Re: [exim] DNS problems with sending via multiple smarthosts

Top Page

Reply to this message
Author: Jeremy Harris
To: exim-users
Subject: Re: [exim] DNS problems with sending via multiple smarthosts
On 19/07/2019 08:12, Viktor Dukhovni via Exim-users wrote:
> On Fri, Jul 19, 2019 at 09:15:26AM +0300, Evgeniy Berdnikov via Exim-users wrote:
>>> Might there be a dnssec-related difference?
>> Definitely NO, because this difference is in client's initial packets.
> Actually, the "tcpdump" documentation is misleading. In the attached
> PCAP file (single outbound query), "tcpdump" reports "[1au]", but the
> query has no authority records, rather it has an EDNS(0) OPT record:

> If there were a simple way to get the stub resolver to set only
> the AD bit, Exim could use that, and you'd not run into this
> particular obstacle, but the fault is wither whatever device
> is filtering your DNS queries. It is b0rked, and it would
> be good to find a way to get it to stop doing that.

Thanks for the analysis, Viktor.

David: try adding a main-config option:

dns_use_edns0 = 0

Note that dnssec will be disabled as a side-effect. And really, get
access to a decent resolver for preference.