SMTP failure
in [Postfix]
|
Prev: alternatative to Mailman
Next: Mails bounced 550 5.7.1
From: Glenn English on 19 Mar 2010 08:08 One of my users had problems receiving from Yahoo a couple days ago. The sender (in FLA) got this: >> From: "MAILER-DAEMON(a)yahoo.com" <MAILER-DAEMON(a)yahoo.com> >> To: xxxxx(a)yahoo.com >> Sent: Sun, March 7, 2010 5:51:09 PM >> Subject: failure notice >> >> Hi. This is the qmail-send program at yahoo.com. >> I'm afraid I wasn't able to deliver your message to the following addresses. >> This is a permanent error; I've given up. Sorry it didn't work out. >> >> <xxxxx(a)slsware.com>: >> CNAME lookup failed temporarily. (#4.4.3) >> I'm not going to try again; this message has been in the queue too long. I got the sender on the phone and had him send while I watched the mail log. Nothing showed up. Then I got ahold of Yahoo's error message today. (I receive from Yahoo accounts frequently with no probs that I know of.) It looks to me like the problem has something to do with DNS, not SMTP, right? And why would Yahoo be doing a CNAME lookup? (I checked from a remote site -- my domain's MX server's IP is an A, and I don't see anything having to do with CNAMEs in 'host -t MX slsware.com'.) One of my nameservers is on an ISDN connection -- the latency there is 140ms or so (the other's a much more responsive T1). Might that have had something to do with it? -- Glenn English ghe(a)slsware.com
From: Victor Duchovni on 19 Mar 2010 11:44 On Fri, Mar 19, 2010 at 06:08:12AM -0600, Glenn English wrote: > It looks to me like the problem has something to do with DNS, not > SMTP, right? Yes. > And why would Yahoo be doing a CNAME lookup? Their MTA does that for all destinations, among other lookups. > (I checked > from a remote site -- my domain's MX server's IP is an A, and I don't > see anything having to do with CNAMEs in 'host -t MX slsware.com'.) Your DNS server is a bit odd: $ dig +trace -t any slsware.com ... slsware.com. 172800 IN NS ns1.richeyrentals.com. slsware.com. 172800 IN NS ns1.slsware.com. slsware.com. 172800 IN NS server.slsware.com. ;; Received 148 bytes from 192.5.6.30#53(A.GTLD-SERVERS.NET) in 46 ms ;; connection timed out; no servers could be reached While asking for "cname" or "mx" works... Perhaps their code does a "T_ANY" lookup. -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
From: Wietse Venema on 19 Mar 2010 12:32 Victor Duchovni: > On Fri, Mar 19, 2010 at 06:08:12AM -0600, Glenn English wrote: > > > It looks to me like the problem has something to do with DNS, not > > SMTP, right? > > Yes. > > > And why would Yahoo be doing a CNAME lookup? > > Their MTA does that for all destinations, among other lookups. > > > (I checked > > from a remote site -- my domain's MX server's IP is an A, and I don't > > see anything having to do with CNAMEs in 'host -t MX slsware.com'.) > > Your DNS server is a bit odd: > > $ dig +trace -t any slsware.com > > ... > slsware.com. 172800 IN NS ns1.richeyrentals.com. > slsware.com. 172800 IN NS ns1.slsware.com. > slsware.com. 172800 IN NS server.slsware.com. > ;; Received 148 bytes from 192.5.6.30#53(A.GTLD-SERVERS.NET) in 46 ms > > ;; connection timed out; no servers could be reached > > While asking for "cname" or "mx" works... Perhaps their code does a > "T_ANY" lookup. If I recall correctly, Yahoo runs a modified qmail, and indeed: int dns_cname(sa) stralloc *sa; { int r; int loop; for (loop = 0;loop < 10;++loop) { if (!sa->len) return loop; if (sa->s[sa->len - 1] == ']') return loop; if (sa->s[sa->len - 1] == '.') { --sa->len; continue; } switch(resolve(sa,T_ANY)) { case DNS_MEM: return DNS_MEM; case DNS_SOFT: return DNS_SOFT; case DNS_HARD: return loop; default: ... } } return DNS_HARD; /* alias loop */ } Wietse
From: Glenn English on 19 Mar 2010 13:02 On Mar 19, 2010, at 9:44 AM, Victor Duchovni wrote: > Your DNS server is a bit odd: > > $ dig +trace -t any slsware.com > > ... > slsware.com. 172800 IN NS ns1.richeyrentals.com. > slsware.com. 172800 IN NS ns1.slsware.com. > slsware.com. 172800 IN NS server.slsware.com. > ;; Received 148 bytes from 192.5.6.30#53(A.GTLD-SERVERS.NET) in 46 ms > > ;; connection timed out; no servers could be reached > > While asking for "cname" or "mx" works... Perhaps their code does a > "T_ANY" lookup. Viktor, I know I've wandered way OT for this list, but I don't understand what's going on, and it sounds like you may... I pasted your dig command into a Mac on the local net and into a remote site. The Mac worked, but from the other site, I got the same timeout error you did. bind9 claims my config is correct (at both nameservers). Can you offer any ideas as to what's wrong? -- Glenn English ghe(a)slsware.com
From: Glenn English on 19 Mar 2010 13:15
On Mar 19, 2010, at 10:32 AM, Wietse Venema wrote: > Yahoo runs a modified qmail, and indeed: > > int dns_cname(sa) > stralloc *sa; > { > int r; > int loop; > for (loop = 0;loop < 10;++loop) > { > if (!sa->len) return loop; > if (sa->s[sa->len - 1] == ']') return loop; > if (sa->s[sa->len - 1] == '.') { --sa->len; continue; } > switch(resolve(sa,T_ANY)) > { > case DNS_MEM: return DNS_MEM; > case DNS_SOFT: return DNS_SOFT; > case DNS_HARD: return loop; > default: > ... > } > } > return DNS_HARD; /* alias loop */ > } But my understanding of the RFC says the MTA has to be an A. Why would they be looking for anything else? And does this code imply that the ghe@[<IP>] address would skip the T_ANY lookup, and would work? (I know it's supposed to work, but this is Yahoo modified qmail, not postfix :-) -- Glenn English ghe(a)slsware.com |