[ On Tuesday, April 8, 2003 at 18:34:59 (+0100), Adam Newby wrote: ]
> Subject: Re: [Exim] 'Unrouteable mail domain'/sporadic MX lookup failures
>
> We are attempting to establish if the intermittent DNS problems are
> related to our local DNS server, or the DNS servers for the domains to
> which we want to send email. If it is the latter, implementing your
> suggestion would entail contacting everyone on the Internet who has a mail
> server to ask them never to mess up their MX records, which doesn't seem
> feasible to me.
It's _extremely_ unlikely that the problem is so widespread that it
could be affecting all your destination domains equally. I certainly
don't see such problems with any mailers I run, and it would seem that
other Exim users don't have similar problems either. If such a problem
were widespread then the DNS would soon fall into disuse from being too
unreliable.
I.e. it's most likely your own caching nameserver's fault.
Almost certainly in fact, though it does depend a bit on just what kind
of distribution of domains you're seeing this error across -- it is
possible if you don't see this problem with many different domains that
one or two of your destination domains have really badly broken DNS
infrastructure, but you haven't given any clues for us to help you with
here).
> Retrying on an MX lookup failure, as far as I know, would not break any
> rules, and would only involve extra work on the part of our mail server
> and not that of others.
Well, it depends on the exact nature of the failure. I'm certain Exim
already retries MX lookup failures if the error status is one of the
possible "temporary" DNS errors.
However if the error status is NOERROR with zero matching records in the
ANSWERS section then you really Really REALLY do want and need your
mailer to immediately bounce the message.
For example my xterms don't have an MX in the DNS for their hostnames:
(only the nameserver's name and address have been obfuscated)
$ host -d -t mx xtremely caching.nameserver.example
;; res_mkquery(0, xtremely.weird.com, 1, 15)
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1349
;; flags: rd; Ques: 1, Ans: 0, Auth: 0, Addit: 0
;; QUESTIONS:
;; xtremely.weird.com, type = MX, class = IN
;; Querying server (# 1) address = 192.168.0.97
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1349
;; flags: qr rd ra; Ques: 1, Ans: 0, Auth: 1, Addit: 0
;; QUESTIONS:
;; xtremely.weird.com, type = MX, class = IN
;; AUTHORITY RECORDS:
weird.com. 10800 IN SOA ns.weird.com. postmaster.weird.com. (
2003032020 ; serial
14400 ; refresh (4 hours)
7200 ; retry (2 hours)
604800 ; expire (7 days)
14400 ) ; minimum (4 hours)
;; Query for MX records failed, 0 answers, status: no error
xtremely.weird.com MX record currently not present at caching.nameserver.example
"0 answers, no error" Anyone sending e-mail to "xtremely.weird.com"
must get an immediate bounce back.
--
Greg A. Woods
+1 416 218-0098; <g.a.woods@???>; <woods@???>
Planix, Inc. <woods@???>; VE3TCP; Secrets of the Weird <woods@???>
