Topic: Missing Postfix log entries
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.8
- Deployed with iRedMail Easy or the downloadable installer?: Downloadable installer
- Linux/BSD distribution name and version: CentOS 7.7.1908
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MariaDB/MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro?: Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
I'm having a problem with missing information/entries in the Postfix mail log that is causing a serious issue with trying to make diagnoses. I first noticed this a couple of weeks ago.
During the last couple of weeks emails from a large Canadian telco/ISP (Telus) were not getting to me (and other users on the same server), but they were getting through to a third-party email address. However, when I grepped the logs for information about why (e.g., blacklist blocks, etc.) grep returned nothing -- i.e., there was no evidence that the Telus mail servers had even made an attempt to connect. I grepped for IP addresses and server names that were in the headers of the email to the third-party email address, and IPs in the telus.net SPF record.
So today I received an email from a correspondent who uses Telus, and I wanted to check to see if other users were receiving emails from Telus. There is activity in the logs from Telus, but there is no record in the mail log of the email I received, despite grepping the IP address in the headers, the server name and the sender's email address!
The only reason I can think of for something not to be logged, by Postfix or any other program, is because the server might be overloaded. However, the server is not overloaded, it's operating at the default log level, and it *is* logging other emails with the same amount of information I would expect.
I just ran "yum update" but there were no updates to Postfix. I've also rebooted the server for good measure. The IP addresses in question are not listed in iptables, and there is no hardware firewall blocking these IP addresses.
Is it possible this is a known issue? Should I post this to the Postfix mailing list?