Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Qmail: users

CNAME lookup failed temporarily errors

 

 

Qmail users RSS feed   Index | Next | Previous | View Threaded


jorgen at hovland

Aug 31, 2005, 4:24 AM

Post #1 of 6 (21520 views)
Permalink
CNAME lookup failed temporarily errors

Hi

We have a problem receiving email from something that looks like a qmail
mailserver. The errormessage is
"CNAME lookup failed temporarily "

The target domain is checkpoint.no. While searching through the archives I
can only find someone commenting on that this errormessage is caused by too
oversized dns replies.
The dns reply doing a MX lookup for the domain is 221 bytes so I believe
this is not the case.

Does anyone have any other suggestions?
There are two mx records for the recipient domain checkpoint.no. At the
moment both records point to the same ip address'.


Cheers,

Joergen

> -----Original Message-----
> From: a
> Sent: 31. august 2005 12:58
> To: Jørgen Hovland
> Subject: FW: SkyScan Expired Delivery Retry Notification (2 days ): Stock
> salg CCAP.xls
>
>
> -----Original Message-----
> From: MAILER-DAEMON [at] x
> [mailto:MAILER-DAEMON [at] x]
> Sent: 31. august 2005 13:02
> To: a [at] b
> Subject: SkyScan Expired Delivery Retry Notification (2 days ): Stock
> salg CCAP.xls
>
>
> This is the mail delivery agent at messagelabs.com.
> I was not able to deliver your message to the following addresses.
>
> <nnnn%&nnn=@checkpoint.no>:
> CNAME lookup failed temporarily. (#4.4.3)
> Despite repeated attempts, this message could not be delivered.
>
> --- Below this line is a copy of the message.
>
> Return-Path: <a>
> X-VirusChecked: Checked
> X-Env-Sender: a
> X-Msg-Ref: server-8.tower-26.messagelabs.com!1125313308!0!1
> X-StarScan-Version: 5.4.15; banners=emimusic.com,-,-
> X-Originating-IP: [212.161.82.5]
> Received: (qmail 12254 invoked from network); 29 Aug 2005 11:01:48 -0000
> Received: from unknown (HELO SLONP09E.eur.emigrp.com) (212.161.82.5)
> by server-8.tower-26.messagelabs.com with SMTP; 29 Aug 2005 11:01:48 -
> 0000
> Received: by slonp09e.eur.emigrp.com with Internet Mail Service
> (5.5.2657.72)
> id <RP3XB5VT>; Mon, 29 Aug 2005 12:01:48 +0100
> Message-ID: <1E542755E94CD4118CF60000F67CB0F10244DC8E [at] SOSLA04>
> From: a
> To: nnnn%&nnn=@checkpoint.no
> Subject: Stock salg CCAP.xls
> Date: Mon, 29 Aug 2005 11:57:34 +0100
> MIME-Version: 1.0
> X-Mailer: Internet Mail Service (5.5.2657.72)
> Content-Type: application/vnd.ms-excel;
> name="Stock salg CCAP.xls"
> Content-Transfer-Encoding: base64
> Content-Disposition: attachment;
> filename="Stock salg CCAP.xls"
>

> --Message Truncated--
>


safari-qmail at safari

Aug 31, 2005, 8:05 AM

Post #2 of 6 (21376 views)
Permalink
Re: CNAME lookup failed temporarily errors [In reply to]

On Wed, Aug 31, 2005 at 01:24:52PM +0200, Jørgen Hovland wrote:
> Hi
>
> We have a problem receiving email from something that looks like a qmail
> mailserver. The errormessage is
> "CNAME lookup failed temporarily "
>
> The target domain is checkpoint.no. While searching through the archives I
> can only find someone commenting on that this errormessage is caused by too
> oversized dns replies.
> The dns reply doing a MX lookup for the domain is 221 bytes so I believe
> this is not the case.

qmail-remote in qmail-1.03 does ANY lookup before MX.

$ dnsq any checkpoint.no authns02.hipercom.no
dnsq: fatal: unable to parse: protocol error

Because checkpoint.no is FUBAR, qmail-1.03 ends up with
"CNAME lookup failed temporarily" situation.
If you want to send email to checkpoint.no using qmail,
you either have to hack smtproutes or change
switch(resolve(sa,T_ANY))
to
switch(resolve(sa,T_CNAME))
(in dns.c) and recompile + reinstall.

--


qmail at discworld

Aug 31, 2005, 10:15 AM

Post #3 of 6 (21384 views)
Permalink
Re: CNAME lookup failed temporarily errors [In reply to]

Sami Farin <safari-qmail [at] safari> wrote:
>
> $ dnsq any checkpoint.no authns02.hipercom.no
> dnsq: fatal: unable to parse: protocol error
>
> Because checkpoint.no is FUBAR, qmail-1.03 ends up with
> "CNAME lookup failed temporarily" situation.
> If you want to send email to checkpoint.no using qmail,
> you either have to hack smtproutes or change
> switch(resolve(sa,T_ANY))
> to
> switch(resolve(sa,T_CNAME))
> (in dns.c) and recompile + reinstall.

Probably not a good idea. See qmail's CHANGES file for why this was done in
the first place:

19961003 portability problem: all pre-4.9.4 versions of bind barf, badly, on
CNAME queries to lame servers. what a crappy system. even if the resolver
doesn't barf, the next name server down the line may barf. impact: qmail
can't get mail through to domains that are (1) lame and (2) running old
versions of bind. fix: never, ever, do a CNAME query. dns_cname() now does
an ANY query instead. this, like sendmail's analogous procedure, is
unreliable when a CNAME is mixed with other records.

Charles
--
--------------------------------------------------------------------------
Charles Cazabon <qmail [at] discworld>
Read http://pyropus.ca/personal/writings/12-steps-to-qmail-list-bliss.html
My services include qmail consulting. See http://pyropus.ca/ for details.
--------------------------------------------------------------------------


safari-qmail at safari

Aug 31, 2005, 10:21 AM

Post #4 of 6 (21384 views)
Permalink
Re: CNAME lookup failed temporarily errors [In reply to]

On Wed, Aug 31, 2005 at 11:15:45AM -0600, Charles Cazabon wrote:
> Sami Farin <safari-qmail [at] safari> wrote:
> >
> > $ dnsq any checkpoint.no authns02.hipercom.no
> > dnsq: fatal: unable to parse: protocol error
> >
> > Because checkpoint.no is FUBAR, qmail-1.03 ends up with
> > "CNAME lookup failed temporarily" situation.
> > If you want to send email to checkpoint.no using qmail,
> > you either have to hack smtproutes or change
> > switch(resolve(sa,T_ANY))
> > to
> > switch(resolve(sa,T_CNAME))
> > (in dns.c) and recompile + reinstall.
>
> Probably not a good idea. See qmail's CHANGES file for why this was done in
> the first place:
>
> 19961003 portability problem: all pre-4.9.4 versions of bind barf, badly, on

So, Charles, do you run pre-4.9.4 version of BIND?
Do you know someone who does?

--


qmail at discworld

Aug 31, 2005, 10:27 AM

Post #5 of 6 (21374 views)
Permalink
Re: CNAME lookup failed temporarily errors [In reply to]

Sami Farin <safari-qmail [at] safari> wrote:
> > Probably not a good idea. See qmail's CHANGES file for why this was done
> > in the first place:
> >
> > 19961003 portability problem: all pre-4.9.4 versions of bind barf,
> > badly, on
>
> So, Charles, do you run pre-4.9.4 version of BIND?

No. I lost my taste for being remotely exploited some time ago.

> Do you know someone who does?

Yes: there are surprisingly large numbers of ancient, vulnerable BIND and
sendmail installations still on the 'net.

Charles
--
--------------------------------------------------------------------------
Charles Cazabon <qmail [at] discworld>
Read http://pyropus.ca/personal/writings/12-steps-to-qmail-list-bliss.html
My services include qmail consulting. See http://pyropus.ca/ for details.
--------------------------------------------------------------------------


J.deBoynePollard-newsgroups at NTLWorld

Sep 1, 2005, 6:51 AM

Post #6 of 6 (21386 views)
Permalink
Re: CNAME lookup failed temporarily errors [In reply to]

"CNAME lookup failed temporarily "


Always read http://www.faqts.com/knowledge_base/view.phtml/aid/28942/fid/284"]FAQTS before posting.

Qmail users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.