sendmail and bind

Kevin Darcy kcd at daimlerchrysler.com
Wed Oct 24 21:23:55 UTC 2001


sendmail 8.11 does ANY queries as an opportunistic way to enhance performance.
If the nameserver happens to have both MX and A records available in its cache,
then an ANY query can fetch both RRsets in a single query. But when the
nameserver doesn't have *any* records cached, the ANY query is a bit of a
waste, since it's not treated recursively and therefore sendmail has to go and
query each record type individually anyway.

For some reason, the nameserver that sch1p297 is using is having a tough time
resolving the A and MX records for cna.com. Are you sure they are configured
exactly the same, not only in terms of BIND configuration, but also in terms of
network connectivity and/or firewall rules?


- Kevin

"Boex,Matthew W." wrote:

> question.  i am seeing some weird things when sending inbound mail from our
> smtp server.  first, we have two machines handling our smtp traffic.  both
> machines are configured exactly the same, sendmail ( 8.11 ) and dns ( bind
> 8.1.2.).  each machine is running on HP-UX 11.0.   each machine has its own
> copy of bind ( caching ) running locally, with only localhost and the root
> hints file in the named.conf.
>
> our inbound mail is configured to use a mailer definition table.  the
> inbound server ( defined in the mailer definition table in sendmail.cf ) is
> wch1xi03.cna.com.  the ip address for it is in our host file.  we do have
> nsswitch properly configured to check hosts, then dns.
>
> here is the weird part.  on one machine sch1p312, it there is no delay
> sending inbound mail.  the other, sch1p297, has about a 30 sec. delay
> sending inbound.  both machines are exactly the same.
>
> here is a inbound test with dns debug on for each machine.  as you can see,
> sch1p297 is attempting more lookups than sch1p312.  how can this possibly be
> ?  also, why doesn't dns fall back on the host file immediately ?
>
> -------------------------------------------------------------------------
>
> sch1p312 ( this test took about 3 secs. to send )
>
> sendmail -d8.8 -vv matthew.boex at cna.com < test
>
> RES_DEBUG not available due to SFIO
> dns_getcanonname(cna.com, trymx=1)
> dns_getcanonname: trying cna.com. (ANY)
>         YES
> dns_getcanonname: cna.com
> getmxrr([cna.com], droplocalhost=1)
> dns_getcanonname(cna.com, trymx=0)
> dns_getcanonname: trying cna.com. (ANY)
>         YES
> dns_getcanonname: cna.com
> getmxrr(wch1xi03.cna.com, droplocalhost=1)
> getmxrr: res_search(wch1xi03.cna.com) failed (errno=0, h_errno=0)
> dns_getcanonname(wch1xi03.cna.com, trymx=0)
> dns_getcanonname: trying wch1xi03.cna.com. (ANY)
>         YES
> dns_getcanonname: wch1xi03.cna.com
> matthew.boex at cna.com... Connecting to wch1xi03.cna.com. via XCHANGE...
> 220 wch1xi03.cna.com InterScan VirusWall NT ESMTP 3.51 (build 1366) ready at
> Wed, 24 Oct 2001 12:33:29 -0500
> >>> EHLO sch1p312.cna.com
> 250-wch1xi03.cna.com supports the following ESMTP extensions:
> 250 SIZE 5242880
> >>> MAIL From:<root> SIZE=95
> 250 <root>: Sender Ok
> >>> RCPT To:<matthew.boex at cna.com>
> 250 <matthew.boex at cna.com>: Recipient Ok
> >>> DATA
> 354 wch1xi03.cna.com: Send data now.  Terminate with "."
> >>> .
> 250 wch1xi03.cna.com: Message accepted for delivery
> matthew.boex at cna.com... Sent (wch1xi03.cna.com: Message accepted for
> delivery)
> Closing connection to wch1xi03.cna.com.
> >>> QUIT
> 221 wch1xi03.cna.com closing connection. Goodbye!
>
> -------------------------------------------------------------------------
> sch1p297 ( this test took about 30 secs. to send in )
>
> sendmail -d8.8 -vv matthew.boex at cna.com < test
>
> RES_DEBUG not available due to SFIO
> dns_getcanonname(cna.com, trymx=1)
> dns_getcanonname: trying cna.com. (ANY)
>         YES
> dns_getcanonname: trying cna.com. (A)
>         NO: errno=0, h_errno=0
> dns_getcanonname: trying cna.com. (MX)
>         YES
> dns_getcanonname: cna.com
> getmxrr([cna.com], droplocalhost=1)
> dns_getcanonname(cna.com, trymx=0)
> dns_getcanonname: trying cna.com. (ANY)
>         YES
> dns_getcanonname: trying cna.com. (A)
>         NO: errno=0, h_errno=0
> dns_getcanonname: trying cna.com. (MX)
>         YES
> dns_getcanonname: cna.com
> getmxrr(wch1xi03.cna.com, droplocalhost=1)
> getmxrr: res_search(wch1xi03.cna.com) failed (errno=0, h_errno=0)
> dns_getcanonname(wch1xi03.cna.com, trymx=0)
> dns_getcanonname: trying wch1xi03.cna.com. (ANY)
>         YES
> dns_getcanonname: wch1xi03.cna.com
> matthew.boex at cna.com... Connecting to wch1xi03.cna.com. via XCHANGE...
> 220 wch1xi03.cna.com InterScan VirusWall NT ESMTP 3.51 (build 1366) ready at
> Wed, 24 Oct 2001 12:38:06 -0500
> >>> EHLO sch1p297.cna.com
> 250-wch1xi03.cna.com supports the following ESMTP extensions:
> 250 SIZE 5242880
> >>> MAIL From:<root> SIZE=109
> 250 <root>: Sender Ok
> >>> RCPT To:<matthew.boex at cna.com>
> 250 <matthew.boex at cna.com>: Recipient Ok
> >>> DATA
> 354 wch1xi03.cna.com: Send data now.  Terminate with "."
> >>> .
> 250 wch1xi03.cna.com: Message accepted for delivery
> matthew.boex at cna.com... Sent (wch1xi03.cna.com: Message accepted for
> delivery)
> Closing connection to wch1xi03.cna.com.
> >>> QUIT
> 221 wch1xi03.cna.com closing connection. Goodbye!
>
> Matthew Boex
> Sendmail Group
> 312.822.3955



More information about the bind-users mailing list