Re: [exim-dev] DNSSEC / log spam

Top Page
Delete this message
Reply to this message
Author: Larry Rosenman
Date:  
To: Phil Pennock
CC: exim-dev
Subject: Re: [exim-dev] DNSSEC / log spam
On Fri, Jun 29, 2018 at 09:54:17PM -0400, Phil Pennock wrote:
> On 2018-06-29 at 20:16 -0500, Larry Rosenman via Exim-dev wrote:
> > Greetings,
> >     I have my DNS Zone DNSSEC enabled, but some of my dynamic
> >     sub-domains are NOT DNSSEC due to HE.net not supporting DNSSEC yet.
> >     can we suppress/change exim to not spam the logs with:

> >
> > Jun 29 20:12:53 thebighonker exim[37649]: gethostby*.gethostanswer: asked for "borg.lerctr.org IN AAAA", got type "RRSIG"
> > Jun 29 20:12:53 thebighonker exim[37649]: gethostby*.gethostanswer: asked for "borg.lerctr.org IN A", got type "RRSIG"
>
> Those messages are being generated by libc, so although it's from the
> Exim process, it's not from the Exim codebase.
>
> AFAIK there's nothing we can do from our side, as long as going through
> that interface.
>
> I'm guessing that this is a Router using hostname resolution; those all
> have options to change how DNS resolution is done, IIRC. Post on
> exim-users if you need help reconfiguring, but it should be setting
> route_data/route_list to use `bydns`. Of course, there might be a
> _reason_ to not do that ... in which case, see if you can get libc built
> without DEBUG enabled, or comment out the log-message and recompile
> libc.
>
> On FreeBSD, it's: /usr/src/lib/libc/net/getaddrinfo.c
>
> -Phil


Thanks, I sent a note off to the FreeBSD folks. (I'm a ports committer
there).


-- 
Larry Rosenman                     http://www.lerctr.org/~ler
Phone: +1 214-642-9640                 E-Mail: ler@???
US Mail: 5708 Sabbia Drive, Round Rock, TX 78665-2106