curious DNS behavior (slow?) and related sendmail bug
Linda W
bind at tlinx.org
Tue Sep 16 18:07:23 UTC 2003
looking for MX list for groups.queernet.org....(trying to debug a sendmail
problem that returns errors like this:
---------------- (if anyone has a clue or has seen sendmail do this before,
please email me OL...I'm going crazy^hier)
The original message was received at Sun, 14 Sep 2003 16:08:51 -0700
from shiva [192.168.3.20]
----- The following addresses had permanent fatal errors -----
<bind at isc.org>
----- Transcript of session follows -----
550 5.1.2 <bind at isc.org>... Host unknown (Name server: mx-2.isc.org.: host not found)
Reporting-MTA: dns; ishtar.tlinx.org
Received-From-MTA: DNS; shiva
Arrival-Date: Sun, 14 Sep 2003 16:08:51 -0700
Final-Recipient: RFC822; bind at isc.org
Action: failed
Status: 5.1.2
Remote-MTA: DNS; mx-2.isc.org
Last-Attempt-Date: Sun, 14 Sep 2003 16:08:51 -0700
----------------
So tried using sendmail from cmd line -- got same message as above (except
for "queernet") (little did they know, they were being used as my test
subject! :-))
My going back to basics attempt was to try to submit the email directly to
their MX machine and see if that took a post (it did), but along the way
to the "forum"....I encountered some wierd time delays in getting MX
information. Note locally, I get no return MX record.
ishtar:# dig -t MX groups.queernet.org
; <<>> DiG 9.2.2 <<>> -t MX groups.queernet.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44892
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;groups.queernet.org. IN MX
;; AUTHORITY SECTION:
queernet.org. 250 IN SOA onlinepolicy.org. hostmaster.onlinepolicy.org. 2000011254 14400 3600 1728000 14400
;; Query time: 7 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Sep 16 08:56:20 2003
;; MSG SIZE rcvd: 97
Trying my ISP's name server and it's worse:
ishtar:# dig @ns1.speakeasy.net -t MX groups.queernet.org
; <<>> DiG 9.2.2 <<>> @ns1.speakeasy.net -t MX groups.queernet.org
;; global options: printcmd
;; connection timed out; no servers could be reached
ishtar:# dig @ns.speakeasy.net -t MX groups.queernet.org
dig: Couldn't find server 'ns.speakeasy.net': Name or service not known
ishtar:# dig @ns1.speakeasy.net -t MX queernet.org
; <<>> DiG 9.2.2 <<>> @ns1.speakeasy.net -t MX queernet.org
;; global options: printcmd
;; connection timed out; no servers could be reached
ishtar:# dig @ns1.speakeasy.net -t A queernet.org
; <<>> DiG 9.2.2 <<>> @ns1.speakeasy.net -t A queernet.org
;; global options: printcmd
;; connection timed out; no servers could be reached
But yes -- my nameserver (doesn't use their name server, I tie in through
the root servers) at least knows about the site
ishtar:# dig -t A queernet.org
; <<>> DiG 9.2.2 <<>> -t A queernet.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45939
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 5
;; QUESTION SECTION:
;queernet.org. IN A
;; ANSWER SECTION:
queernet.org. 300 IN A 64.62.161.196
;; AUTHORITY SECTION:
queernet.org. 300 IN NS ns1.everydns.net.
queernet.org. 300 IN NS ns2.everydns.net.
queernet.org. 300 IN NS ns2.onlinepolicy.net.
queernet.org. 300 IN NS ns3.everydns.net.
queernet.org. 300 IN NS ns4.everydns.net.
;; ADDITIONAL SECTION:
ns1.everydns.net. 104158 IN A 209.75.39.141
ns2.everydns.net. 104158 IN A 216.218.240.206
ns2.onlinepolicy.net. 104158 IN A 64.62.161.193
ns3.everydns.net. 104158 IN A 81.17.40.70
ns4.everydns.net. 104158 IN A 63.219.183.200
;; Query time: 16 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Sep 16 08:59:23 2003
;; MSG SIZE rcvd: 241
ishtar:# dig +trace @ns.speakyeasy.net -t ANY queernet.org
; <<>> DiG 9.2.2 <<>> +trace @ns.speakyeasy.net -t ANY queernet.org
;; global options: printcmd
;; connection timed out; no servers could be reached
ISP NS still doesn't even know who they are....
but now...using dig with a +trace....and I get the MX record. Slight
sidenote -- why would "ANY" not return any "A" records? But it did
return the NS/MX records. I though (perhaps erroneously) that ANY meant
return ANY record found -- or "ALL" records (including "A")?
ishtar:# dig +trace -t ANY queernet.org
; <<>> DiG 9.2.2 <<>> +trace -t ANY queernet.org
;; global options: printcmd
. 448592 IN NS I.ROOT-SERVERS.NET.
. 448592 IN NS J.ROOT-SERVERS.NET.
. 448592 IN NS K.ROOT-SERVERS.NET.
. 448592 IN NS L.ROOT-SERVERS.NET.
. 448592 IN NS M.ROOT-SERVERS.NET.
. 448592 IN NS A.ROOT-SERVERS.NET.
. 448592 IN NS B.ROOT-SERVERS.NET.
. 448592 IN NS C.ROOT-SERVERS.NET.
. 448592 IN NS D.ROOT-SERVERS.NET.
. 448592 IN NS E.ROOT-SERVERS.NET.
. 448592 IN NS F.ROOT-SERVERS.NET.
. 448592 IN NS G.ROOT-SERVERS.NET.
. 448592 IN NS H.ROOT-SERVERS.NET.
;; Received 436 bytes from 127.0.0.1#53(127.0.0.1) in 1 ms
org. 172800 IN NS TLD1.ULTRADNS.NET.
org. 172800 IN NS TLD2.ULTRADNS.NET.
;; Received 112 bytes from 192.36.148.17#53(I.ROOT-SERVERS.NET) in 158 ms
queernet.org. 86400 IN NS ns4.everydns.net.
queernet.org. 86400 IN NS ns3.everydns.net.
queernet.org. 86400 IN NS ns2.onlinepolicy.net.
queernet.org. 86400 IN NS ns2.everydns.net.
queernet.org. 86400 IN NS ns1.everydns.net.
ORG. 86400 IN NS TLD2.ULTRADNS.NET.
ORG. 86400 IN NS TLD1.ULTRADNS.NET.
;; Received 230 bytes from 204.74.113.1#53(TLD2.ULTRADNS.NET) in 172 ms
ishtar:# dig +trace -t MX queernet.org
; <<>> DiG 9.2.2 <<>> +trace -t MX queernet.org
;; global options: printcmd
. 448579 IN NS F.ROOT-SERVERS.NET.
. 448579 IN NS G.ROOT-SERVERS.NET.
. 448579 IN NS H.ROOT-SERVERS.NET.
. 448579 IN NS I.ROOT-SERVERS.NET.
. 448579 IN NS J.ROOT-SERVERS.NET.
. 448579 IN NS K.ROOT-SERVERS.NET.
. 448579 IN NS L.ROOT-SERVERS.NET.
. 448579 IN NS M.ROOT-SERVERS.NET.
. 448579 IN NS A.ROOT-SERVERS.NET.
. 448579 IN NS B.ROOT-SERVERS.NET.
. 448579 IN NS C.ROOT-SERVERS.NET.
. 448579 IN NS D.ROOT-SERVERS.NET.
. 448579 IN NS E.ROOT-SERVERS.NET.
;; Received 436 bytes from 127.0.0.1#53(127.0.0.1) in 1 ms
org. 172800 IN NS TLD2.ULTRADNS.NET.
org. 172800 IN NS TLD1.ULTRADNS.NET.
;; Received 112 bytes from 192.5.5.241#53(F.ROOT-SERVERS.NET) in 31 ms
queernet.org. 86400 IN NS ns4.everydns.net.
queernet.org. 86400 IN NS ns3.everydns.net.
queernet.org. 86400 IN NS ns2.onlinepolicy.net.
queernet.org. 86400 IN NS ns2.everydns.net.
queernet.org. 86400 IN NS ns1.everydns.net.
;; Received 145 bytes from 204.74.113.1#53(TLD2.ULTRADNS.NET) in 259 ms
queernet.org. 300 IN MX 20 mailbox.onlinepolicy.net.
queernet.org. 300 IN NS ns1.everydns.net.
queernet.org. 300 IN NS ns2.everydns.net.
queernet.org. 300 IN NS ns2.onlinepolicy.net.
queernet.org. 300 IN NS ns3.everydns.net.
queernet.org. 300 IN NS ns4.everydns.net.
;; Received 329 bytes from 63.219.183.200#53(ns4.everydns.net) in 74 ms
I actually "missed" the MX record and sent the emaill by telnetting to
the sendmail socket and speaking SMPTese (very rusty) on groups.queernet.net
and that did accept the email -- might be a pseudo for
mailbox.onlinepolicy.net...dunno.
But 10 minutes later...my ISP also had fetched and "knew" the A, NS and MX
records.
If a normal program ran and was using my ISP's name server as its sole
addr resolution service, wouldn't the email have just returned to me
instantly as 'host not found' Or would a normal email program have
detected the "timeout" and just retried in 5-10 minutes? It seems it
certainly would slow down interactive web-browsing to have to wait 5 minutes
for a name lookup to complete.
Still dunno why my sendmail isn't talking to other sendmail's though. It
used to work, but been trying to debug an outlook problem -- when I downloaded
the patch for the MS-blaster worm in July, I didn't get worm, but I did
get the patch --- which disabled outlook from being able to read email
of my local IMAP server (which, I suppose, is one way of preventing
email viruses 'cept blaster was port 135). Mozilla, of course, can still
read emails, but it seems to be affected by my sendmail problem I've
managed to create along the way (lucky me). Not sure how -- not the best
focus on debugging, and trying too many random things (pain meds I'm on for
RSI disability problems/pain).
Will probably send this same way -- talk to iscs.org's MX server...become
an efficient sendmail deamon -- objective in life?...sigh
-Linda
p.s. If I don't respond, don't take it personally, it's really a pain to
do manual sendmail via telnetting to remote system.
More information about the bind-users
mailing list