This is caused by a Mail::SPF/Net::DNS module issue which is unhandled by
assp V1. If IO::Socket::INET6 is installed SPF/DNS tries to connect via
IPv6 to the DNS server first. In case the protocol is not available or the
DNS server could be not contacted via IPv6, IPv4 is used as fallback after
a timeout of 2 to 5 seconds (what ever is configured).
the TXT record for microsoft.com is
"v=spf1 include:_spf-a.microsoft.com include:_spf-b.microsoft.com
include:_spf-c.microsoft.com include:_spf-ssg-a.microsoft.com
ip4:131.107.115.215 ip4:131.107.115.214 ip4:205.248.106.64
ip4:205.248.106.30 ip4:205.248.106.32 ~all"
This results in many DNS lookups - one for this record and at least one
(possibly more because the include records contain a,mx and ptr records)
for each include entry.
- for example (1+4)*5 = 25 seconds timeout waiting.
This DNS runtime penalty issue belongs to all DNS querys inside V1 since
IPv6 was implemented - or better explained, since the Perl-IPv6 modules
are installed, except the querys for RWL,RBL and URIBL - because they
don't use Net::DNS.
To prevent this, uninstall IO::Socket::INET6 and Socket6 or enable and
configure and use IPv6 on all systems.
fixed in assp 2.1.2 build 12023:
- If the IPv6 modules are installed but IPv6 is disabled in assp or
unavailable at OS level
Net::DNS is running in to a timeout. This causes SPF timeouts, if
SPF-include records are defined
and possibly some other DNS runtime penalties.
Thomas
Von: "Hill, Brett" <hil...@nlbusa.com>
An: <assp-test@lists.sourceforge.net>
Datum: 11.04.2012 17:17
Betreff: [Assp-test] SPF lookup timed out
What would cause an SPF lookup to timeout? For example:
Apr-10-12 17:53:25 id-33409-03026 178.20.64.93 <nore...@microsoft.com>
to: some...@mydomain.com SPF: timed out after 21 secs.;
The above sender is not actually from valid Microsoft.com servers.
Thanks,
Brett
------------------------------------------------------------------------------
Better than sec? Nothing is better than sec when it comes to
monitoring Big Data applications. Try Boundary one-second
resolution app monitoring today. Free.
http://p.sf.net/sfu/Boundary-dev2dev
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
