I had this problem before. Bind was compromised and I switched to djbdns.
Works for me so far...
On Thu, Sep 24, 2009 at 2:29 PM, Maxwell Smart <c...@yother.com> wrote:
> Some additional information that may help. If I start and stop my toaster
> the mail is delivered immediately.
>
>
> Maxwell Smart wrote:
>
>> I am still having delays of up to 20 minutes for e mail to be delivered.
>> Here is a snip of a header sent from the mail server to the same mail
>> server. These used to be virtually simultaneous.
>> Content-Filter: maildrop-toaster
>> Return-Path: <r...@area510.net>
>> Delivered-To: yother.com...@yother.com
>> Received: (qmail 1363 invoked by uid 89); 24 Sep 2009 02:30:18 -0000
>> Received: by simscan 1.4.0 ppid: 1340, pid: 1342, t: 11.6467s
>> scanners: attach: 1.4.0 clamav: 0.95.2
>> /m:51/d:9803 spam: 3.2.5
>> X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
>> laetitia.area510.net
>> X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0
>> tests=AWL,BAYES_00,RDNS_NONE
>> autolearn=no version=3.2.5
>> Received: from unknown (HELO nlpi157.prodigy.net) (unkn...@207.115.36.171
>> )
>> by laetitia.area510.net with SMTP; 24 Sep 2009 02:30:06 -0000
>> Received-SPF: unknown (laetitia.area510.net: Maximum nesting level
>> exceeded, possible loop)
>> Received: from sophia.area510.net (ns1.area510.net [64.168.70.132])
>> (authenticated bits=0)
>> by nlpi157.prodigy.net (8.13.8 smtpauth/dk/map_regex/8.13.8) with
>> ESMTP id n8O2U52w001792
>> for <c...@yother.com>; Wed, 23 Sep 2009 21:30:05 -0500
>> Received: by sophia.area510.net (Postfix, from userid 0)
>> id EFB17202B9; Wed, 23 Sep 2009 19:30:05 -0700 (PDT)
>>
>> If I am reading this correctly there is only 13 seconds elapsed from the
>> time the server received the message to the time it sent it, yet I am not
>> able to check it for up to 20 minutes in some cases. Any ideas where to
>> look to try and isolate this?
>>
>> Here is another snip from the mail server to a sbc account. Nearly 19
>> minutes lapse.
>>
>> From - Wed Sep 23 21:45:56 2009
>> X-Account-Key: account4
>> X-UIDL: 20090924044227M04001q1vre000078
>> X-Mozilla-Status: 0001
>> X-Mozilla-Status2: 00000000
>> X-Mozilla-Keys:
>> Received: from nlpi147.prodigy.net([207.115.36.161])
>> by isp.att.net (frfwmxc04) with ESMTP
>> id <20090924044226M0400n0jore>; Thu, 24 Sep 2009 04:42:26 +0000
>> X-Originating-IP: [207.115.36.161]
>> X-Originating-IP: [64.168.70.133]
>> Received: from laetitia.area510.net (mail.yother.com [64.168.70.133])
>> by nlpi147.prodigy.net (8.13.8 inb ipv6 jeff0203/8.13.8) with ESMTP id
>> n8O4gPhU017190
>> for <cjyot...@pacbell.net>; Wed, 23 Sep 2009 23:42:26 -0500
>> Received: (qmail 7599 invoked by uid 89); 24 Sep 2009 04:23:50 -0000
>> Received: by simscan 1.4.0 ppid: 7591, pid: 7594, t: 0.0982s
>> scanners: attach: 1.4.0 clamav: 0.95.2
>> /m: 51/d:9803
>> Received: from unknown (HELO ?192.168.1.145?) (c...@yother.com@
>> 71.139.170.193)
>> by laetitia.area510.net with ESMTPA; 24 Sep 2009 04:23:50 -0000
>> Message-ID: <4abaf455.4030...@yother.com>
>>
>>
>> I can also watch tail -f /var/log/qmail/smtp/current and see an email pass
>> through, but still not be able to retrieve it for up to 20 minutes
>> sometimes.
>> I have also tested my ISP's DNS server response times and they are both
>> in the 8.00ms range. The caching nameserver appears to be working correctly
>> too.
>>
>> 64 bytes from 206.13.28.12: icmp_seq=1 ttl=253 time=8.01 ms
>> 64 bytes from 206.13.28.12: icmp_seq=2 ttl=253 time=7.81 ms
>> 64 bytes from 206.13.28.12: icmp_seq=3 ttl=253 time=8.45 ms
>> 64 bytes from 206.13.28.12: icmp_seq=4 ttl=253 time=7.66 ms
>> 64 bytes from 206.13.28.12: icmp_seq=5 ttl=253 time=7.99 ms
>>
>> CJ
>>
>> Maxwell Smart wrote:
>>
>>> Thanks Jake,
>>>
>>> That's what I was able to glean from the info I read. I am not sure how
>>> I am going to ultimately set this up yet. This is all making me rethink
>>> my entire rack configuration. I have been trying to simplify this and
>>> it only seems to be getting more complex.
>>>
>>> Is it OK to see entries like this in my message file. My understanding
>>> is the only one that is critical is the host unreachable, but I have
>>> periodically checked it and it's working correctly.
>>>
>>> Sep 23 11:15:25 laetitia named[22986]: unexpected RCODE (SERVFAIL)
>>> resolving '95.193.115.189.in-addr.arpa/CNAME/IN': 200.175.89.133#53
>>> Sep 23 11:15:25 laetitia named[22986]: unexpected RCODE (SERVFAIL)
>>> resolving '95.193.115.189.in-addr.arpa/PTR/IN': 200.175.89.133#53
>>> Sep 23 11:17:03 laetitia named[22986]: client 127.0.0.1#53386: error
>>> sending response: host unreachable
>>> Sep 23 12:05:43 laetitia named[22986]: unexpected RCODE (REFUSED)
>>> resolving 'pdnssr01.ebnccsb.com.my/AAAA/IN': 161.142.2.17#53
>>> Sep 23 12:05:43 laetitia named[22986]: unexpected RCODE (REFUSED)
>>> resolving 'pdnssr01.ebnccsb.com.my/A/IN': 161.142.2.17#53
>>> Sep 23 12:05:46 laetitia named[22986]: lame server resolving
>>> 'maybank.my' (in 'maybank.my'?): 202.187.45.2#53
>>> Sep 23 12:06:12 laetitia named[22986]: client 127.0.0.1#33727: error
>>> sending response: host unreachable
>>> Sep 23 12:06:45 laetitia named[22986]: client 127.0.0.1#43177: error
>>> sending response: host unreachable
>>> Sep 23 12:09:38 laetitia named[22986]: lame server resolving
>>> '205.111.106.86.in-addr.arpa' (in '111.106.86.in-addr.arpa'?):
>>> 89.38.57.5#53
>>> Sep 23 12:09:39 laetitia named[22986]: lame server resolving
>>> '205.111.106.86.in-addr.arpa' (in '111.106.86.in-addr.arpa'?):
>>> 86.55.208.16#53
>>>
>>> CJ
>>>
>>> Jake Vickers wrote:
>>>
>>>
>>>> Eric Shubert wrote:
>>>>
>>>>
>>>>> I don't know off hand.
>>>>>
>>>>> Hey Jake, what do you know about this? (I'm guessing quite a bit!)
>>>>>
>>>>> Maxwell Smart wrote:
>>>>>
>>>>>
>>>>>> Eric,
>>>>>>
>>>>>> I think I am getting it sorted. Here is a snip of my named.conf
>>>>>> file. Do I need to allow-query;? Also do I need the forwarders,
>>>>>> ISP's DNS servers since the db.cache is the ROOT SERVERS? From what
>>>>>> I have read it is the recommended way to set it up.
>>>>>>
>>>>>> options {
>>>>>> directory "/etc";
>>>>>> pid-file "/var/run/named/named.pid";
>>>>>> version "request not permitted";
>>>>>> allow-notify {64.168.70.132;};
>>>>>> allow-transfer {"none";};
>>>>>> forwarders {
>>>>>> 63.203.35.55;
>>>>>> 206.13.28.12;
>>>>>> 206.13.30.12;
>>>>>> };
>>>>>> };
>>>>>>
>>>>>> zone "." {
>>>>>> type hint;
>>>>>> file "/etc/db.cache";
>>>>>> };
>>>>>>
>>>>>>
>>>>>>
>>>>> There are 2 mind sets to forwarders. If you do not define your ISPs,
>>>> your server will use the root servers. You are obviously getting the
>>>> highest authority on answers there, but resolve times can lag a little.
>>>> By using your ISPs upstream servers for forwarders, you're cutting
>>>> down on network traffic since your request is only going to the ISP
>>>> office/colo instead of one of the root DNS servers (which may be in
>>>> another state). So you have to look at it both as a security view, and
>>>> a bandwidth view. I think by now all of the ISP DNS servers are
>>>> patched for the cache poisoning so that is probably not a concern,
>>>> but if your ISP does DNS redirecting for unknown/unresolvable domains
>>>> then you may need to take that into consideration.
>>>>
>>>> For allow query, you're now going to be moving into the realm of an
>>>> authoritative and resolving server in the same box. Perfectly fine, if
>>>> you configure correctly. Normally with allow-query you would define an
>>>> acl (access list) that is allowed to query your server. You can even
>>>> do some fancy stuff like I do here in my office and have different DNS
>>>> zones for your internal network and your external network.
>>>>
>>>>
>>>> ---------------------------------------------------------------------------------
>>>>
>>>>
>>>> Qmailtoaster is sponsored by Vickers Consulting Group
>>>> (www.vickersconsulting.com)
>>>> Vickers Consulting Group offers Qmailtoaster support and
>>>> installations.
>>>> If you need professional help with your setup, contact them today!
>>>> ---------------------------------------------------------------------------------
>>>>
>>>>
>>>> Please visit qmailtoaster.com for the latest news, updates, and
>>>> packages.
>>>> To unsubscribe, e-mail:
>>>> qmailtoaster-list-unsubscr...@qmailtoaster.com
>>>> For additional commands, e-mail:
>>>> qmailtoaster-list-h...@qmailtoaster.com
>>>>
>>>>
>>>>
>>>>
>>>
>>> ---------------------------------------------------------------------------------
>>>
>>> Qmailtoaster is sponsored by Vickers Consulting Group (
>>> www.vickersconsulting.com)
>>> Vickers Consulting Group offers Qmailtoaster support and
>>> installations.
>>> If you need professional help with your setup, contact them today!
>>> ---------------------------------------------------------------------------------
>>>
>>> Please visit qmailtoaster.com for the latest news, updates, and
>>> packages.
>>> To unsubscribe, e-mail:
>>> qmailtoaster-list-unsubscr...@qmailtoaster.com
>>> For additional commands, e-mail:
>>> qmailtoaster-list-h...@qmailtoaster.com
>>>
>>>
>>>
>>>
>>
>> ---------------------------------------------------------------------------------
>>
>> Qmailtoaster is sponsored by Vickers Consulting Group (
>> www.vickersconsulting.com)
>> Vickers Consulting Group offers Qmailtoaster support and installations.
>> If you need professional help with your setup, contact them today!
>> ---------------------------------------------------------------------------------
>>
>> Please visit qmailtoaster.com for the latest news, updates, and
>> packages.
>> To unsubscribe, e-mail:
>> qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail:
>> qmailtoaster-list-h...@qmailtoaster.com
>>
>>
>>
>
> ---------------------------------------------------------------------------------
> Qmailtoaster is sponsored by Vickers Consulting Group (
> www.vickersconsulting.com)
> Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
>
> ---------------------------------------------------------------------------------
> Please visit qmailtoaster.com for the latest news, updates, and
> packages.
> To unsubscribe, e-mail:
> qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail:
> qmailtoaster-list-h...@qmailtoaster.com
>
>
>
