Re: [exim] DNS problems with sending via multiple smarthosts

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMDavid Purton at <-
MDavid Purton at ->
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: Re: [exim] DNS problems with sending via multiple smarthosts
On 19/07/2019 08:12, Viktor Dukhovni via Exim-users wrote:
> On Fri, Jul 19, 2019 at 09:15:26AM +0300, Evgeniy Berdnikov via Exim-users wrote:
>>> Might there be a dnssec-related difference?
>>
>> Definitely NO, because this difference is in client's initial packets.
>
> Actually, the "tcpdump" documentation is misleading. In the attached
> PCAP file (single outbound query), "tcpdump" reports "[1au]", but the
> query has no authority records, rather it has an EDNS(0) OPT record:

> If there were a simple way to get the stub resolver to set only
> the AD bit, Exim could use that, and you'd not run into this
> particular obstacle, but the fault is wither whatever device
> is filtering your DNS queries. It is b0rked, and it would
> be good to find a way to get it to stop doing that.

Thanks for the analysis, Viktor.

David: try adding a main-config option:

dns_use_edns0 = 0

Note that dnssec will be disabled as a side-effect. And really, get
access to a decent resolver for preference.
--
Cheers,
Jeremy

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] exim filters to/from/cc addressRe: [exim] Detecting successful CVE-2019-10149 hack->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)