Victor Duchovni: > On Fri, Mar 19, 2010 at 12:32:13PM -0400, Wietse Venema wrote: > > > > > And why would Yahoo be doing a CNAME lookup? > > > > > > Their MTA does that for all destinations, among other lookups. > > > > > > Your DNS server is a bit odd: > > > > > > $ dig +trace -t any slsware.com > > > > > > ;; connection timed out; no servers could be reached > > > > > > While asking for "cname" or "mx" works... Perhaps their code does a > > > "T_ANY" lookup. > > > > If I recall correctly, Yahoo runs a modified qmail, and indeed: > > > > switch(resolve(sa,T_ANY)) > > So that's the issue then, the DNS server in question does not support > T_ANY. Most likely it is behind a firewall that does not understand T_ANY, > and drops the DNS packets for security reasons. Otherwise, the DNS server > itself is deficient.
Just to clarify, this DNS server is likely to create the same problem with other sites that run a version of the qmail MTA. According to the qmail CHANGES file entry 19961003, it uses T_ANY as a workaround for DNS servers that broke with T_CNAME. Of course, using T_ANY introduces other failure modes (reply too big, or broken infrastructure). Wietse