Author: Jeremy Harris Date: To: exim-users Subject: Re: [exim] DNS problems with sending via multiple smarthosts
On 19/07/2019 08:12, Viktor Dukhovni via Exim-users wrote: > On Fri, Jul 19, 2019 at 09:15:26AM +0300, Evgeniy Berdnikov via Exim-users wrote:
>>> Might there be a dnssec-related difference?
>>
>> Definitely NO, because this difference is in client's initial packets.
>
> Actually, the "tcpdump" documentation is misleading. In the attached
> PCAP file (single outbound query), "tcpdump" reports "[1au]", but the
> query has no authority records, rather it has an EDNS(0) OPT record: > If there were a simple way to get the stub resolver to set only
> the AD bit, Exim could use that, and you'd not run into this
> particular obstacle, but the fault is wither whatever device
> is filtering your DNS queries. It is b0rked, and it would
> be good to find a way to get it to stop doing that.
Thanks for the analysis, Viktor.
David: try adding a main-config option:
dns_use_edns0 = 0
Note that dnssec will be disabled as a side-effect. And really, get
access to a decent resolver for preference.
--
Cheers,
Jeremy