[exim-dev] [Bug 488] Failed name server leads to unroutable …

Top Page
Delete this message
Reply to this message
Author: bug488
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 488] Failed name server leads to unroutable address error
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

http://www.exim.org/bugzilla/show_bug.cgi?id=488





------- Comment #9 from graeme@??? 2007-03-23 11:46 -------
On 23/03/2007 08:38, exim@??? wrote:
> SERVFAIL should be generating a defer, and IMLE it does, but...


Following Marc's suggestion about setting restrictions (-j DROP) on the
configured resolver - the local one - to simulate unreachable hosts
which timeout, I get this:

11:04:48 32081 changed uid/gid: forcing real = effective
11:04:48 32081 uid=0 gid=0 pid=32081
11:04:48 32081 auxiliary group list: <none>
11:04:48 32081 configuration file is /etc/exim.conf
11:04:48 32081 log selector = 040d99d8
11:04:48 32081 trusted user
11:04:48 32081 admin user
11:04:48 32081 originator: uid=0 gid=0 login=root name=root
11:04:48 32081 sender address = root@???
11:04:48 32081 Address testing: uid=0 gid=12 euid=0 egid=12
11:04:48 32081 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
11:04:48 32081 Testing graeme@???
11:04:48 32081 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
11:04:48 32081 Considering graeme@???
11:04:48 32081 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
11:04:48 32081 routing graeme@???
11:04:48 32081 --------> dnslookup router <--------
11:04:48 32081 local_part=graeme domain=graemef.net
11:04:48 32081 checking domains
11:04:48 32081 graemef.net in "@"? no (end of list)
11:04:48 32081 graemef.net in "! +local_domains"? yes (end of list)
11:04:48 32081 calling dnslookup router
11:04:48 32081 dnslookup router called for graeme@???
11:04:48 32081 domain = graemef.net
11:05:08 32081 DNS lookup of graemef.net (MX) gave TRY_AGAIN
11:05:08 32081 graemef.net in dns_again_means_nonexist? no (option unset)
11:05:08 32081 returning DNS_AGAIN
11:05:08 32081 dnslookup router: defer for graeme@???
11:05:08 32081 message: host lookup did not complete
graeme@??? cannot be resolved at this time:
host lookup did not complete
11:05:08 32081 search_tidyup called

So, after a retry delay, it defers.

Changing the -j DROP to -j REJECT and using the various types of
rejection, I get the following (condensed for brevity):

icmp-net-unreachable -> defer after delay, as with DROP
icmp-host-unreachable -> defer after delay, as with DROP
icmp-port-unreachable -> immediate deferral
icmp-proto-unreachable -> immediate deferral
icmp-net-prohibited -> immediate deferral
icmp-host-prohibited -> immediate deferral

Changing this so that the local resolver is reachable but the remote
nameservers for the same domain are not, I get the exact same behaviour.

Of course, this could be entirely down to the fact that the box I used
for testing is running Exim 4.22 on RedHat 8.0. I really must change my
gateway :)

Graeme

--
Configure bugmail: http://www.exim.org/bugzilla/userprefs.cgi?tab=email