0

I am presented a mail server setup, that is working well. There's only a small issue, which makes me think, there's something wrong in the DNS setup. It is a small setup with a Debian mail server (postfix/dovecot) behind a router. The router has port forwarding configured and is named "router.intern" (IP 10.0.0.1). So incoming mail gets delivered to the mail server and outgoing mails are also fine. Every time a mail gets delivered, there is a reverse DNS check for the delivering server IP to block spammers. But there's also a reverse DNS check on the router's name:

postfix/smtps/smtpd[8088]: warning: hostname router.intern does not resolve to address 123.123.123.123

(123.123.123.123 is a placeholder for its WAN IP.)

/etc/resolv.conf:

domain intern
nameserver 10.0.0.1

Why does the mail server try do resolve the router's DNS name over WAN? I'm at loss where to search as everything else is working fine.

awado
  • 133
  • 1
  • 8
  • Sounds like your router is doing either application level proxying or SNAT. You might want to check the configuration settings for its port forwarding. – roaima Jun 10 '15 at 16:47
  • No, checked that. None of both is set. – awado Jun 10 '15 at 17:18
  • Is there any relevance to the address you've written as 123.123.123.123? Is this a literal part of the error or a placeholder you've invented for this question? If it's a placeholder please identify what it corresponds to. – roaima Jun 10 '15 at 17:42
  • Sorry, it's a placeholder. I just edited my post to reflect that. – awado Jun 10 '15 at 17:57
  • Try giving a look here: http://www.postfix.org/BASIC_CONFIGURATION_README.html with particolar reference to paragraph "Proxy/NAT external network addresses" – Damiano Verzulli Jun 10 '15 at 19:09
  • Seemed promising, but did not help. Messages still appear. – awado Jun 10 '15 at 19:31
  • Postfix wouldn't even see the IP address of the router under normal circumstances, so try [this solution from Serverfault](http://serverfault.com/a/639078/267016) to set `smtp_host_lookup = native` – roaima Jun 10 '15 at 23:48
  • Unfortunately no success. Still get the warning. Is there any kind of DNS caching? (I do NOT run any DNS service on Debian.) – awado Jun 11 '15 at 07:56
  • Ah. Is the WAN address on your router or on your server? I've been assuming it's on the router and that your server is on a NAT network behind it. Is this the case? – roaima Jun 11 '15 at 18:28
  • Yes, it is. And it is the WAN address of the router. – awado Jun 11 '15 at 20:06

0 Answers0