On 11/02/16 22:54, Evgeniy Berdnikov wrote:
> On Thu, Feb 11, 2016 at 05:36:30AM -0500, Konstantin Boyandin wrote:
>> Talking of my case, MX records *do* point to FQDN, which in turn have
>> valid A records (no CNAMEs).
>>
>> All I had to do was to prevent Exim from utilizing A record of the
>> recipient's domain if MX records resolution failed.
> A failure in MX record resolution could be one of three types:
>
> 1. Query for MX returns NoError RCODE (no data). It means that domain
> exists, has no MX records, but there are other RRs this domain.
> MTA should query for A record for this domain name, then for AAAA
> record (if IPv6 is anabled), and try to use A or AAAA.
>
> 2. Query for MX returns ServFail or resolver timed out. MTA should wait
> some time and then try to query for MXes again.
>
> 3. Query for MX returns NxDomain (domain does not exist). MTA should treat
> it as a permanent error and stop any attempts to deliver message.
>
> Point No.1 is the only case when MTA should do use A record instead of MX.
> If your target domain has properly configured MX records, cases (2) and (3)
> should be ruled out.
>
> I think your assumption that Exim use A-record for domain "when DNS
> request are timed out" is wrong. There should be some other sources
> of your problem, maybe some subtle DNS misconfiguration (different
> data for primary/slave, different data in zone views, etc).
Or possibly a broken middlebox such as a firewall or loadbalancer at
either the destination domain
or your site that is not always in the path of the query.
