Postfix - MX:未找到主机错误,但 dig 和 nslookup 正常

tag-icon tag-icon domain-name-system centos postfix centos7 mx-record
Postfix - MX:未找到主机错误,但 dig 和 nslookup 正常

当我决定重新配置主机网络(IP 寻址、DNS 等)时,我有一个正常运行的Postfix电子邮件服务器Centos 7,但重新配置后,邮件发送不再起作用。

/var/log/maillog

Dec  7 10:20:03 server postfix/error[1711]: 030763B26: to=<[email protected]>, relay=none, delay=0.09, delays=0.08/0/0/0, dsn=4.4.3, status=deferred (delivery temporarily suspended: Host or domain name not found. Name service error for name=domain.com type=MX: Host not found, try again)

我很确定 Postfix 用户的 MX 查找有效:

[lester@server ~]$ sudo -u postfix -H cat /etc/resolv.conf
nameserver 8.8.8.8
[lester@server ~]$
[lester@server ~]$ sudo -u postfix -H dig gmail.com MX

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> gmail.com MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56702
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;gmail.com.         IN  MX

;; ANSWER SECTION:
gmail.com.      3158    IN  MX  30 alt3.gmail-smtp-in.l.google.com.
gmail.com.      3158    IN  MX  40 alt4.gmail-smtp-in.l.google.com.
gmail.com.      3158    IN  MX  20 alt2.gmail-smtp-in.l.google.com.
gmail.com.      3158    IN  MX  5 gmail-smtp-in.l.google.com.
gmail.com.      3158    IN  MX  10 alt1.gmail-smtp-in.l.google.com.

;; Query time: 11 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat Dec 07 10:27:03 EST 2019
;; MSG SIZE  rcvd: 161

[lester@server ~]$

我感觉我在这里忽略了一些非常明显的东西。我已经搜索了几个小时,但我找到的所有参考资料都指向 Postfix 无法执行 MX 查找。

有什么建议么?

答案1

我记得这个主机已经selinux启用,所以我深入研究了审计日志,然后就成功了!

/var/log/audit/audit.log

type=AVC msg=audit(1575731823.372:174): avc:  denied  { read } for  pid=1613 comm="smtp" name="resolv.conf" dev="vda1" ino=28066 scontext=system_u:system_r:postfix_smtp_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0

检查 selinux 上下文/etc/resolv.conf

[lester@server ~]$ ls -lZ /etc/resolv.conf
-rw-r--r--. root root system_u:object_r:unlabeled_t:s0 /etc/resolv.conf
[lester@server ~]$

恢复 selinux 上下文:

[lester@server ~]$ sudo restorecon /etc/resolv.conf
[lester@server ~]$ ls -lZ /etc/resolv.conf
-rw-r--r--. root root system_u:object_r:net_conf_t:s0  /etc/resolv.conf
[lester@server ~]$

重新开始Postfix

[lester@server ~]$ sudo systemctl restart postfix
[lester@server ~]$

一切恢復正常。

相关内容