Discussion:
postfix: Name service error
(too old to reply)
Otto Rodusek
2009-11-26 08:13:03 UTC
Permalink
Hi,

I've recently set up a new OpenSuse11.1 server. I need a simple smtp
request - mail out system errors to the sysadmin as/when necessary. I've
configured postfix but no matter what I try I keep getting the following
errors: (I've tried other email address - not just hotmail.com - with
the same error result!!)

Nov 26 15:49:42 bunyip postfix/error[2285]: 059CBC658B:
to=<***@hotmail.com>, relay=none, delay=71849,
delays=71820/28/0/0.1, dsn=4.4.3, status=deferred (delivery temporarily
suspended: Host or domain name not found. Name service error for
name=hotmail.com type=MX: Host not found, try again)

My server is ip address 192.168.19.1 , using an AZTECH ADSL2+
DSL600E(C) adsl/router (ip address 192.168.19.254).

My resolv.conf is:

search local.com
nameserver 202.156.1.58
nameserver 218.186.1.38
nameserver 202.156.1.38

I have no problem whatsoever doing ping or even internet access to the
outside world - just can't seem to send email from the server. The
server is only being used for samba shares and is not an smtp gateway to
the users - ONLY the server needs to send out mail. From the message it
looks to be a DNS issue with postfix only as I have no problems
accessing the outside world otherwise. I've set up similar previously
without a hitch - just in this instance it doesn't work - can't seem to
figure out what I did wrong!!!!

Any help/insights would be most appreciated!!! Thanks.

If it helps my postconf is:

2bounce_notice_recipient = postmaster
access_map_reject_code = 554
address_verify_default_transport = $default_transport
address_verify_local_transport = $local_transport
address_verify_map =
address_verify_negative_cache = yes
address_verify_negative_expire_time = 3d
address_verify_negative_refresh_time = 3h
address_verify_poll_count = 3
address_verify_poll_delay = 3s
address_verify_positive_expire_time = 31d
address_verify_positive_refresh_time = 7d
address_verify_relay_transport = $relay_transport
address_verify_relayhost = $relayhost
address_verify_sender = $double_bounce_sender
address_verify_sender_dependent_relayhost_maps =
$sender_dependent_relayhost_maps
address_verify_service_name = verify
address_verify_transport_maps = $transport_maps
address_verify_virtual_transport = $virtual_transport
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_mail_to_commands = alias, forward
allow_mail_to_files = alias, forward
allow_min_user = no
allow_percent_hack = yes
allow_untrusted_routing = no
alternate_config_directories =
always_bcc =
anvil_rate_time_unit = 60s
anvil_status_update_time = 600s
append_at_myorigin = yes
append_dot_mydomain = yes
application_event_drain_time = 100s
authorized_flush_users = static:anyone
authorized_mailq_users = static:anyone
authorized_submit_users = static:anyone
backwards_bounce_logfile_compatibility = yes
berkeley_db_create_buffer_size = 16777216
berkeley_db_read_buffer_size = 131072
best_mx_transport =
biff = no
body_checks =
body_checks_size_limit = 51200
bounce_notice_recipient = postmaster
bounce_queue_lifetime = 5d
bounce_service_name = bounce
bounce_size_limit = 50000
bounce_template_file =
broken_sasl_auth_clients = no
canonical_classes = envelope_sender, envelope_recipient, header_sender,
header_recipient
canonical_maps = hash:/etc/postfix/canonical
cleanup_service_name = cleanup
command_directory = /usr/sbin
command_execution_directory =
command_expansion_filter =
1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
command_time_limit = 1000s
config_directory = /etc/postfix
connection_cache_protocol_timeout = 5s
connection_cache_service_name = scache
connection_cache_status_update_time = 600s
connection_cache_ttl_limit = 2s
content_filter =
cyrus_sasl_config_path =
daemon_directory = /usr/lib/postfix
daemon_timeout = 18000s
data_directory = /var/lib/postfix
debug_peer_level = 5
debug_peer_list =
default_database_type = hash
default_delivery_slot_cost = 5
default_delivery_slot_discount = 50
default_delivery_slot_loan = 3
default_destination_concurrency_failed_cohort_limit = 1
default_destination_concurrency_limit = 20
default_destination_concurrency_negative_feedback = 1
default_destination_concurrency_positive_feedback = 1
default_destination_rate_delay = 0s
default_destination_recipient_limit = 50
default_extra_recipient_limit = 1000
default_minimum_delivery_slots = 3
default_privs = nobody
default_process_limit = 100
default_rbl_reply = $rbl_code Service unavailable; $rbl_class
[$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason}
default_recipient_limit = 20000
default_recipient_refill_delay = 5s
default_recipient_refill_limit = 100
default_transport = smtp
default_verp_delimiters = +=
defer_code = 450
defer_service_name = defer
defer_transports =
delay_logging_resolution_limit = 2
delay_notice_recipient = postmaster
delay_warning_time = 1h
deliver_lock_attempts = 20
deliver_lock_delay = 1s
destination_concurrency_feedback_debug = no
detect_8bit_encoding_header = yes
disable_dns_lookups = no
disable_mime_input_processing = no
disable_mime_output_conversion = no
disable_verp_bounces = no
disable_vrfy_command = no
dont_remove = 0
double_bounce_sender = double-bounce
duplicate_filter_limit = 1000
empty_address_recipient = MAILER-DAEMON
empty_address_relayhost_maps_lookup_key = <>
enable_original_recipient = yes
error_notice_recipient = postmaster
error_service_name = error
execution_directory_expansion_filter =
1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
expand_owner_alias = no
export_environment = TZ MAIL_CONFIG LANG
fallback_transport =
fallback_transport_maps =
fast_flush_domains = $relay_domains
fast_flush_purge_time = 7d
fast_flush_refresh_time = 12h
fault_injection_code = 0
flush_service_name = flush
fork_attempts = 5
fork_delay = 1s
forward_expansion_filter =
1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
forward_path = $home/.forward${recipient_delimiter}${extension},
$home/.forward
frozen_delivered_to = yes
hash_queue_depth = 1
hash_queue_names = deferred, defer
header_address_token_limit = 10240
header_checks =
header_size_limit = 102400
helpful_warnings = yes
home_mailbox =
hopcount_limit = 50
html_directory = /usr/share/doc/packages/postfix-doc/html
ignore_mx_lookup_error = no
import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY
DISPLAY LANG=C
in_flow_delay = 1s
inet_interfaces = localhost
inet_protocols = all
initial_destination_concurrency = 5
internal_mail_filter_classes =
invalid_hostname_reject_code = 501
ipc_idle = 5s
ipc_timeout = 3600s
ipc_ttl = 1000s
line_length_limit = 2048
lmtp_bind_address =
lmtp_bind_address6 =
lmtp_body_checks =
lmtp_cname_overrides_servername = no
lmtp_connect_timeout = 0s
lmtp_connection_cache_destinations =
lmtp_connection_cache_on_demand = yes
lmtp_connection_cache_time_limit = 2s
lmtp_connection_reuse_time_limit = 300s
lmtp_data_done_timeout = 600s
lmtp_data_init_timeout = 120s
lmtp_data_xfer_timeout = 180s
lmtp_defer_if_no_mx_address_found = no
lmtp_destination_concurrency_failed_cohort_limit =
$default_destination_concurrency_failed_cohort_limit
lmtp_destination_concurrency_limit = $default_destination_concurrency_limit
lmtp_destination_concurrency_negative_feedback =
$default_destination_concurrency_negative_feedback
lmtp_destination_concurrency_positive_feedback =
$default_destination_concurrency_positive_feedback
lmtp_destination_rate_delay = $default_destination_rate_delay
lmtp_destination_recipient_limit = $default_destination_recipient_limit
lmtp_discard_lhlo_keyword_address_maps =
lmtp_discard_lhlo_keywords =
lmtp_enforce_tls = no
lmtp_generic_maps =
lmtp_header_checks =
lmtp_host_lookup = dns
lmtp_initial_destination_concurrency = $initial_destination_concurrency
lmtp_lhlo_name = $myhostname
lmtp_lhlo_timeout = 300s
lmtp_line_length_limit = 990
lmtp_mail_timeout = 300s
lmtp_mime_header_checks =
lmtp_mx_address_limit = 5
lmtp_mx_session_limit = 2
lmtp_nested_header_checks =
lmtp_pix_workaround_delay_time = 10s
lmtp_pix_workaround_maps =
lmtp_pix_workaround_threshold_time = 500s
lmtp_pix_workarounds = disable_esmtp,delay_dotcrlf
lmtp_quit_timeout = 300s
lmtp_quote_rfc821_envelope = yes
lmtp_randomize_addresses = yes
lmtp_rcpt_timeout = 300s
lmtp_rset_timeout = 20s
lmtp_sasl_auth_cache_name =
lmtp_sasl_auth_cache_time = 90d
lmtp_sasl_auth_enable = no
lmtp_sasl_auth_soft_bounce = yes
lmtp_sasl_mechanism_filter =
lmtp_sasl_password_maps =
lmtp_sasl_path =
lmtp_sasl_security_options = noplaintext, noanonymous
lmtp_sasl_tls_security_options = $lmtp_sasl_security_options
lmtp_sasl_tls_verified_security_options = $lmtp_sasl_tls_security_options
lmtp_sasl_type = cyrus
lmtp_send_xforward_command = no
lmtp_sender_dependent_authentication = no
lmtp_skip_5xx_greeting = yes
lmtp_starttls_timeout = 300s
lmtp_tcp_port = 24
lmtp_tls_CAfile =
lmtp_tls_CApath =
lmtp_tls_cert_file =
lmtp_tls_dcert_file =
lmtp_tls_dkey_file = $lmtp_tls_dcert_file
lmtp_tls_enforce_peername = yes
lmtp_tls_exclude_ciphers =
lmtp_tls_fingerprint_cert_match =
lmtp_tls_fingerprint_digest = md5
lmtp_tls_key_file = $lmtp_tls_cert_file
lmtp_tls_loglevel = 0
lmtp_tls_mandatory_ciphers = medium
lmtp_tls_mandatory_exclude_ciphers =
lmtp_tls_mandatory_protocols = SSLv3, TLSv1
lmtp_tls_note_starttls_offer = no
lmtp_tls_per_site =
lmtp_tls_policy_maps =
lmtp_tls_scert_verifydepth = 9
lmtp_tls_secure_cert_match = nexthop
lmtp_tls_security_level =
lmtp_tls_session_cache_database =
lmtp_tls_session_cache_timeout = 3600s
lmtp_tls_verify_cert_match = hostname
lmtp_use_tls = no
lmtp_xforward_timeout = 300s
local_command_shell =
local_destination_concurrency_failed_cohort_limit =
$default_destination_concurrency_failed_cohort_limit
local_destination_concurrency_limit = 2
local_destination_concurrency_negative_feedback =
$default_destination_concurrency_negative_feedback
local_destination_concurrency_positive_feedback =
$default_destination_concurrency_positive_feedback
local_destination_rate_delay = $default_destination_rate_delay
local_destination_recipient_limit = 1
local_header_rewrite_clients = permit_inet_interfaces
local_initial_destination_concurrency = $initial_destination_concurrency
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
local_transport = local:$myhostname
luser_relay =
mail_name = Postfix
mail_owner = postfix
mail_release_date = 20080902
mail_spool_directory = /var/mail
mail_version = 2.5.5
mailbox_command =
mailbox_command_maps =
mailbox_delivery_lock = fcntl, dotlock
mailbox_size_limit = 0
mailbox_transport =
mailbox_transport_maps =
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
maps_rbl_domains =
maps_rbl_reject_code = 554
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains =
masquerade_exceptions = root
max_idle = 100s
max_use = 100
maximal_backoff_time = 4000s
maximal_queue_lifetime = 5d
message_reject_characters =
message_size_limit = 10240000
message_strip_characters = \0
milter_command_timeout = 30s
milter_connect_macros = j {daemon_name} v
milter_connect_timeout = 30s
milter_content_timeout = 300s
milter_data_macros = i
milter_default_action = tempfail
milter_end_of_data_macros = i
milter_end_of_header_macros = i
milter_helo_macros = {tls_version} {cipher} {cipher_bits} {cert_subject}
{cert_issuer}
milter_macro_daemon_name = $myhostname
milter_macro_v = $mail_name $mail_version
milter_mail_macros = i {auth_type} {auth_authen} {auth_author} {mail_addr}
milter_protocol = 2
milter_rcpt_macros = i {rcpt_addr}
milter_unknown_command_macros =
mime_boundary_length_limit = 2048
mime_header_checks = $header_checks
mime_nesting_limit = 100
minimal_backoff_time = 300s
multi_recipient_bounce_reject_code = 550
mydestination = $myhostname, localhost.$mydomain
mydomain = local.com
myhostname = bunyip.local.com
mynetworks = 127.0.0.0/8
mynetworks_style = subnet
myorigin = $myhostname
nested_header_checks = $header_checks
newaliases_path = /usr/bin/newaliases
non_fqdn_reject_code = 504
non_smtpd_milters =
notify_classes = resource, software
owner_request_special = yes
parent_domain_matches_subdomains =
debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps
permit_mx_backup_networks =
pickup_service_name = pickup
plaintext_reject_code = 450
prepend_delivered_header = command, file, forward
process_id_directory = pid
propagate_unmatched_extensions = canonical, virtual
proxy_interfaces =
proxy_read_maps = $local_recipient_maps $mydestination
$virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps
$virtual_mailbox_domains $relay_recipient_maps $relay_domains
$canonical_maps $sender_canonical_maps $recipient_canonical_maps
$relocated_maps $transport_maps $mynetworks $sender_bcc_maps
$recipient_bcc_maps $smtp_generic_maps $lmtp_generic_maps
proxy_write_maps = $smtp_sasl_auth_cache_name $lmtp_sasl_auth_cache_name
qmgr_clog_warn_time = 300s
qmgr_fudge_factor = 100
qmgr_message_active_limit = 20000
qmgr_message_recipient_limit = 20000
qmgr_message_recipient_minimum = 10
qmqpd_authorized_clients =
qmqpd_client_port_logging = no
qmqpd_error_delay = 1s
qmqpd_timeout = 300s
queue_directory = /var/spool/postfix
queue_file_attribute_count_limit = 100
queue_minfree = 0
queue_run_delay = 300s
queue_service_name = qmgr
rbl_reply_maps =
readme_directory = /usr/share/doc/packages/postfix-doc/README_FILES
receive_override_options =
recipient_bcc_maps =
recipient_canonical_classes = envelope_recipient, header_recipient
recipient_canonical_maps =
recipient_delimiter =
reject_code = 554
relay_clientcerts =
relay_destination_concurrency_failed_cohort_limit =
$default_destination_concurrency_failed_cohort_limit
relay_destination_concurrency_limit = $default_destination_concurrency_limit
relay_destination_concurrency_negative_feedback =
$default_destination_concurrency_negative_feedback
relay_destination_concurrency_positive_feedback =
$default_destination_concurrency_positive_feedback
relay_destination_rate_delay = $default_destination_rate_delay
relay_destination_recipient_limit = $default_destination_recipient_limit
relay_domains = $mydestination
relay_domains_reject_code = 554
relay_initial_destination_concurrency = $initial_destination_concurrency
relay_recipient_maps =
relay_transport = relay
relayhost =
relocated_maps = hash:/etc/postfix/relocated
remote_header_rewrite_domain =
require_home_directory = no
resolve_dequoted_address = yes
resolve_null_domain = no
resolve_numeric_domain = no
rewrite_service_name = rewrite
sample_directory = /usr/share/doc/packages/postfix-doc/samples
send_cyrus_sasl_authzid = no
sender_bcc_maps =
sender_canonical_classes = envelope_sender, header_sender
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sender_dependent_relayhost_maps =
sendmail_path = /usr/sbin/sendmail
service_throttle_time = 60s
setgid_group = maildrop
show_user_unknown_table_name = yes
showq_service_name = showq
smtp_always_send_ehlo = yes
smtp_bind_address =
smtp_bind_address6 =
smtp_body_checks =
smtp_cname_overrides_servername = no
smtp_connect_timeout = 30s
smtp_connection_cache_destinations =
smtp_connection_cache_on_demand = yes
smtp_connection_cache_time_limit = 2s
smtp_connection_reuse_time_limit = 300s
smtp_data_done_timeout = 600s
smtp_data_init_timeout = 120s
smtp_data_xfer_timeout = 180s
smtp_defer_if_no_mx_address_found = no
smtp_destination_concurrency_failed_cohort_limit =
$default_destination_concurrency_failed_cohort_limit
smtp_destination_concurrency_limit = $default_destination_concurrency_limit
smtp_destination_concurrency_negative_feedback =
$default_destination_concurrency_negative_feedback
smtp_destination_concurrency_positive_feedback =
$default_destination_concurrency_positive_feedback
smtp_destination_rate_delay = $default_destination_rate_delay
smtp_destination_recipient_limit = $default_destination_recipient_limit
smtp_discard_ehlo_keyword_address_maps =
smtp_discard_ehlo_keywords =
smtp_enforce_tls = no
smtp_fallback_relay = $fallback_relay
smtp_generic_maps =
smtp_header_checks =
smtp_helo_name = $myhostname
smtp_helo_timeout = 300s
smtp_host_lookup = dns
smtp_initial_destination_concurrency = $initial_destination_concurrency
smtp_line_length_limit = 990
smtp_mail_timeout = 300s
smtp_mime_header_checks =
smtp_mx_address_limit = 5
smtp_mx_session_limit = 2
smtp_nested_header_checks =
smtp_never_send_ehlo = no
smtp_pix_workaround_delay_time = 10s
smtp_pix_workaround_maps =
smtp_pix_workaround_threshold_time = 500s
smtp_pix_workarounds = disable_esmtp,delay_dotcrlf
smtp_quit_timeout = 300s
smtp_quote_rfc821_envelope = yes
smtp_randomize_addresses = yes
smtp_rcpt_timeout = 300s
smtp_rset_timeout = 20s
smtp_sasl_auth_cache_name =
smtp_sasl_auth_cache_time = 90d
smtp_sasl_auth_enable = no
smtp_sasl_auth_soft_bounce = yes
smtp_sasl_mechanism_filter =
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_path =
smtp_sasl_security_options =
smtp_sasl_tls_security_options = $smtp_sasl_security_options
smtp_sasl_tls_verified_security_options = $smtp_sasl_tls_security_options
smtp_sasl_type = cyrus
smtp_send_xforward_command = no
smtp_sender_dependent_authentication = no
smtp_skip_5xx_greeting = yes
smtp_skip_quit_response = yes
smtp_starttls_timeout = 300s
smtp_tls_CAfile =
smtp_tls_CApath =
smtp_tls_cert_file =
smtp_tls_dcert_file =
smtp_tls_dkey_file = $smtp_tls_dcert_file
smtp_tls_enforce_peername = yes
smtp_tls_exclude_ciphers =
smtp_tls_fingerprint_cert_match =
smtp_tls_fingerprint_digest = md5
smtp_tls_key_file = $smtp_tls_cert_file
smtp_tls_loglevel = 0
smtp_tls_mandatory_ciphers = medium
smtp_tls_mandatory_exclude_ciphers =
smtp_tls_mandatory_protocols = SSLv3, TLSv1
smtp_tls_note_starttls_offer = no
smtp_tls_per_site =
smtp_tls_policy_maps =
smtp_tls_scert_verifydepth = 9
smtp_tls_secure_cert_match = nexthop, dot-nexthop
smtp_tls_security_level =
smtp_tls_session_cache_database =
smtp_tls_session_cache_timeout = 3600s
smtp_tls_verify_cert_match = hostname
smtp_use_tls = no
smtp_xforward_timeout = 300s
smtpd_authorized_verp_clients = $authorized_verp_clients
smtpd_authorized_xclient_hosts =
smtpd_authorized_xforward_hosts =
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_connection_count_limit = 50
smtpd_client_connection_rate_limit = 0
smtpd_client_event_limit_exceptions =
${smtpd_client_connection_limit_exceptions:$mynetworks}
smtpd_client_message_rate_limit = 0
smtpd_client_new_tls_session_rate_limit = 0
smtpd_client_port_logging = no
smtpd_client_recipient_rate_limit = 0
smtpd_client_restrictions =
smtpd_data_restrictions =
smtpd_delay_open_until_valid_rcpt = yes
smtpd_delay_reject = yes
smtpd_discard_ehlo_keyword_address_maps =
smtpd_discard_ehlo_keywords =
smtpd_end_of_data_restrictions =
smtpd_enforce_tls = no
smtpd_error_sleep_time = 1s
smtpd_etrn_restrictions =
smtpd_expansion_filter =
\t\40!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~
smtpd_forbidden_commands = CONNECT GET POST
smtpd_hard_error_limit = 20
smtpd_helo_required = no
smtpd_helo_restrictions =
smtpd_history_flush_threshold = 100
smtpd_junk_command_limit = 100
smtpd_milters =
smtpd_noop_commands =
smtpd_null_access_lookup_key = <>
smtpd_peername_lookup = yes
smtpd_policy_service_max_idle = 300s
smtpd_policy_service_max_ttl = 1000s
smtpd_policy_service_timeout = 100s
smtpd_proxy_ehlo = $myhostname
smtpd_proxy_filter =
smtpd_proxy_timeout = 100s
smtpd_recipient_limit = 1000
smtpd_recipient_overshoot_limit = 1000
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = no
smtpd_restriction_classes =
smtpd_sasl_auth_enable = no
smtpd_sasl_authenticated_header = no
smtpd_sasl_exceptions_networks =
smtpd_sasl_local_domain =
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sasl_type = cyrus
smtpd_sender_login_maps =
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_soft_error_limit = 10
smtpd_starttls_timeout = 300s
smtpd_timeout = 300s
smtpd_tls_CAfile =
smtpd_tls_CApath =
smtpd_tls_always_issue_session_ids = yes
smtpd_tls_ask_ccert = no
smtpd_tls_auth_only = no
smtpd_tls_ccert_verifydepth = 9
smtpd_tls_cert_file =
smtpd_tls_dcert_file =
smtpd_tls_dh1024_param_file =
smtpd_tls_dh512_param_file =
smtpd_tls_dkey_file = $smtpd_tls_dcert_file
smtpd_tls_exclude_ciphers =
smtpd_tls_fingerprint_digest = md5
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_loglevel = 0
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_exclude_ciphers =
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_received_header = no
smtpd_tls_req_ccert = no
smtpd_tls_security_level =
smtpd_tls_session_cache_database =
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_wrappermode = no
smtpd_use_tls = no
soft_bounce = no
stale_lock_time = 500s
stress =
strict_7bit_headers = no
strict_8bitmime = no
strict_8bitmime_body = no
strict_mailbox_ownership = yes
strict_mime_encoding_domain = no
strict_rfc821_envelopes = no
sun_mailtool_compatibility = no
swap_bangpath = yes
syslog_facility = mail
syslog_name = postfix
tls_daemon_random_bytes = 32
tls_export_cipherlist = ALL:+RC4:@STRENGTH
tls_high_cipherlist = ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH
tls_low_cipherlist = ALL:!EXPORT:+RC4:@STRENGTH
tls_medium_cipherlist = ALL:!EXPORT:!LOW:+RC4:@STRENGTH
tls_null_cipherlist = eNULL:!aNULL
tls_random_bytes = 32
tls_random_exchange_name = ${data_directory}/prng_exch
tls_random_prng_update_period = 3600s
tls_random_reseed_period = 3600s
tls_random_source = dev:/dev/urandom
trace_service_name = trace
transport_maps = hash:/etc/postfix/transport
transport_retry_time = 60s
trigger_timeout = 10s
undisclosed_recipients_header = To: undisclosed-recipients:;
unknown_address_reject_code = 450
unknown_client_reject_code = 450
unknown_hostname_reject_code = 450
unknown_local_recipient_reject_code = 550
unknown_relay_recipient_reject_code = 550
unknown_virtual_alias_reject_code = 550
unknown_virtual_mailbox_reject_code = 550
unverified_recipient_reject_code = 450
unverified_sender_reject_code = 450
verp_delimiter_filter = -=+
virtual_alias_domains = hash:/etc/postfix/virtual
virtual_alias_expansion_limit = 1000
virtual_alias_maps = hash:/etc/postfix/virtual
virtual_alias_recursion_limit = 1000
virtual_destination_concurrency_failed_cohort_limit =
$default_destination_concurrency_failed_cohort_limit
virtual_destination_concurrency_limit =
$default_destination_concurrency_limit
virtual_destination_concurrency_negative_feedback =
$default_destination_concurrency_negative_feedback
virtual_destination_concurrency_positive_feedback =
$default_destination_concurrency_positive_feedback
virtual_destination_rate_delay = $default_destination_rate_delay
virtual_destination_recipient_limit = $default_destination_recipient_limit
virtual_gid_maps =
virtual_initial_destination_concurrency = $initial_destination_concurrency
virtual_mailbox_base =
virtual_mailbox_domains = $virtual_mailbox_maps
virtual_mailbox_limit = 51200000
virtual_mailbox_lock = fcntl, dotlock
virtual_mailbox_maps =
virtual_minimum_uid = 100
virtual_transport = virtual
virtual_uid_maps =
bunyip:/var/log #
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Joachim Schrod
2009-11-26 09:38:41 UTC
Permalink
Post by Otto Rodusek
I've recently set up a new OpenSuse11.1 server. I need a simple smtp
request - mail out system errors to the sysadmin as/when necessary. I've
configured postfix but no matter what I try I keep getting the following
errors: (I've tried other email address - not just hotmail.com - with
the same error result!!)
delays=71820/28/0/0.1, dsn=4.4.3, status=deferred (delivery temporarily
suspended: Host or domain name not found. Name service error for
name=hotmail.com type=MX: Host not found, try again)
search local.com
nameserver 202.156.1.58
nameserver 218.186.1.38
nameserver 202.156.1.38
What is the output of "host -t mx hotmail.com"?
In nsswitch.conf, is "dns" listed on the hosts line?

Joachim
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Joachim Schrod Email: ***@acm.org
Roedermark, Germany
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Lars Müller
2009-11-26 10:17:00 UTC
Permalink
Post by Joachim Schrod
Post by Otto Rodusek
I've recently set up a new OpenSuse11.1 server. I need a simple smtp
request - mail out system errors to the sysadmin as/when necessary. I've
configured postfix but no matter what I try I keep getting the following
errors: (I've tried other email address - not just hotmail.com - with
the same error result!!)
delays=71820/28/0/0.1, dsn=4.4.3, status=deferred (delivery temporarily
suspended: Host or domain name not found. Name service error for
name=hotmail.com type=MX: Host not found, try again)
search local.com
nameserver 202.156.1.58
nameserver 218.186.1.38
nameserver 202.156.1.38
What is the output of "host -t mx hotmail.com"?
In nsswitch.conf, is "dns" listed on the hosts line?
And are you sure that you're allowed to use these name servers?

Please try

dig @202.156.1.58 lists.opensuse.org

If you only get output lines starting with ";" signs these name servers
are not allowing access from your ISP.

Try to use the nameservers used by your router or gateway or ask your
ISP. My ISP sent me a letter including the credentials and all the
settings including the name servers to use.

Lars
--
Lars MÃŒller [ˈlaː(r)z ˈmʏlɐ]
Samba Team
SUSE Linux, Maxfeldstraße 5, 90409 NÃŒrnberg, Germany
Otto Rodusek
2009-11-26 11:34:24 UTC
Permalink
Post by Joachim Schrod
Post by Otto Rodusek
I've recently set up a new OpenSuse11.1 server. I need a simple smtp
request - mail out system errors to the sysadmin as/when necessary. I've
configured postfix but no matter what I try I keep getting the following
errors: (I've tried other email address - not just hotmail.com - with
the same error result!!)
delays=71820/28/0/0.1, dsn=4.4.3, status=deferred (delivery temporarily
suspended: Host or domain name not found. Name service error for
name=hotmail.com type=MX: Host not found, try again)
search local.com
nameserver 202.156.1.58
nameserver 218.186.1.38
nameserver 202.156.1.38
What is the output of "host -t mx hotmail.com"?
In nsswitch.conf, is "dns" listed on the hosts line?
Joachim
Hi Joachim,

I think you've hit on something!! Below are the results from the server
that is not able to smtp out: So any idea what the problem could be??
Much thanks for your help!

bunyip:/etc # host -t mx hotmail.com
;; connection timed out; no servers could be reached
bunyip:/etc # cat nsswitch.conf
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# compat Use compatibility setup
# nisplus Use NIS+ (NIS version 3)
# nis Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# [NOTFOUND=return] Stop searching if not found so far
#
# For more information, please read the nsswitch.conf.5 manual page.
#

# passwd: files nis
# shadow: files nis
# group: files nis

passwd: compat
group: compat

hosts: files mdns4_minimal [NOTFOUND=return] dns
networks: files dns

services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files nis
publickey: files

bootparams: files
automount: files nis
aliases: files


bunyip:/etc #


I tried the same on another machine (also with 11.1) at another
installation and got:

aplcom:~ # host -t mx hotmail.com
hotmail.com mail is handled by 5 mx1.hotmail.com.
hotmail.com mail is handled by 5 mx2.hotmail.com.
hotmail.com mail is handled by 5 mx3.hotmail.com.
hotmail.com mail is handled by 5 mx4.hotmail.com.
aplcom:~ # cat /etc/nsswitch.conf
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# compat Use compatibility setup
# nisplus Use NIS+ (NIS version 3)
# nis Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# [NOTFOUND=return] Stop searching if not found so far
#
# For more information, please read the nsswitch.conf.5 manual page.
#

# passwd: files nis
# shadow: files nis
# group: files nis

passwd: compat
group: compat

hosts: files mdns4_minimal [NOTFOUND=return] dns
networks: files dns

services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files nis
publickey: files

bootparams: files
automount: files nis
aliases: files


aplcom:~ #
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Joachim Schrod
2009-11-26 11:55:32 UTC
Permalink
Post by Otto Rodusek
Post by Joachim Schrod
Post by Otto Rodusek
I've recently set up a new OpenSuse11.1 server. I need a simple smtp
request - mail out system errors to the sysadmin as/when necessary.
delays=71820/28/0/0.1, dsn=4.4.3, status=deferred (delivery temporarily
suspended: Host or domain name not found. Name service error for
name=hotmail.com type=MX: Host not found, try again)
What is the output of "host -t mx hotmail.com"?
In nsswitch.conf, is "dns" listed on the hosts line?
I think you've hit on something!! Below are the results from the server
that is not able to smtp out: So any idea what the problem could be??
bunyip:/etc # host -t mx hotmail.com
;; connection timed out; no servers could be reached
bunyip:/etc # cat nsswitch.conf
#
hosts: files mdns4_minimal [NOTFOUND=return] dns
That means that if hotmail.com's MX record is not found in Zeroconf
(i.e., the avahi daemon, implementing Apple's Bonjour protocol), it
returns immediately, without contacting your DNS servers.

There are two possible remedies:

1) If you don't know what Zeroconf is and have no Apple system,
remove the string "mdns4_minimal [NOTFOUND=return] " from the
line above. I.e., leave only files and dns.

2) Otherwise, check that avahi is running. I can't help you
further in that use case, there others must chime in. (I don't
use it. This stuff is good, as long as it works, and is pure
horror if it doesn't work. Just like all things from Apple.
I'm an old Unix grey beard (literally) and will not adapt to
this new-fangled stuff. DNS works for me and it also doesn't
help me get the kids off my lawn... :-) :-))

Joachim

PS: No need to answer me personally, just reply to the list.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Joachim Schrod Email: ***@acm.org
Roedermark, Germany
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Lars Müller
2009-11-26 12:17:09 UTC
Permalink
[ 8< ]
Post by Joachim Schrod
Post by Otto Rodusek
hosts: files mdns4_minimal [NOTFOUND=return] dns
That means that if hotmail.com's MX record is not found in Zeroconf
(i.e., the avahi daemon, implementing Apple's Bonjour protocol), it
returns immediately, without contacting your DNS servers.
1) If you don't know what Zeroconf is and have no Apple system,
remove the string "mdns4_minimal [NOTFOUND=return] " from the
line above. I.e., leave only files and dns.
But then we might lose the abilty to resolve hostname without having
setup a DNS server in the LAN.
Post by Joachim Schrod
2) Otherwise, check that avahi is running. I can't help you
further in that use case, there others must chime in. (I don't
use it. This stuff is good, as long as it works, and is pure
horror if it doesn't work. Just like all things from Apple.
I'm an old Unix grey beard (literally) and will not adapt to
this new-fangled stuff. DNS works for me and it also doesn't
help me get the kids off my lawn... :-) :-))
Independent if 40+ or 50+, Zeroconf, Automatic Private IP Addressing, or
which other name you use and also independent of the operating system in
use this no black magic limited to teenies.

It is how things are intended to work in a home environment. Maybe even
in small offices.

Yet another KISS approach.

But back to the technical issue:

chkconfig avahi-daemon
chkconfig avahi-dnsconfd

both commands return "on" with a plain openSUSE 11.2 system. With other
words the avahi-daemon and avahi-dnsconfd services are enabled to get
started while the system's boot process.

And:

service avahi-daemon status
service avahi-dnsconfd status

both commands return "running" on the same system. Now we know the
services got started and are still running.

Lars
--
Lars MÃŒller [ˈlaː(r)z ˈmʏlɐ]
Samba Team
SUSE Linux, Maxfeldstraße 5, 90409 NÃŒrnberg, Germany
Joachim Schrod
2009-11-26 12:49:27 UTC
Permalink
Post by Lars Müller
Post by Joachim Schrod
2) Otherwise, check that avahi is running. I can't help you
further in that use case, there others must chime in. (I don't
use it. This stuff is good, as long as it works, and is pure
horror if it doesn't work. Just like all things from Apple.
I'm an old Unix grey beard (literally) and will not adapt to
this new-fangled stuff. DNS works for me and it also doesn't
help me get the kids off my lawn... :-) :-))
Independent if 40+ or 50+, Zeroconf, Automatic Private IP Addressing, or
which other name you use and also independent of the operating system in
use this no black magic limited to teenies.
It is how things are intended to work in a home environment. Maybe even
in small offices.
Did I hit a pet peeve of you? Was the last line and the smileys not
enough to convey irony? Wow. ;-) That I don't use avahi and thus
could not name its SUSE service names from memory, doesn't mean
that I don't know about Zeroconf and the associated technologies
and programs. The problem with your intended usage is the inability
of tech buffs to help family members or office colleagues when
something goes awry.

Since: the actual problem with avahi is that the documentation is
crap. Just look at http://avahi.org/wiki/Avah4users and tell me
with a straight face that this bunch of information is sufficient
for troubleshooting if the daemon is (a) running and (b) not
delivering the correct information. The man page of ahavi.service
is a laugh, for avahi-browser and avahi-discover even more so. A
halfway good software manual is more than these badly written man
pages and one wiki page.

Joachim

PS: And while I'm at ranting, the same holds for all those new *Kit
daemons, too. There is no document to be found that explains how
udev, HAL, ConsoleKit, and PolicyKit are supposed to work together.
Not to speak of PackageKit; just look at the recent F12 disaster...
The attitude of the *Kit developers ("I don't care about the
traditional Unix way"), combined with their unwillingness to
provide good documentation, makes this stuff a complete mess from a
sysadmin point of view.

PPS: Don't take this stuff too earnest, and cat /etc/motd some time
today.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Joachim Schrod Email: ***@acm.org
Roedermark, Germany
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Lars Müller
2009-11-26 18:22:07 UTC
Permalink
Post by Joachim Schrod
Post by Lars Müller
Post by Joachim Schrod
2) Otherwise, check that avahi is running. I can't help you
further in that use case, there others must chime in. (I don't
use it. This stuff is good, as long as it works, and is pure
horror if it doesn't work. Just like all things from Apple.
I'm an old Unix grey beard (literally) and will not adapt to
this new-fangled stuff. DNS works for me and it also doesn't
help me get the kids off my lawn... :-) :-))
Independent if 40+ or 50+, Zeroconf, Automatic Private IP Addressing, or
which other name you use and also independent of the operating system in
use this no black magic limited to teenies.
It is how things are intended to work in a home environment. Maybe even
in small offices.
Did I hit a pet peeve of you? Was the last line and the smileys not
enough to convey irony? Wow. ;-) That I don't use avahi and thus
could not name its SUSE service names from memory, doesn't mean
that I don't know about Zeroconf and the associated technologies
and programs. The problem with your intended usage is the inability
of tech buffs to help family members or office colleagues when
something goes awry.
I've seen the smily and my reply was written in the hope not needing a
smily.

On the other side you're right. I can't listen any longer to these type
of "I'm used to do it this way since 1978." complains if it comes to the
automatic IP configuration approach. This is neither Apple nor
Microsoft. This is well known and documented in RFC 3330 from 2002.

And it works very well if there woundn't be so many broken soho routers.

And so many people knowing it better. :)
Post by Joachim Schrod
Since: the actual problem with avahi is that the documentation is
crap. Just look at http://avahi.org/wiki/Avah4users and tell me
with a straight face that this bunch of information is sufficient
for troubleshooting if the daemon is (a) running and (b) not
delivering the correct information. The man page of ahavi.service
is a laugh, for avahi-browser and avahi-discover even more so. A
halfway good software manual is more than these badly written man
pages and one wiki page.
Simply change and fix it by contribution. Looks like avahi.org is open
to contributions. If I got it right this is a simple trac system and
therefore all you need to do is filing tickets. As you might have done
already.

Also filing bugs at the Novell bugzilla might be of help even if they
get closed with resolution "upstream". Developers then know there is
something broken.

Yes, documentation is a big issue in the OSS world. But even here
missing contribution to this boring part is an issue too.

Unfortunately the majority of users still believes they're not able to
contribute. IIRC we've seen such discussions here or on the factory
list recently too.
Post by Joachim Schrod
PS: And while I'm at ranting, the same holds for all those new *Kit
daemons, too. There is no document to be found that explains how
udev, HAL, ConsoleKit, and PolicyKit are supposed to work together.
Not to speak of PackageKit; just look at the recent F12 disaster...
The attitude of the *Kit developers ("I don't care about the
traditional Unix way"), combined with their unwillingness to
provide good documentation, makes this stuff a complete mess from a
sysadmin point of view.
Even this is part of the OSS concept. On the one side people like to
control a WiFi NIC from the desktop while others they like to keep the
"good" old netconfig approach.
Post by Joachim Schrod
PPS: Don't take this stuff too earnest, and cat /etc/motd some time
today.
No, no, I'm always limiting my laughing to the time while I'm in the
cellar. ;)

Lars
--
Lars MÃŒller [ˈlaː(r)z ˈmʏlɐ]
Samba Team
SUSE Linux, Maxfeldstraße 5, 90409 NÃŒrnberg, Germany
Joachim Schrod
2009-11-27 00:05:37 UTC
Permalink
Post by Joachim Schrod
Since: the actual problem with avahi is that the documentation is
crap. Just look at http://avahi.org/wiki/Avah4users and tell me
with a straight face that this bunch of information is sufficient
for troubleshooting
Simply change and fix it by contribution. [...] As you might have done
already.
;-) No, you won't succeed luring me to it. While I know avahi &al,
I don't use it in our own networks and thus won't invest work
there. (I'm a member of the LaTeX team, a CTAN administrator, and
active in DANTE, being a founding member; almost all OSS work that
I'm doing in my free non-work time is spent in the TeX world.)
Having two parallel Internet connections, using policy based
routing, and running experimental services on all systems doesn't
lend itself to Zeroconf -- our system configuration is highly
specialized and thus controlled with Puppet. But then, I run an IT
consulting company; I'm not a normal Linux user.
Post by Joachim Schrod
PS: And while I'm at ranting, the same holds for all those new *Kit
daemons, too. There is no document to be found that explains how
udev, HAL, ConsoleKit, and PolicyKit are supposed to work together.
Not to speak of PackageKit; just look at the recent F12 disaster...
The attitude of the *Kit developers ("I don't care about the
traditional Unix way"), combined with their unwillingness to
provide good documentation, makes this stuff a complete mess from a
sysadmin point of view.
Even this is part of the OSS concept. On the one side people like to
control a WiFi NIC from the desktop while others they like to keep the
"good" old netconfig approach.
I do understand the intentions behind those systems, and I agree to
the sentiment that the traditional Unix way is not sufficient for
modern environments with hot-pluggable components. My problem is
more the way that has been chosen as a remedy, where the overall
architecture of hardware management is (a) quite complex and (b)
does not take sysadmin tasks in account: while the system is
configurable as hell, very few people know how to connect the dots
of the myriads of XML configuration files. Having mostly API
documentation for systems like HAL, D-BUS, or *Kit doesn't help
either. E.g., I have started a HOWTO documentation for myself, and
it has still more questions than answers.

Joachim
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Joachim Schrod Email: ***@acm.org
Roedermark, Germany
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Lars Müller
2009-11-27 11:35:19 UTC
Permalink
Post by Joachim Schrod
Post by Joachim Schrod
Since: the actual problem with avahi is that the documentation is
crap. Just look at http://avahi.org/wiki/Avah4users and tell me
with a straight face that this bunch of information is sufficient
for troubleshooting
Simply change and fix it by contribution. [...] As you might have done
already.
;-) No, you won't succeed luring me to it. While I know avahi &al,
I don't use it in our own networks and thus won't invest work
there. (I'm a member of the LaTeX team, a CTAN administrator, and
active in DANTE, being a founding member; almost all OSS work that
I'm doing in my free non-work time is spent in the TeX world.)
Having two parallel Internet connections, using policy based
routing, and running experimental services on all systems doesn't
lend itself to Zeroconf -- our system configuration is highly
specialized and thus controlled with Puppet. But then, I run an IT
consulting company; I'm not a normal Linux user.
Nothing to add. Such a setup isn't the goal of the link local approach.

And contributing to LaTeX is also a very good excuse. ;)

My main goal was to express that it is much easier to contribute than
most people believe. With the openSUSE project this isn't limited to
the Build Service. Everyone is able to update or add a wiki page.

And sometimes even the discussion at a mailing list leads to a solution
and new insights. :))
Post by Joachim Schrod
Post by Joachim Schrod
PS: And while I'm at ranting, the same holds for all those new *Kit
daemons, too. There is no document to be found that explains how
udev, HAL, ConsoleKit, and PolicyKit are supposed to work together.
Not to speak of PackageKit; just look at the recent F12 disaster...
The attitude of the *Kit developers ("I don't care about the
traditional Unix way"), combined with their unwillingness to
provide good documentation, makes this stuff a complete mess from a
sysadmin point of view.
Even this is part of the OSS concept. On the one side people like to
control a WiFi NIC from the desktop while others they like to keep the
"good" old netconfig approach.
I do understand the intentions behind those systems, and I agree to
the sentiment that the traditional Unix way is not sufficient for
modern environments with hot-pluggable components. My problem is
more the way that has been chosen as a remedy, where the overall
architecture of hardware management is (a) quite complex and (b)
does not take sysadmin tasks in account: while the system is
configurable as hell, very few people know how to connect the dots
of the myriads of XML configuration files. Having mostly API
documentation for systems like HAL, D-BUS, or *Kit doesn't help
either. E.g., I have started a HOWTO documentation for myself, and
it has still more questions than answers.
Even this would be a good starting point. Cause without the open
questions we'll never see the answers. And I'm quite sure I'm not aware
of 10% of the questions you'll raise.

For anyone using Linux a bit longer this "new" FooKit and other stuff is
different. But the lack of documentation isn't something new. Have you
ever tried to understand why cron writes "permission denied" to the
syslog?

And it's not CronKit which is doing this. :)

BTW it looks like DeviceKit it the most current kid of the kits. Which
in general stresses your use of *Kit.

Lars
--
Lars MÃŒller [ˈlaː(r)z ˈmʏlɐ]
Samba Team
SUSE Linux, Maxfeldstraße 5, 90409 NÃŒrnberg, Germany
Per Jessen
2009-11-26 20:36:37 UTC
Permalink
Post by Lars Müller
Unfortunately the majority of users still believes they're not able to
contribute.
Lars, I submit that you have absolutely no idea about what the majority
of users believe or do not believe. Do stop making ridiculous
statements.
--
Per Jessen, Zürich (9.6°C)
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Carlos E. R.
2009-11-26 23:50:18 UTC
Permalink
...
Post by Lars Müller
Post by Joachim Schrod
Since: the actual problem with avahi is that the documentation is
crap. Just look at http://avahi.org/wiki/Avah4users and tell me
with a straight face that this bunch of information is sufficient
for troubleshooting if the daemon is (a) running and (b) not
delivering the correct information. The man page of ahavi.service
is a laugh, for avahi-browser and avahi-discover even more so. A
halfway good software manual is more than these badly written man
pages and one wiki page.
Simply change and fix it by contribution. Looks like avahi.org is open
to contributions. If I got it right this is a simple trac system and
therefore all you need to do is filing tickets. As you might have done
already.
...
Post by Lars Müller
Yes, documentation is a big issue in the OSS world. But even here
missing contribution to this boring part is an issue too.
Unfortunately the majority of users still believes they're not able to
contribute. IIRC we've seen such discussions here or on the factory
list recently too.
Impossible.

We can not fill the documentation for something we know nothing about.
Only the developers and the people on the know can write the needed
documentation.

The devs may have wonderful ideas about what can be done with the
software they write... but that can only happen after /they/ write proper
documentation.

- --
Cheers,
Carlos E. R.
Philip Dowie
2009-11-27 00:02:34 UTC
Permalink
--snip--
Post by Carlos E. R.
Post by Lars Müller
Yes, documentation is a big issue in the OSS world. But even here
missing contribution to this boring part is an issue too.
Unfortunately the majority of users still believes they're not able to
contribute. IIRC we've seen such discussions here or on the factory
list recently too.
Impossible.
We can not fill the documentation for something we know nothing about.
Only the developers and the people on the know can write the needed
documentation.
The devs may have wonderful ideas about what can be done with the
software they write... but that can only happen after /they/ write proper
documentation.
I don't entirely agree that the devs are the only one who can write
documentation - anyone who has spent time playing around with the software
can probably write some level of documentation - agreed they don't know how
to solve any problems that may arise, but unless they encounter such problems,
there is still nothing stopping them from writing useful documentation - for
those who are less willing to just try stuff out. (Unless, of course, the
software gives no feedback, no rudimentary help, etc.
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Per Jessen
2009-11-27 07:05:44 UTC
Permalink
Post by Philip Dowie
--snip--
Post by Carlos E. R.
Post by Lars Müller
Yes, documentation is a big issue in the OSS world. But even here
missing contribution to this boring part is an issue too.
Unfortunately the majority of users still believes they're not able
to contribute. IIRC we've seen such discussions here or on the
factory list recently too.
Impossible.
We can not fill the documentation for something we know nothing about.
Only the developers and the people on the know can write the needed
documentation.
The devs may have wonderful ideas about what can be done with the
software they write... but that can only happen after /they/ write
proper documentation.
I don't entirely agree that the devs are the only one who can write
documentation - anyone who has spent time playing around with the
software can probably write some level of documentation
yes, that is how a lot of howtos are written. That doesn't necessarily
contribute as documentation as such though. It's difficult to write a
useful howto without some minimum of documentation.

/Per
--
Per Jessen, Zürich (5.5°C)
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Carlos E. R.
2009-11-27 16:04:59 UTC
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
...
Post by Per Jessen
Post by Philip Dowie
I don't entirely agree that the devs are the only one who can write
documentation - anyone who has spent time playing around with the
software can probably write some level of documentation
yes, that is how a lot of howtos are written. That doesn't necessarily
contribute as documentation as such though. It's difficult to write a
useful howto without some minimum of documentation.
Exactly, a howto. But not the manual.

Only the devs, or people capable to really understand code written by
others (ie, not me), can know all the features the software is expected to
have and document them. And that would only be the list of parameters and
swithes, not how to combine them to get work done.

- --
Cheers,
Carlos E. R.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAksP+K0ACgkQtTMYHG2NR9V8zQCfQiKw/UhfsBrIUTx8N/HA3P/i
6jQAn1giN2wtNUYhooRl2rgz44k1cNy3
=Vr12
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Anton Aylward
2009-11-26 12:45:22 UTC
Permalink
Post by Lars Müller
[ 8< ]
Post by Joachim Schrod
Post by Otto Rodusek
hosts: files mdns4_minimal [NOTFOUND=return] dns
That means that if hotmail.com's MX record is not found in Zeroconf
(i.e., the avahi daemon, implementing Apple's Bonjour protocol), it
returns immediately, without contacting your DNS servers.
1) If you don't know what Zeroconf is and have no Apple system,
remove the string "mdns4_minimal [NOTFOUND=return] " from the
line above. I.e., leave only files and dns.
But then we might lose the abilty to resolve hostname without having
setup a DNS server in the LAN.
No, that is not the case.
In short,

"hosts: files dns"

means:

First consult /etc/hosts
then use what's specified in etc/resolv.conf

While its useful for a SMB and larger to have a internal DNS server,
especially if hosts appear and disappear using DHCP, its not necessary
for a home network or a small office where the network configuration is
fixed and can be specified in /etc/hosts. In that case the
/etc/resolv.conf uses the values supplied by the ISP.

Or perhaps, as is the case in my home network, the firewall/router/CPE
connects to my cable ISP using DHCP and my internal hosts all have
/etc/resolv.conf pointing to the inside port of the firewall, which acts
as a proxy/cache/relayer.

KISS
--
Of all tyrannies, a tyranny exercised for the good of its victims may be
the most oppressive. It may be better to live under robber barons than
under omnipotent moral busybodies. The robber baron's cruelty may
sometimes sleep, his cupidity may at some point be satiated; but those
who torment us for our own good will torment us without end, for they do
so with the approval of their consciences.
-- C. S. Lewis
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Joachim Schrod
2009-11-26 13:05:19 UTC
Permalink
Post by Anton Aylward
Post by Lars Müller
[ 8< ]
Post by Joachim Schrod
Post by Otto Rodusek
hosts: files mdns4_minimal [NOTFOUND=return] dns
That means that if hotmail.com's MX record is not found in Zeroconf
(i.e., the avahi daemon, implementing Apple's Bonjour protocol), it
returns immediately, without contacting your DNS servers.
1) If you don't know what Zeroconf is and have no Apple system,
remove the string "mdns4_minimal [NOTFOUND=return] " from the
line above. I.e., leave only files and dns.
But then we might lose the abilty to resolve hostname without having
setup a DNS server in the LAN.
No, that is not the case.
[rest snipped. You don't need to explain nsswitch.conf to Lars,
he is a developer and knows it inside out.]
Of course, this *is* the case, if Zeroconf is used. But I gathered
from Otto's posts that this quite likely not the case, therefore I
gave advice 1). Otherwise I wouldn't have done so.

Zeroconf is a name and service resolution protocol introduced by
Apple that shall enable address allocation without DHCP server,
name and IP resolution without /etc/hosts and DNS server, and
service location (printers and such) without a directory server.
There are also fringe use cases like multicast address allocation,
which are probably never used in home and SOHO environments, where
Zeroconf brings the most advantages.

http://www.zeroconf.org/ has good technical information on it. The
ORA book on Zeroconf is also quite good, as usual. It's drawback is
that it focuses on Mac OS X and application developpers too much,
and leaves Unix sysadmins in the cold.

Joachim
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Joachim Schrod Email: ***@acm.org
Roedermark, Germany
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Otto Rodusek
2009-11-27 07:33:53 UTC
Permalink
Post by Joachim Schrod
Post by Otto Rodusek
Post by Joachim Schrod
Post by Otto Rodusek
I've recently set up a new OpenSuse11.1 server. I need a simple smtp
request - mail out system errors to the sysadmin as/when necessary.
delays=71820/28/0/0.1, dsn=4.4.3, status=deferred (delivery temporarily
suspended: Host or domain name not found. Name service error for
name=hotmail.com type=MX: Host not found, try again)
What is the output of "host -t mx hotmail.com"?
In nsswitch.conf, is "dns" listed on the hosts line?
I think you've hit on something!! Below are the results from the server
that is not able to smtp out: So any idea what the problem could be??
bunyip:/etc # host -t mx hotmail.com
;; connection timed out; no servers could be reached
bunyip:/etc # cat nsswitch.conf
#
hosts: files mdns4_minimal [NOTFOUND=return] dns
That means that if hotmail.com's MX record is not found in Zeroconf
(i.e., the avahi daemon, implementing Apple's Bonjour protocol), it
returns immediately, without contacting your DNS servers.
1) If you don't know what Zeroconf is and have no Apple system,
remove the string "mdns4_minimal [NOTFOUND=return] " from the
line above. I.e., leave only files and dns.
2) Otherwise, check that avahi is running. I can't help you
further in that use case, there others must chime in. (I don't
use it. This stuff is good, as long as it works, and is pure
horror if it doesn't work. Just like all things from Apple.
I'm an old Unix grey beard (literally) and will not adapt to
this new-fangled stuff. DNS works for me and it also doesn't
help me get the kids off my lawn... :-) :-))
Joachim
PS: No need to answer me personally, just reply to the list.
Hi, Thanks for all the helpful hints - tried all of them but
postfix/sendmail still can't send out any mail!! I'm a bit confused with
this dns issue - mainly if I open firefox or konquer, I have no problems
surfing the net - even zyppr does all the updates without complaint -
seems that ONLY postfix is giving an issue. As Joachim mentioned I
tried the host command with the following results:

bunyip:/etc # host gmail.com
gmail.com has address 209.85.225.83
gmail.com has address 74.125.79.83
gmail.com has address 74.125.127.83
;; connection timed out; no servers could be reached
bunyip:/etc # host -t mx gmail.com
;; connection timed out; no servers could be reached
bunyip:/etc #

It kinda works in that it can identifiy the correct host address just
can't resolve any mx records!! I have tried to turn of all firewalls
(just in case it was a firewall issue) however I still get the same result.

Anyone else can suggest something else to try to resolve this. Thanks
for all the helpful feedbacks!!
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Joachim Schrod
2009-11-27 15:25:36 UTC
Permalink
Post by Otto Rodusek
Post by Joachim Schrod
Post by Otto Rodusek
#
hosts: files mdns4_minimal [NOTFOUND=return] dns
1) If you don't know what Zeroconf is and have no Apple system,
remove the string "mdns4_minimal [NOTFOUND=return] " from the
line above. I.e., leave only files and dns.
2) Otherwise, check that avahi is running.
Hi, Thanks for all the helpful hints - tried all of them but
postfix/sendmail still can't send out any mail!! I'm a bit confused with
this dns issue - mainly if I open firefox or konquer, I have no problems
surfing the net - even zyppr does all the updates without complaint -
seems that ONLY postfix is giving an issue. As Joachim mentioned I
bunyip:/etc # host gmail.com
gmail.com has address 209.85.225.83
gmail.com has address 74.125.79.83
gmail.com has address 74.125.127.83
;; connection timed out; no servers could be reached
bunyip:/etc # host -t mx gmail.com
;; connection timed out; no servers could be reached
bunyip:/etc #
This tells that name resolution works, but not mx lookups.
Actually, since the first command also outputs a time-out message,
this probably also gets no answer from the DNS server. This is not
good as the dig command yesterday worked.

Before we make postfix work, dig and host must return results.
Without them working, postfix won't work at all.

Step 1)

dig @202.156.1.58 gmail.com mx

does that output a result?
=> This is the most basic way to check of you can access
your DNS server.

Step 2)

host -v -t mx gmail.com 202.156.1.58

how about this?
=> This is a weeny bit more high-level, but the server
is still accessed directly, without system configuation.

Step 3)

Make a backup copy of nsswitch.conf.
Edit it: only "files dns" shall remain on the hosts line.

host -v -t mx gmail.com

what's the result now?
=> This uses the system configuration.

If step 3 didn't return a result, stop now and come back.

Step 4)

What is the output of

rcnscd status

It may tell "command not found", that's OK, too. If it
tells "running", call "rcnscd restart".

Step 5)

Restart postfix; otherwise the changed nsswitch.conf
will not be activated:

rcpostfix restart


Hopefully these steps give more information to locate the problem
at your system.

Joachim
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Joachim Schrod Email: ***@acm.org
Roedermark, Germany
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Sandy Drobic
2009-11-28 19:45:37 UTC
Permalink
Post by Otto Rodusek
Hi, Thanks for all the helpful hints - tried all of them but
postfix/sendmail still can't send out any mail!! I'm a bit confused with
this dns issue - mainly if I open firefox or konquer, I have no problems
surfing the net - even zyppr does all the updates without complaint -
seems that ONLY postfix is giving an issue. As Joachim mentioned I
A few days ago I stumbled upon a very annoying bug that interfered with Postfix:

I installed the rpm package of VMWare Server 1.10, everything was working as
usual, but then I noticed that mails were stuck in the queue and delivery was
suspended.

A bit of trouble-shooting and I discovered that the installation of the new
VMWare added some service entries in /etc/services. Unfortunately by doing so
the permissions were changed to "root:root 600", so the Postfix smtp client
that is not working with root privileges had no more access to /etc/services,
and all kind of strange error messages started to pop up.

These kind of strange errors are almost always of external origin. That
includes wrong/missing linked libraries, wrong permissions, faulty dns setup,
incorrectly set up chroot environments and many more.
--
Sandy

List replies only please!
Please address PMs to: news-reply2 (@) drobic (.) de
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Otto Rodusek
2009-11-26 11:41:53 UTC
Permalink
Post by Lars Müller
Post by Joachim Schrod
Post by Otto Rodusek
I've recently set up a new OpenSuse11.1 server. I need a simple smtp
request - mail out system errors to the sysadmin as/when necessary. I've
configured postfix but no matter what I try I keep getting the following
errors: (I've tried other email address - not just hotmail.com - with
the same error result!!)
delays=71820/28/0/0.1, dsn=4.4.3, status=deferred (delivery temporarily
suspended: Host or domain name not found. Name service error for
name=hotmail.com type=MX: Host not found, try again)
search local.com
nameserver 202.156.1.58
nameserver 218.186.1.38
nameserver 202.156.1.38
What is the output of "host -t mx hotmail.com"?
In nsswitch.conf, is "dns" listed on the hosts line?
And are you sure that you're allowed to use these name servers?
Please try
If you only get output lines starting with ";" signs these name servers
are not allowing access from your ISP.
Try to use the nameservers used by your router or gateway or ask your
ISP. My ISP sent me a letter including the credentials and all the
settings including the name servers to use.
Lars
Hi Lars,

Thanks for the feedback. I tried the dig command and indeed it worked
fine!! See below:

bunyip:/etc # dig @202.156.1.58 lists.opensuse.org

; <<>> DiG 9.5.0-P2 <<>> @202.156.1.58 lists.opensuse.org
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16210
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;lists.opensuse.org. IN A

;; ANSWER SECTION:
lists.opensuse.org. 600 IN A 195.135.221.135

;; Query time: 220 msec
;; SERVER: 202.156.1.58#53(202.156.1.58)
;; WHEN: Thu Nov 26 19:36:00 2009
;; MSG SIZE rcvd: 52
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Otto Rodusek
2009-11-26 11:43:15 UTC
Permalink
Post by Joachim Schrod
Post by Otto Rodusek
I've recently set up a new OpenSuse11.1 server. I need a simple smtp
request - mail out system errors to the sysadmin as/when necessary. I've
configured postfix but no matter what I try I keep getting the following
errors: (I've tried other email address - not just hotmail.com - with
the same error result!!)
delays=71820/28/0/0.1, dsn=4.4.3, status=deferred (delivery temporarily
suspended: Host or domain name not found. Name service error for
name=hotmail.com type=MX: Host not found, try again)
search local.com
nameserver 202.156.1.58
nameserver 218.186.1.38
nameserver 202.156.1.38
What is the output of "host -t mx hotmail.com"?
In nsswitch.conf, is "dns" listed on the hosts line?
Joachim
Hi Joachim,

I think you've hit on something!! Below are the results from the server
that is not able to smtp out: So any idea what the problem could be??
Much thanks for your help!

bunyip:/etc # host -t mx hotmail.com
;; connection timed out; no servers could be reached
bunyip:/etc # cat nsswitch.conf
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# compat Use compatibility setup
# nisplus Use NIS+ (NIS version 3)
# nis Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# [NOTFOUND=return] Stop searching if not found so far
#
# For more information, please read the nsswitch.conf.5 manual page.
#

# passwd: files nis
# shadow: files nis
# group: files nis

passwd: compat
group: compat

hosts: files mdns4_minimal [NOTFOUND=return] dns
networks: files dns

services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files nis
publickey: files

bootparams: files
automount: files nis
aliases: files


bunyip:/etc #


I tried the same on another machine (also with 11.1) at another
installation and got:

aplcom:~ # host -t mx hotmail.com
hotmail.com mail is handled by 5 mx1.hotmail.com.
hotmail.com mail is handled by 5 mx2.hotmail.com.
hotmail.com mail is handled by 5 mx3.hotmail.com.
hotmail.com mail is handled by 5 mx4.hotmail.com.
aplcom:~ # cat /etc/nsswitch.conf
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# compat Use compatibility setup
# nisplus Use NIS+ (NIS version 3)
# nis Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# [NOTFOUND=return] Stop searching if not found so far
#
# For more information, please read the nsswitch.conf.5 manual page.
#

# passwd: files nis
# shadow: files nis
# group: files nis

passwd: compat
group: compat

hosts: files mdns4_minimal [NOTFOUND=return] dns
networks: files dns

services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files nis
publickey: files

bootparams: files
automount: files nis
aliases: files


aplcom:~ #
--
To unsubscribe, e-mail: opensuse+***@opensuse.org
For additional commands, e-mail: opensuse+***@opensuse.org
Richard
2009-11-27 00:27:40 UTC
Permalink
Continue reading on narkive:
Loading...