Re: [exim] Exim trying to send email to A record of recipien…

Top Page
Delete this message
Reply to this message
Author: Richard James Salts
Date:  
To: exim-users
Subject: Re: [exim] Exim trying to send email to A record of recipient domain


On 11/02/16 22:54, Evgeniy Berdnikov wrote:
> On Thu, Feb 11, 2016 at 05:36:30AM -0500, Konstantin Boyandin wrote:
>> Talking of my case, MX records *do* point to FQDN, which in turn have
>> valid A records (no CNAMEs).
>>
>> All I had to do was to prevent Exim from utilizing A record of the
>> recipient's domain if MX records resolution failed.
> A failure in MX record resolution could be one of three types:
>
>   1. Query for MX returns NoError RCODE (no data). It means that domain
>      exists, has no MX records, but there are other RRs this domain.
>      MTA should query for A record for this domain name, then for AAAA
>      record (if IPv6 is anabled), and try to use A or AAAA.

>
>   2. Query for MX returns ServFail or resolver timed out. MTA should wait
>      some time and then try to query for MXes again.

>
>   3. Query for MX returns NxDomain (domain does not exist). MTA should treat
>      it as a permanent error and stop any attempts to deliver message.

>
> Point No.1 is the only case when MTA should do use A record instead of MX.
> If your target domain has properly configured MX records, cases (2) and (3)
> should be ruled out.
>
> I think your assumption that Exim use A-record for domain "when DNS
> request are timed out" is wrong. There should be some other sources
> of your problem, maybe some subtle DNS misconfiguration (different
> data for primary/slave, different data in zone views, etc).

Or possibly a broken middlebox such as a firewall or loadbalancer at
either the destination domain
or your site that is not always in the path of the query.