disconnect from mrhatken.mydomain.com[]
10/03/13 1:42:59 AMpostfix/smtpd[38670]connect from osr.mydomain.com[my.ip.4.address]
10/03/13 1:43:00 AMpostfix/smtpd[38670]disconnect from osr.mydomain.com[my.ip.4.address]
10/03/13 1:43:00 AMpostfix/smtpd[38672]disconnect from osr.mydomain.com[my.ip.4.address]
10/03/13 1:43:00 AMpostfix/smtpd[38674]connect from osr.mydomain.com[my.ip.4.address]
10/03/13 1:43:00 AMpostfix/smtpd[38668]error: CF: Credentials could not be verified username or password is invalid.
10/03/13 1:43:00 AMpostfix/smtpd[38668]warning: osr.mydomain.com[my.ip.4.address]: SASL PLAIN authentication failed
10/03/13 1:43:00 AMpostfix/smtpd[38668]disconnect from osr.mydomain.com[my.ip.4.address]
10/03/13 1:43:00 AMpostfix/smtpd[38674]disconnect from osr.mydomain.com[my.ip.4.address]
10/03/13 1:46:20 AMpostfix/anvil[38551]statistics: max connection rate 6/60s for (submission:my.ip.4.address) at Mar 10 01:43:00
10/03/13 1:46:20 AMpostfix/anvil[38551]statistics: max connection count 4 for (submission:my.ip.4.address) at Mar 10 01:42:59
10/03/13 1:46:20 AMpostfix/anvil[38551]statistics: max cache size 2 at Mar 10 01:39:13


Finally, I was on a client machine ( on this local network at this time (working late) and I did something on the client that may be related.  Just a guess.  I changed the client to use an external DNS name server rather than the internal name server running on the machine above. Of course, the external DNS has a different IP for the server machine (external not internal). 


I wonder if this could have confused the modem/router?


Also, I note that in my server DNS Service the reverse entry for my external IP address comes up as osr.mydomain.com not server.mydomain.com  However, when I use changeip -checkhostname it reports everything is ok and reverse dns matches server name as server.mydomain.com  I have since removed the entry for osr.mydomain.com in my local DNS.


Having email bounce for our business (and personal domains) is a real problem and I need to get this fixed.


Thanks for any assistance.




  • MrHoffman Level 6 (13,995 points)

    osr.mydomain.com not server.mydomain.com?  That implies your DNS is incorrect. 


    Confirm that your mail server has an A (machine) record.   Based on that DNS response, it would appear that your mail server does not have that.  The mail server A record also needs to match the MX record for the domain.


    changeip -checkhostname looks at the DNS server it's configured to use, which will likely be itself and the local DNS services.  That tool doesn't know from the split-horizon DNS services that you're running here.


    After you make a change, you'll need to flush the client DNS cache or you can pick up stale entries until the time-to-live value causes the entry to be dropped from cache.  dscacheutil -flushcache or sudo killall -HUP mDNSResponder will clear that cache.


    You've quite effectively obfuscated the domain — entirely your call, of couse — which means I can't confirm the status of your public DNS.


    Here's the write-up on getting DNS configured and working.


    Entirely FWIW, if you should get around to using VPNs, tends not to be the best choice as a netblock.  That netblock tends to be used everywhere, and VPN IP routing typically needs a unique netblock on both ends of the connection.

  • JLombard Level 1 (0 points)

    Hi Ashley,


    I have had the same problem where the Mail server changes the Domain name to xxx.local at random times. It's driving me up the walls!


    The problem started occuring after I installed vmware fusion on the server but I have no idea if it's even possible for the two to be related. Do you also have vmware fusion installed?


    Please let me know if you have managed to get to the cause of the mysterious self changing domain name.





    P.S. My DNS is perfectly set up and hasn't changed in the last 3 years so I can't see how it could cause this problem.

  • MrHoffman Level 6 (13,995 points)

    My DNS is perfectly set up and hasn't changed in the last 3 years so I can't see how it could cause this problem.


    When debugging, it's usually beneficial to confirm the operation succeeds (or fails) as is expected, rather than to assume that.  Doveryai, no proveryai.  "Trust, but verify"


    Virtual Machines can and usually do include virtual network controllers and often virtual switches, and problems with any of which can trigger communications problems, and can trigger DNS-level errors.  Problems within this realm should show up with the usual sorts of network connectivity testing; with tools such as traceroute, dig, dscacheutil, ping, scutil, etc.


    With OS X Server, every case of mail changing its domain name that I've been called in on has involved a DNS-level problem of some sort.  The DNS queries were not returning the "right" answer for whatever reason, and off the rails we went...

  • Ashley Aitken Level 1 (35 points)

    Hi Jacque,


    It seems likely (as MrHoffman) suggests that it is a DNS problem but I am definitely no expert in this area.


    Unfortunately, I am too busy (and emails are too critical at this time) to explore causes. 


    One guess I have is that my internal network uses the OS X DNS server, but one machine had been setup to use external DNS. This may have caused some problems with different external and internal IP addresses for some hosts (e.g. mail server) via the modem/router.  Perhaps VMware Fusion on the Server could cause similar problems?  I am sorry but I can't really do anything better than guess at the moment.


    Please someone explain / fill me (us) in if you know what is happening exactly.