We had an incident where both our local caching name servers stopped working. 
They returned SERVFAIL (see example below). They were set as the 
"dns-server-ip-primary" and our host-provided DNS server was set as the 
"dns-server-ip". Because the primaries were failing, I would expect spamdyke to 
automatically switch to resolve via the server set under "dns-server-ip". 
Instead, spamdyke just rejected all our mail for a few hours with 
DENIED_RDNS_MISSING. The host-provide name server was functioning fine.

This is the config:

    dns-server-ip-primary=    # Local caching name server
    dns-server-ip-primary= # Another local caching name server
    dns-server-ip=    # Host-provided name server

This is an example response from a query to either of the primary DNS servers:

    {q@oak3~} dig @ apple.com mx

    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1 <<>> @ 
apple.com mx
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 52266
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

    ;apple.com.                     IN      MX

    ;; Query time: 15 msec
    ;; SERVER:
    ;; WHEN: Mon Mar 11 05:10:32 2019
    ;; MSG SIZE  rcvd: 27

Am I wrong to expect spamdyke to fail over to the non-primary server on a 

spamdyke-users mailing list

Reply via email to