https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6075
Elsa Andrés <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID --- Comment #26 from Elsa Andrés <[email protected]> 2009-03-03 05:38:39 PST --- (In reply to comment #24) > The log looks perfect, you got DNS responses to all of your 25 DNS queries, > all of them within 0.8 seconds of sending a query. Alright then, sirs. Closing this as "invalid" and sorry for the noise. Never seen this before :-) > This is a consequence of two things: > - in your /etc/resolv.conf you are telling your resolver to try appending > one or more fields to the domain name if the attempt with original > name is unsuccessful. Get rid of your existing 'domain' and 'search' > directives in that file, and supply just a 'search' with no arguments. > Or at least do not specify something as vague as 'net' for your domain! > (according to your tcpdump in #12), but use your exact domain name in a > 'search' option, and do not use a 'domain' option. Indeed, that seems to be the culprit. After commented out that sentence ("search net") it returned the expected response (nxdomain). > - the 'org.net' domain you have queried (appended .net to your ...njabl.org) > is registered by Cyberfusion / OKDIRECT.COM. Such domains attempt to > fish for traffic from innocent users which make a typo when enetering an > URL, or sites like yours, which append '.net' to unsuccessful queries. > Gratuitous advertising. Don't let them have your mistyped queries! > Btw, I have another hypothesis why your original queries to ISP may be > failing. > You have 2 Gbps links from your host - but do you have gigabit connectivity > all the way to your service provider? If your uplink is thin, you should have > some traffic shaping with reasonable buffer size on your device sitting just > before a bottleneck link - usually a firewall or a router. If this is some > dumb device, your queries may have been victims of tail drop in a switch. > Note that SpamAssassin made 29 queries in rapid succession, all within 22 > milliseconds. A solution in such scenario would be to turn on traffic > shaper on firewall/router or on your host where SpamAssassin is running. > But never mind, the solution with a caching name server within your > own network is much better. It makes sense. I had in mind to perform a "silly" test I was thinking on these past days: to connect the host with a dial-up modem and see what happens, just to eliminate 2 things, a) dsl router and b) dsl line themselves. This server is running over static ip address so I am binded to it. By using a dial-up modem (just for testing purposes) I would get interesting results, in a way or another. I don't mind to have a "named" service on this machine if just SA (or any other service) need it (indeed, bind9 is a good partner), just wanted to be sure where the problem was. Thanks to all of you for helping me to debug this. -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
