On 2/6/2013 7:14 AM, Eric Shubert wrote:
On 02/05/2013 04:10 PM, Ed Morrison wrote:
On 2/5/2013 2:48 PM, Eric Shubert wrote:
On 02/05/2013 03:22 PM, Ed Morrison wrote:
Hi:
I am running QmailToaster and have been for many years. Recently (the
last month), I have been receiving these errors:
deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/
<snip>
In addition I have changed out DNS programs on the mail server to
try to help i.e.
caching-nameserver
pdns-recursor
djbdns (rbldnsd)
Currently, I have DNS lookups pointed to a Windows DNS server with the
same issue. Doing a dig or nslookup on the mx records shows a valid
mx record.
Does anyone have an idea as to the problem?
Thanks,
Ed
You remembered to change your /etc/resolv.conf file with these
resolvers, right?
(nameserver 127.0.0.1)
I recommend using pdns-recursor, installed on the QMT host. PowerDNS
is a modern, efficient, well maintained resolver. If that has an issue
resolving something, the problem is likely with the target domain's
DNS records.
Hi Eric:
Yes, I did change the resolv.conf to to reflect only the 127.0.0.1.
But Dig works for the domains see below:
[root@qmail ~]# dig mx teichert.com
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6 <<>> mx teichert.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14358
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;teichert.com. IN MX
;; ANSWER SECTION:
teichert.com. 3600 IN MX 10
mailgw3.ppt.questsys.com.
teichert.com. 3600 IN MX 10
mailgw4.ppt.questsys.com.
teichert.com. 3600 IN MX 10
mailgw1.ppt.questsys.com.
teichert.com. 3600 IN MX 10
mailgw2.ppt.questsys.com.
;; ADDITIONAL SECTION:
mailgw3.ppt.questsys.com. 3600 IN A 208.67.178.50
;; Query time: 196 msec
;; SERVER: 192.168.1.6#53(192.168.1.6)
;; WHEN: Tue Feb 5 15:16:23 2013
;; MSG SIZE rcvd: 155
[root@qmail ~]# dig mx blm.gov
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6 <<>> mx blm.gov
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16497
;; flags: qr aa; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 8
;; QUESTION SECTION:
;blm.gov. IN MX
;; ANSWER SECTION:
blm.gov. 300 IN MX 5 mail5.blm.gov.
blm.gov. 300 IN MX 5 mail4.blm.gov.
;; AUTHORITY SECTION:
blm.gov. 86400 IN NS blmdns2.blm.gov.
blm.gov. 86400 IN NS blmdns1.blm.gov.
;; ADDITIONAL SECTION:
mail4.blm.gov. 600 IN A 204.124.92.27
mail4.blm.gov. 600 IN AAAA 2001:49c8:8004:20fc::92:27
mail5.blm.gov. 600 IN A 204.124.92.28
mail5.blm.gov. 600 IN AAAA 2001:49c8:8004:20fc::92:28
blmdns1.blm.gov. 86400 IN A 204.124.92.8
blmdns1.blm.gov. 86400 IN AAAA 2001:49c8:8004:20fc::92:8
blmdns2.blm.gov. 86400 IN A 204.124.93.8
blmdns2.blm.gov. 86400 IN AAAA 2001:49c8:8004:20fc::93:8
;; Query time: 59 msec
;; SERVER: 192.168.1.6#53(192.168.1.6)
;; WHEN: Tue Feb 5 15:17:21 2013
;; MSG SIZE rcvd: 289
[root@qmail ~]# dig mx tahoe.ca.gov
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6 <<>> mx tahoe.ca.gov
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56341
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2
;; QUESTION SECTION:
;tahoe.ca.gov. IN MX
;; ANSWER SECTION:
tahoe.ca.gov. 6238 IN MX 10
mail.messaging.microsoft.com.
;; ADDITIONAL SECTION:
mail.messaging.microsoft.com. 60 IN A 216.32.181.178
mail.messaging.microsoft.com. 60 IN A 65.55.88.22
;; Query time: 75 msec
;; SERVER: 192.168.1.6#53(192.168.1.6)
;; WHEN: Tue Feb 5 15:17:47 2013
;; MSG SIZE rcvd: 106
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Ok. So I'm guessing that since these domains don't have any CNAME
records, that the failure is with some other domain's lookup.
No, the failure is occurring with these domains and others
I take it that the log messages in question are in the send log?
Yes
Does this happen only with certain domains, or across the board?
Only happening with certain domains but I am receiving more complaints
on a growing list of domains
I don't know qmail-remote in depth, but is it perhaps checking the
sender's domain and choking on that?
Maybe but I am not very familiar with it myself.
One thing that is weird with dns on this system. It doesn't matter what
dns program I setup on it. It will not use it to resolve dns queries.
I have tried powerdns and caching-nameserver and pointed resolv.conf to
itself (127.0.0.1) but any dns queries will not resolve. I have
disabled selinux and iptables to remove them from the equation with no
results. I have to point resolv.conf to my windows dns server for qmail
and dns to work.
Thanks,
Ed
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
