Domain-Name-System
Postfix - MX: Host not found 錯誤但 dig 和 nslookup 正常
當我決定重新配置我的主機網路(IP 地址、DNS 等)時,我有一個工作的
Postfix電子郵件伺服器,Centos 7重新配置後,郵件發送不再工作。
/var/log/maillog:Dec 7 10:20:03 server postfix/error[1711]: 030763B26: to=<gmailaccount@domain.com>, relay=none, delay=0.09, delays=0.08/0/0/0, dsn=4.4.3, status=deferred (delivery temporarily suspended: Host or domain name not found. Name service error for name=domain.com type=MX: Host not found, try again)我很確定 Postfix 使用者的 MX 查找有效:
[lester@server ~]$ sudo -u postfix -H cat /etc/resolv.conf nameserver 8.8.8.8 [lester@server ~]$ [lester@server ~]$ sudo -u postfix -H dig gmail.com MX ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> gmail.com MX ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56702 ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;gmail.com. IN MX ;; ANSWER SECTION: gmail.com. 3158 IN MX 30 alt3.gmail-smtp-in.l.google.com. gmail.com. 3158 IN MX 40 alt4.gmail-smtp-in.l.google.com. gmail.com. 3158 IN MX 20 alt2.gmail-smtp-in.l.google.com. gmail.com. 3158 IN MX 5 gmail-smtp-in.l.google.com. gmail.com. 3158 IN MX 10 alt1.gmail-smtp-in.l.google.com. ;; Query time: 11 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Sat Dec 07 10:27:03 EST 2019 ;; MSG SIZE rcvd: 161 [lester@server ~]$我覺得我在這裡遺漏了一些非常明顯的東西。我一直在搜尋幾個小時,但我發現的所有參考都指向 Postfix 無法執行 MX 查找。
有什麼建議麼?
我記得這個主機已經
selinux啟用,所以我探勘了審計日誌和中提琴!
/var/log/audit/audit.log:type=AVC msg=audit(1575731823.372:174): avc: denied { read } for pid=1613 comm="smtp" name="resolv.conf" dev="vda1" ino=28066 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0檢查 selinux 上下文
/etc/resolv.conf:[lester@server ~]$ ls -lZ /etc/resolv.conf -rw-r--r--. root root system_u:object_r:unlabeled_t:s0 /etc/resolv.conf [lester@server ~]$恢復 selinux 上下文:
[lester@server ~]$ sudo restorecon /etc/resolv.conf [lester@server ~]$ ls -lZ /etc/resolv.conf -rw-r--r--. root root system_u:object_r:net_conf_t:s0 /etc/resolv.conf [lester@server ~]$重啟
Postfix:[lester@server ~]$ sudo systemctl restart postfix [lester@server ~]$一切恢復正常。