On Fri, 15 Oct 1999, Eric Davis wrote:
> > Qmail will bounce a recipient only if both MX and X lookups fail with an
> > NXDOMAIN error, indicating a permanent failure of the DNS lookup.
> >
> > If there's any other outcome - no response from the DNS server, or any
> > other error - it is interpreted as a transient error, and mail is not
> > bounced, but rescheduled for another delivery attempt.
> >
> > That's the way it should be.
>
> The domain in question is something like <address>@hotmial.com or any
> other varient that we know is not a real domain. (The biggest one we
> see is <address>@aol .com or any variation there of) Why do these
> addresses not bounce right away since their is no DNS server for them?
First of all, hotmial.com is very much a real domain, at least as far as
the root nameservers are concerned:
[root@gwl root]# dig @a.root-servers.net hotmial.com ns
[ snip ]
;; ANSWER SECTION:
hotmial.com. 2D IN NS OBSIDIAN.TZC.COM.
hotmial.com. 2D IN NS SELENITE.TZC.COM.
However, tzc.com's servers are returning a TEMPFAIL:
[root@gwl root]# dig @obsidian.tzc.com hotmial.com mx
[ snip ]
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; hotmial.com, type = MX, class = IN
TEMPFAIL means exactly what it means, a temporary failure, so the message
gets rescheduled for another delivery attempt.
This particular situation is very common when a domain has been shut down
before the expiration date of the domain's registration with Internic. The
hotmial.com zone was purged from these servers a long time ago, so when
they get a query for hotmial.com, they know nothing about it, so they go
to the root nameservers, which then tell them that they themselves are
indeed authoritative for the zone. Some domain name servers will simply
fail to return an answer to the query, in this situations, and some domain
name server will return a TEMPFAIL. Either way, DNS resolvers interpret
this as a temporary failure.
If you were to investigate each one of your problem domains, you will
reach more or less the same conclusion every time. The response to the
DNS query either times out, or returns something other than NXDOMAIN, so
the message gets temporarily bumped.
If a domain really does not exist, the root name servers will return
NXDOMAIN.
