Sendmail: host name lookup failure

Paul A. Hoadley paulh at logicsquad.net
Wed Dec 22 20:39:11 PST 2004 

On Mon, Dec 20, 2004 at 10:54:42PM +1030, Paul A. Hoadley wrote:

> I have actually solved the problem.  I intend to post a summary for
> the archive when I return to the site later in the week, at which
> time I'll be able to identify the OS/nameserver combination at
> fault.

I am told it's running Windows 2000 DNS Server.  Presumably that's
Microsoft's own DNS implementation built into Windows 2000.

> Here's a teaser, though: it's a Microsoft product (I just don't know
> which), and it's returing SERVFAIL status for a AAAA record query.

Sometimes it behaves:

> dig tsb.coremedicalsolutions.com. AAAA

; <<>> DiG 9.3.0 <<>> tsb.coremedicalsolutions.com. AAAA
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8959
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;tsb.coremedicalsolutions.com.  IN      AAAA

;; AUTHORITY SECTION:
coremedicalsolutions.com. 3600  IN      SOA     archibald2.coremedicalsolutions.com. marc.coremedicalsolutions.com. 1480 900 600 86400 3600

;; Query time: 281 msec
;; SERVER: 192.168.10.2#53(192.168.10.2)
;; WHEN: Thu Dec 23 15:03:23 2004
;; MSG SIZE  rcvd: 98

But sendmail seems intent on asking for just about every permutation
on each domain name invovled, so sometimes it returns the bogus
answer:

> dig tsb AAAA

; <<>> DiG 9.3.0 <<>> tsb AAAA
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 43109
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;tsb.                           IN      AAAA

;; Query time: 245 msec
;; SERVER: 192.168.10.2#53(192.168.10.2)
;; WHEN: Thu Dec 23 15:04:42 2004
;; MSG SIZE  rcvd: 21

(By 'sometimes' I don't mean it's non-deterministic.  Every time
sendmail asks for the AAAA record of an unqualified hostname, the
nameserver responds with SERVFAIL.)

The consequence of this is that sendmail repeatedly defers delivery
until the mail expires.

> Curiously, sendmail's WorkAroundBrokenAAAA option did not help, and
> I don't know why.  Daryl Tester suggested using a mailertable entry,
> and this worked.

I still don't know why WorkAroundBrokenAAAA isn't working in this
case.


-- 
Paul.

w  http://logicsquad.net/
h  http://paul.hoadley.name/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20041223/3ec892ec/attachment.bin

More information about the freebsd-questions mailing list