On 11/02/16 22:54, Evgeniy Berdnikov wrote:
On Thu, Feb 11, 2016 at 05:36:30AM -0500, Konstantin Boyandin wrote:
Talking of my case, MX records *do* point to FQDN, which in turn have
valid A records (no CNAMEs).
All I had to do was to prevent Exim from utilizing A record of the
recipient's domain if MX records resolution failed.
A failure in MX record resolution could be one of three types:
1. Query for MX returns NoError RCODE (no data). It means that domain
exists, has no MX records, but there are other RRs this domain.
MTA should query for A record for this domain name, then for AAAA
record (if IPv6 is anabled), and try to use A or AAAA.
2. Query for MX returns ServFail or resolver timed out. MTA should wait
some time and then try to query for MXes again.
3. Query for MX returns NxDomain (domain does not exist). MTA should treat
it as a permanent error and stop any attempts to deliver message.
Point No.1 is the only case when MTA should do use A record instead of MX.
If your target domain has properly configured MX records, cases (2) and (3)
should be ruled out.
I think your assumption that Exim use A-record for domain "when DNS
request are timed out" is wrong. There should be some other sources
of your problem, maybe some subtle DNS misconfiguration (different
data for primary/slave, different data in zone views, etc).
Or possibly a broken middlebox such as a firewall or loadbalancer at
either the destination domain
or your site that is not always in the path of the query.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
