Author: Marc Sherman Date: To: exim-users Subject: Re: [exim] Potential logic error in retry handling for IPv4+IPv6 hosts
Marc Haber wrote: > On Mon, 5 Dec 2005 14:27:43 +0000 (GMT), Philip Hazel
> <ph10@???> wrote:
>> I think we are stuck until there is more evidence.
>
> This is actually an issue with how exim handles DNS answers. Just
> imagine that the A record for a target host name expires in the
> resolver's cache some time earlier than the AAAA record. When exim now
> queries for the MX record, the resolver returns the data which it
> still has cached, which is the AAAA record, in the additional section.
>
> Exim will believe the information from the additional section, and try
> delivering there.
Great debugging, Marc. So in my case earlier this year, I probably
actually caused the retry failure by setting "dns_ipv4_lookup = *"; it
caused host verification to only query for A records, so when I received
mail from the exim lists, it would populate the cache with just the A
records, but when I sent mail, both A and AAAA records would show up,
causing the A and AAAA records to expire at different times.
What's the fix for this? Have exim always explicitly query DNS for A if
the additional section only returns AAAA (or vice versa)? Or should the
additional section not be trusted at all?
