|
General software and network General OS-independent software and network questions, X11, MTA, routing, etc. |
|
Thread Tools | Display Modes |
|
|
|||
sendmail host name lookup failure
Hello everybody.
I run sendmail 8.14.2 on FreeBSD 5.5, 6.3 and 7.0 (from ports on 5.5, default on 6.3 and 7.0) in a small testing lan, behind a snat router which hosts a 9.3.3 bind name server. The domain name is not public, say aaa.bbb.ccc and the 3 machines are fbsd-5, fbsd-6 and fbsd-7. Name resolution is ok, tested with host and dig. If I want to send emails from any of the 3 bsd's to another machine, say fc-6, user test, the mail is sent from fbsd-7, but not from the fbsd-5 and fbsd-6, error "stat=Deferred: Name server: fc-6.aaa.bbb.ccc.: host name lookup failure". The sendmail servers have the same configuration (the default one - including WorkAroundBrokenAAAA) , all are compiled with NAMED_BIND, sendmail is enabled in rc.conf. After some sniffing of the bind conversations I found that: - all the 3 bsd's send A requests at some point in the conversation and receive the right response; - all of the bsd's send AAAA requests and receive NOERR responses from the name server (I do not use ipv6); - all except fbsd-7 request AAAA for fc-6. receiving ServFail as response. This is weird!! Is the problem sendmail related or resolver library related? I googled for 2 days, no solution, except recompiling sendmail without ipv6 support. |
|
|||
A mailserver first will try to lookup the MX (Mail eXchanger) DNS record.
On my local LAN with DJBDNS nameservers Code:
]dig +norecurse -t mx utp.xnet @192.168.222.11 ; <<>> DiG 9.3.4 <<>> +norecurse -t mx utp.xnet @192.168.222.11 ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6504 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2 ;; QUESTION SECTION: ;utp.xnet. IN MX ;; ANSWER SECTION: utp.xnet. 604800 IN MX 0 mail.utp.xnet. ;; AUTHORITY SECTION: utp.xnet. 259200 IN NS ns1.utp.xnet. ;; ADDITIONAL SECTION: mail.utp.xnet. 604800 IN A 192.168.222.10 ns1.utp.xnet. 259200 IN A 192.168.222.11 ;; Query time: 1 msec ;; SERVER: 192.168.222.11#53(192.168.222.11) ;; WHEN: Wed May 21 23:08:42 2008 ;; MSG SIZE rcvd: 97 From the sending sendmail box, can you do the MX and A record lookups manually with dig? What do they produce? If you modified the DNS records, please restart BIND so it will not answer queries from the old cached records. BTW To sniff DNS traffic I use Code:
tcpdump -nvv -i re0 -s512 port domain
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Quote:
Quote:
Quote:
|
|
|||
I've attached the output of:
#sendmail -q -d8.8 -v Is there any reason for sendmail to send queries for the unqualified hostname? I think the problem is here. |
|
|||
I also find it strange that it tries lookups for fc6
There is another file, which influences name lookup. It is called /etc/nsswitch.conf See http://www.freebsd.org/cgi/man.cgi?q...SE&format=html Do you have such a file? What is in it? What is the "/etc/hosts" file?
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
The files are the default ones.
Quote:
Quote:
Seems like a bug in the ipv6 resolver of sendmail 8.14.2, used by the default sendmail configuration on freeBSD 5.5 and 6.3. The things are quite different in the 7.3 release sendmail, 8.14.2 too: Quote:
|
|
|||
I am glad to hear that the problem disappears by recompiling sendmail without IPv6 support.
Unfortunately at this moment, I don't have the time to find out whether sendmail uses the system resolver or not. I just moved house and have to spend my time painting the new house on the inside as well on the outside
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Quote:
J65nko, thank you for your replies and.....smile, tomorrow could be worse |
|
|||
Hello again.
Time has passed but the problem is still there, even in the new stable release 6.4: sendmail (now 8.14.3, the latest) queries the name-server for the AAAA record of the _unqualified_ hostname of the recipient domain mail-server after it had obtained the ipv4 address of the qualified hostname: PHP Code:
PHP Code:
As of the sendmail/resolver issue, this is not present on the 7.1 release (8.14.3 again): PHP Code:
PHP Code:
|
|
|||
Code:
NAME resolver -- resolver configuration file SYNOPSIS resolv.conf DESCRIPTION The resolver(3) is a set of routines in the C library which provide access to the Internet Domain Name System. The resolver configuration file contains information that is read by the resolver routines the first time they are invoked by a process. The file is designed to be human readable and contains a list of keywords with values that provide various types of resolver information.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Sendmail | Timmy66 | OpenBSD General | 11 | 19th October 2008 03:01 PM |
sendmail dont boot | dejabu18 | FreeBSD Ports and Packages | 0 | 8th October 2008 02:07 PM |
Sendmail 8.14.2 undisclosed DNSBL lookup failure and NOQUEUE errors (FreeBSD 7.0) | NathanPardoe | FreeBSD General | 9 | 21st May 2008 12:00 AM |
Using sendmail in a cron job | erehwon | OpenBSD General | 6 | 15th May 2008 09:03 PM |
Sendmail, issues... | pcfxer | FreeBSD General | 2 | 8th May 2008 10:07 AM |