Re: [exim] DNS problems with sending via multiple smarthosts

Top Page

Reply to this message
Author: Evgeniy Berdnikov
Date:  
To: exim-users
Subject: Re: [exim] DNS problems with sending via multiple smarthosts
On Thu, Jul 18, 2019 at 02:55:54PM +0930, David Purton via Exim-users wrote:
> On Wed, Jul 17, 2019 at 11:12:16AM +0300, Evgeniy Berdnikov via Exim-users wrote:

...
> > I propose to install tcpdump and run it in parallel with "exim -qf":
> >
> >    tcpdump -nlUv -s0 -i any port domain

...
> OK. Here's the tcpdump output when I run exim -qf:
>
>
>     13:43:25.572114 IP (tos 0x0, ttl 64, id 4689, offset 0, flags [DF], proto UDP (17), length 71)
>         172.20.128.146.35212 > 8.8.8.8.53: 62572+ [1au] AAAA? smtp.gmail.com. (43)
>     13:43:25.574759 IP (tos 0x0, ttl 64, id 4689, offset 0, flags [DF], proto UDP (17), length 71)
>         8.8.8.8.53 > 172.20.128.146.35212: 62572 NXDomain* 0/0/1 (43)
>     13:43:25.574991 IP (tos 0x0, ttl 64, id 4690, offset 0, flags [DF], proto UDP (17), length 71)
>         172.20.128.146.33506 > 8.8.8.8.53: 6401+ [1au] A? smtp.gmail.com. (43)
>     13:43:25.576134 IP (tos 0x0, ttl 64, id 4690, offset 0, flags [DF], proto UDP (17), length 71)
>         8.8.8.8.53 > 172.20.128.146.33506: 6401 NXDomain* 0/0/1 (43)

>
>
> For comparison, here is the output when I run host smtp.gmail.com:
>
>
>     13:44:32.859293 IP (tos 0x0, ttl 64, id 12100, offset 0, flags [none], proto UDP (17), length 60)
>         172.20.128.146.52650 > 8.8.8.8.53: 55394+ A? smtp.gmail.com. (32)
>     13:44:32.894745 IP (tos 0x0, ttl 117, id 62430, offset 0, flags [none], proto UDP (17), length 114)
>         8.8.8.8.53 > 172.20.128.146.52650: 55394 2/0/0 smtp.gmail.com. CNAME gmail-smtp-msa.l.google.com., gmail-smtp-msa.l.google.com. A 74.125.68.109 (86)
>     13:44:32.894989 IP (tos 0x0, ttl 117, id 166, offset 0, flags [none], proto UDP (17), length 114)


Quite puzzling... The only difference I see here is the presence of one
authority record in dns query from Exim, marked as [1au].
Tcpdump man page states:

       A few anomalies are checked and may result in extra fields enclosed  in
       square  brackets:   If a query contains an answer, authority records or
       additional records section, ancount, nscount, or arcount are printed as
       `[na]', `[nn]' or  `[nau]' where n is the appropriate count.


Running tcpdump with -vvv shows that there is an authority record for root.
I don't know is this behaviour legal or not, and why this record is present
in exim queries. But I propose to try two other methods to resolve name:

1: exim4 -be '${lookup dnsdb{a=smtp.gmail.com}{$value}fail}'

2: perl -e '($n,$a,$t,$l,@ip)=gethostbyname("smtp.gmail.com"); print "n=$n\na=$a\n"; for (@ip) {($w,$x,$y,$z)=unpack('W4',$_); print "$w.$x.$y.$z\n"}'

In my experiments 1st variant results in additional authority record, the
2nd does not (as manual run of telnet). Does 1st variant fail when exim
fails to run transport?
--
Eugene Berdnikov