BIND8's useless messages

Brad Knowles blk at skynet.be
Tue Jul 18 18:20:57 UTC 2000 

At 10:55 PM -0700 2000/7/17, Andris Kalnozols wrote:

>    3. Sendmail initially issues a query of record-type ANY which
>       causes the retrieval of the bad SOA RR.  Sendmail notices
>       the rejected query and (re-)queues the message.  Delivery
>       ultimately fails if the the remote site's DNS is not fixed
>       before the queue timeout interval is reached.

	This is related to the issue of older versions of sendmail that 
used to defer the message if they got a DNS truncation in the 
additional section, as a result of doing the "ANY" query.  I was 
talking to Nick Christenson about this today, and it is my 
understanding that this has been fixed with version 8.10, in that it 
falls back and tries explicit "MX" followed by "A" queries (as 
appropriate), if the "ANY" query should fail with truncation.

	It is also my understanding that the whole "ANY" query issue has 
been a long-standing one, and would suggest that you separately bring 
up this matter relative to the problem you've seen, to the 
sendmail.org folks.

>  I haven't tested this, but sendmail's insistence on using the
>  ANY query is alleged to also make it vulnerable to ignoring MX
>  RRs under the following scenario:
>
>    @         8H IN A    1.2.3.4
>              4H IN MX   5  mailhost
>    mailhost  8H IN A    1.2.3.9
>
>  If the A RRs are still cached after the MX RR has expired,
>  sendmail will (allegedly) attempt delivery to 1.2.3.4 instead
>  of 1.2.3.9.

	This should only happen if the TryNullMXList option is set to 
"true", which I believe is not the case by default.  Yes, sendmail 
gives you enough rope to hang yourself here, but it has been my 
experience with more recent versions of sendmail that they force you 
to turn this option on if you want it.  Of course, anyone who 
configures their mail server to act in this manner takes the 
responsibility for what happens as a result.

--
   These are my opinions -- not to be taken as official Skynet policy
======================================================================
Brad Knowles, <blk at skynet.be>                || Belgacom Skynet SA/NV
Systems Architect, Mail/News/FTP/Proxy Admin || Rue Colonel Bourg, 124
Phone/Fax: +32-2-706.13.11/12.49             || B-1140 Brussels
http://www.skynet.be                         || Belgium

More information about the bind-workers mailing list