On Thu, 13 Aug 1998, Tabor J. Wells wrote:
> I have something of a weird problem with an address not being allowed into
> our relay servers (which are running 1.82, but I can also duplicate this
> on 2.02). Basically whats happening is the MX lookup for the FQDN returns
> a "TRY_AGAIN" and exim gives up at that point. However, on another address
> without MX records, that MX lookup returns "NO_DATA" and exim procedes to
> check the A records and accepts the mail in. Arguably the "TRY_AGAIN"
> response is the inappropriate response, but shouldn't exim procede to
> check the A record as well in that case?
No, I don't believe it should. The rules are quite clear. Only if there
are no MX records for a domain is an MTA permitted to search for an A
record. If the DNS gives a TRY_AGAIN error, you just don't know whether
there are MX records or not. It might just be that the wire to the
nameserver is temporarily broken. There are plenty of domains for which
sending to the host given by the A record rather than those pointed to
by the MX records will cause mail to be rejected or otherwise
misdelivered.
Having said that, Exim does have an option which you can use to make it
live dangerously. Check out the dns_again_means_nonexist option.
I wish I knew why so many MX queries give TRY_AGAIN. Sometimes it is
caused by a misconfigured DNS zone. For example, a record like
x.y.z. MX a.b.c
(i.e. with a missing preference value) can cause it on some nameservers,
as can
x.y.z. MX 5 [1.2.3.4]
but it does seem to be remarkably common. [Everybody should be using my
makezones Perl script to build their DNS zones. It applies rigorous
syntax checks that catch that kind of thing.]
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
--
*** Exim information can be found at
http://www.exim.org/ ***