Yahoo mail (qmail) pukes my DNS information

Brad Knowles brad.knowles at skynet.be
Sun Jul 1 22:17:53 UTC 2001


At 1:43 PM +0200 6/30/01, Chahine M. Hamila wrote:

>  The qmail bug is known to be activated when the DNS info size is bigger
>  than 512 bytes, which isn't the case for any kind of chaham.com query
>  AFAIK.

	It wouldn't surprise me that this would be a problem with qmail. 
Dan apparently believes that TCP should never be used for DNS 
queries, which is why djbdns does not support the use of TCP by 
default.

>  Can anyone of you there check the DNS, and especially MX info and tell
>  me if I'm doing something wrong? Thank you in advance,

	Here's what the latest version of "doc" says:

% doc -d chaham.com.
Doc-2.2.2: doc -d chaham.com.
Doc-2.2.2: Starting test of chaham.com.   parent is com.
Doc-2.2.2: Test date - Sun Jul  1 17:52:02 EDT 2001
DEBUG: digging @a.gtld-servers.net. for soa of com.
soa @a.gtld-servers.net. for com. has serial: 2001070100
DEBUG: digging @b.gtld-servers.net. for soa of com.
soa @b.gtld-servers.net. for com. has serial: 2001070100
DEBUG: digging @c.gtld-servers.net. for soa of com.
soa @c.gtld-servers.net. for com. has serial: 2001070100
DEBUG: digging @d.gtld-servers.net. for soa of com.
soa @d.gtld-servers.net. for com. has serial: 2001070100
DEBUG: digging @e.gtld-servers.net. for soa of com.
soa @e.gtld-servers.net. for com. has serial: 2001070100
DEBUG: digging @f.gtld-servers.net. for soa of com.
soa @f.gtld-servers.net. for com. has serial: 2001070100
DEBUG: digging @g.gtld-servers.net. for soa of com.
soa @g.gtld-servers.net. for com. has serial: 2001070100
DEBUG: digging @h.gtld-servers.net. for soa of com.
soa @h.gtld-servers.net. for com. has serial: 2001070100
DEBUG: digging @i.gtld-servers.net. for soa of com.
soa @i.gtld-servers.net. for com. has serial: 2001070100
DEBUG: digging @j.gtld-servers.net. for soa of com.
soa @j.gtld-servers.net. for com. has serial: 2001070100
DEBUG: digging @k.gtld-servers.net. for soa of com.
soa @k.gtld-servers.net. for com. has serial: 2001070100
DEBUG: digging @l.gtld-servers.net. for soa of com.
soa @l.gtld-servers.net. for com. has serial: 2001070100
DEBUG: digging @m.gtld-servers.net. for soa of com.
soa @m.gtld-servers.net. for com. has serial: 2001070100
SOA serial #'s agree for com. domain
Found 2 NS and 2 glue records for chaham.com. @a.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for chaham.com. @b.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for chaham.com. @c.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for chaham.com. @d.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for chaham.com. @e.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for chaham.com. @f.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for chaham.com. @g.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for chaham.com. @h.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for chaham.com. @i.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for chaham.com. @j.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for chaham.com. @k.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for chaham.com. @l.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for chaham.com. @m.gtld-servers.net. (non-AUTH)
DNServers for com.
    === 0 were also authoritatve for chaham.com.
    === 13 were non-authoritative for chaham.com.
Servers for com. (not also authoritative for chaham.com.)
    === agree on NS records for chaham.com.
DEBUG: domserv = ns.chaham.com. ns4.gandi.net.
NS list summary for chaham.com. from parent (com.) servers
   == ns.chaham.com. ns4.gandi.net.
digging @ns.chaham.com. for soa of chaham.com.
soa @ns.chaham.com. for chaham.com. serial: 1
digging @ns4.gandi.net. for soa of chaham.com.
soa @ns4.gandi.net. for chaham.com. serial:
ERROR: no SOA record for chaham.com. from ns4.gandi.net.
ERROR: NS list from chaham.com. authoritative servers does not
   === match NS list from parent (com.) servers
NS list summary for chaham.com. from authoritative servers
   == ns.chaham.com.
Checking 1 potential addresses for hosts at chaham.com.
   == 212.106.223.146
in-addr PTR record found for 212.106.223.146
Summary:
    ERRORS found for chaham.com. (count: 2)
Done testing chaham.com.  Sun Jul  1 17:52:07 EDT 2001

	However, "dnswalk" can't say very much:

% dnswalk -alF chaham.com.
Checking chaham.com.
BAD: chaham.com. has only one authoritative nameserver
Getting zone transfer of chaham.com. from ns.chaham.com...failed
FAIL: Zone transfer of chaham.com. from ns.chaham.com failed: couldn't connect
BAD: All zone transfer attempts of chaham.com. failed!
1 failures, 0 warnings, 2 errors.

	Trying "DNS Expert" from Men & Mice, I find:

                               DNS Expert
                    Detailed Report for chaham.com.
         7/1/01, 11:56 PM, using the analysis setting "Minimal"
======================================================================

Information
----------------------------------------------------------------------
Serial number:           1
Primary name server:     ns.chaham.com.
Primary mail server:     mail.chaham.com.
Number of records:       N/A


Errors
----------------------------------------------------------------------
o Non-authoritative data received from the server "ns4.gandi.net."
     The server "ns4.gandi.net." is listed as being authoritative for
     the domain, but it does not contain authoritative data for it.

o Unable to contact "ns.chaham.com."
     It was not possible to establish a connection with the server
     "ns.chaham.com.".  This server will not be used to check
     information about the zone.


Warnings
----------------------------------------------------------------------
o Zone transfer from authoritative servers not possible
     It was not possible to perform a zone transfer from any of the
     authoritative name servers for the zone.  This will limit the
     range of tests performed for the zone.

o There is only one NS record in the zone
     The zone contains only one NS record.  Every zone should contain
     two or more NS records, and the NS records in the zone should
     match the delegation data for the domain.


----------------------------------------------------------------------
end of report


	Looking at just the information about the zone itself, we find:

% dig chaham.com. any

; <<>> DiG 9.1.2 <<>> chaham.com. any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29426
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 2

;; QUESTION SECTION:
;chaham.com.                    IN      ANY

;; ANSWER SECTION:
chaham.com.             604792  IN      NS      ns.chaham.com.
chaham.com.             604792  IN      A       212.106.223.146
chaham.com.             604795  IN      MX      10 mail.chaham.com.

;; AUTHORITY SECTION:
chaham.com.             604792  IN      NS      ns.chaham.com.

;; ADDITIONAL SECTION:
ns.chaham.com.          172770  IN      A       212.106.223.146
mail.chaham.com.        604795  IN      A       212.106.223.146

;; Query time: 2 msec
;; WHEN: Sun Jul  1 17:52:36 2001
;; MSG SIZE  rcvd: 128


	There may well be plenty of bugs in qmail, but you've got one 
nameserver that is non-authoritative, and the other one apparently 
doesn't answer queries at all.  That would be likely to cause 
problems getting mail to you, regardless of any other bugs that might 
be in qmail.

-- 
Brad Knowles, <brad.knowles at skynet.be>

/*        efdtt.c  Author:  Charles M. Hannum <root at ihack.net>          */
/*       Represented as 1045 digit prime number by Phil Carmody         */
/*     Prime as DNS cname chain by Roy Arends and Walter Belgers        */
/*                                                                      */
/*     Usage is:  cat title-key scrambled.vob | efdtt >clear.vob        */
/*   where title-key = "153 2 8 105 225" or other similar 5-byte key    */

dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'


More information about the bind-users mailing list