I discovered Net::DNS::Resolver::errorstring, and put some more logging into SA, and the problem is really simple: my caching-only nameserver times out when looking up NS records for a site that's not in the cache. Not entirely surprising, with a 3-second timeout in SA. And my site is infinitely small (just me), so it's going to be fairly common that one of the well-known sites is not in cache.
SA realizes this, and tries to loop, in Dns.pm's is_dns_available, but the loop is coded wrong, because either a success or a failure breaks out of the loop! A timeout in lookup_ns will result in $result defined, but containing no records, and that triggers the "failed horribly" clause, setting $IS_DNS_AVAILABLE to zero until mimedefang eventually cycles the child process.
I'm a little behind on my SA mail--I noticed this a few weeks ago. My "fix" since I didn't want to patch the code itself was to put "dns_available yes" in local.cf. That skips the whole is_dns_avialable test in DNS.pm.
-- _______________________________________________________________________
Rick Beebe (203) 785-6416 Manager, Systems & Network Engineering FAX: (203) 785-3481 ITS-Med Production Systems [EMAIL PROTECTED] Yale University School of Medicine Suite 124, 100 Church Street South http://its.med.yale.edu New Haven, CT 06519 _______________________________________________________________________
