>I figured if one DNS server is down, try again or another As your debug output shows. assp uses all enabled (available) DNS-Servers in parallel (not serial ordered) - every DNS-query is sent to ALL enabled (available) DNS-Servers at a time and the fastest valid answer is used.
Also notice the GUI: .....To debug the DNS queries, switch on DebugSPF, even you don't use the SPF-check..... > but maybe 1 would do that too >Thoughts appreciated. I thought about this setting 'maybe 10 years' ago. -> result: 1 -> default setting: 1 - But this does'nt mean much. Especially - if you have trouble with a feature, assume every default setting as a 'very wild guess' made by the developer. How ever, if DNSretrans is set to 1 and more than one DNS-Server is used (available at a time) the setting of DNSretry is ignored by assp. $retry = int($DNSretrans / (@nameservers || 1)) * $DNSretry; # line 32386 (line 28 in sub queryDNS) $retry = int( 1 / 2 ) * 1 $retry = 0 * 1 $retry = 0 If only one DNS-Server is available: $retry = int( 1 / 1 ) * 1 $retry = 1 * 1 $retry = 1 Thomas Von: "K Post" <nntp.p...@gmail.com> An: "ASSP development mailing list" <assp-test@lists.sourceforge.net> Datum: 04.05.2019 15:07 Betreff: Re: [Assp-test] Fwd: Happening again: specific DNS query keeps hanging ASSP UseLocalDNS: unchecked DNSServers: our 3 internal DNS servers' IP addresses, pipe separated DNSServerLimit: 2 (rotates between the 3) DNSretry: 2 (default is 1) It's been 2 for as long as DNSretry has been an ASSP option, maybe 10 years. I figured if one DNS server is down, try again or another, but maybe 1 would do that too. The GUI information is thin here. Thoughts appreciated. DNSretrans: 1 also DNSReuseSocket is checked. On Fri, May 3, 2019 at 12:00 PM Daniel Miller via Assp-test < assp-test@lists.sourceforge.net> wrote: What are your settings for: UseLocalDNS DNSServers (obfuscate if private) DNSServerLimit DNSretry DNSretrans Daniel On 5/3/2019 8:19 AM, K Post wrote: > Hi Daniel, > > We've only seen the problem with spopessentials2.com > <http://spopessentials2.com>. It's Silverpop systems, now IBM mailing > on behalf of American Airlines. The issue clearly stems from IBM having > this setup wrong, spopessentials2.com <http://spopessentials2.com> is > registered ( https://whois.icann.org/en/lookup?name=spopessentials2.com) > but most DNS servers on the registration seem to be unresponsive. I'd > expect an immediate NXDOMAIN because of this, and I get that when using > NSLOOKUP. > > All 3 of our DNS servers are the native Windows DNS server (a mix of > Windows 2012 and 2016). When I look for any record in > spopessentials2.com <http://spopessentials2.com> using nslookup using > any of our 3 servers, I get an immediate NXDOMAIN. Great. BUT, it > seems that when ASSP does the lookup in perl, that it times out (now > after 2 seconds, instead of the 10 that was causing the problem before). > > I don't see messages from them very often, so haven't tested after the > change from 10 to 2 seconds, but I suspect they'll just deliver now > without timing out. > > The issue is why ASSP isn't getting an NXDomain from the DNS servers > instantly, it shouldn't take the full 2 seconds.. All other DNS queries > seem plenty fast, based on the speed of delivery. I don't know if it's > ASSP, a perl module, a misconfiguration on my end, or what. > > > > On Wed, May 1, 2019 at 3:32 PM Daniel Miller via Assp-test > <assp-test@lists.sourceforge.net > <mailto:assp-test@lists.sourceforge.net>> wrote: > > Even though I'm probably way off - can I ask you to clarify a couple > items? > > Is the problem a specific domain, i.e. spopessentials2.com > <http://spopessentials2.com>? Because I > can't find that domain, or any of the hosts you've listed, via my own > lookups. Host/Dig/Nslookup return immediately (with no result). > > What are you using for your DNS resolvers? I'm using PowerDNS 4.1.1 on > my Ubuntu 18.04 server as the sole resolver without issue. > > Daniel > > On 4/30/2019 7:11 PM, K Post wrote: > > Thanks for the gentle hint. I changed the dnstimeout setting > back to 2 > > seconds. I set it to 10 so that if things got CRAZY slow, I > wouldn't run > > into issues. Obviously that was short sighted, and I'm sorry about > > that. HOWEVER, when i run a NSLOOKUP on a non-existent hostname, > all 3 > > of our DNS servers respond instantly with non-existent domain. > Could > > there be something with the dns setup within Perl that I'm > missing? Can > > you think of any reason that ASSP/perl wouldn't receive an NXDOMAIN > > immediately? > > > > On Mon, Apr 29, 2019 at 10:14 AM Thomas Eckardt > > <thomas.ecka...@thockar.com <mailto:thomas.ecka...@thockar.com> > <mailto:thomas.ecka...@thockar.com > <mailto:thomas.ecka...@thockar.com>>> wrote: > > > > you've set DNSTimeout to 10 seconds (instead using the > default of 2 > > seconds) > > you've not set any of noDKIMAddresses and noDKIMIP > > your DNS-Server is not answering with NXDOMAIN within 10 seconds > > > > And now you ask, how ASSP can workaround this?????? > > > > Thanks for wasting my time. :( > > > > > > Thomas > > > > > > DISCLAIMER: > > ******************************************************* > > This email and any files transmitted with it may be confidential, > > legally privileged and protected in law and are intended > solely for > > the use of the > > individual to whom it is addressed. > > This email was multiple times scanned for viruses. There > should be > > no known virus in this email! > > ******************************************************* > > > > _______________________________________________ > > Assp-test mailing list > > Assp-test@lists.sourceforge.net > <mailto:Assp-test@lists.sourceforge.net> > <mailto:Assp-test@lists.sourceforge.net > <mailto:Assp-test@lists.sourceforge.net>> > > https://lists.sourceforge.net/lists/listinfo/assp-test > > > > > > > > _______________________________________________ > > Assp-test mailing list > > Assp-test@lists.sourceforge.net > <mailto:Assp-test@lists.sourceforge.net> > > https://lists.sourceforge.net/lists/listinfo/assp-test > > > > > _______________________________________________ > Assp-test mailing list > Assp-test@lists.sourceforge.net <mailto: Assp-test@lists.sourceforge.net> > https://lists.sourceforge.net/lists/listinfo/assp-test > > > > _______________________________________________ > Assp-test mailing list > Assp-test@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/assp-test > _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! *******************************************************
_______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
