[qmailtoaster] Re: Problem sending mail to comcast.net

[Eric Shubert]

On 12/13/2012 12:24 PM, Cecil Yother, Jr. wrote:
I found this in the archives.
All of the senders experiencing the bounced messages mentioning cname
lookup failure appear to be running the qmail mail server software.
  Qmail, if not using a third party patch that was written in the late
90's, has an issue sending to domains whose name servers respond to DNS
queries of type "ANY" with more than 512 bytes of data; that is a bug in
qmail and the author has never fixed it because he wants you to use his
DNS server software which also eliminates the issue in a different way.
  Google's name servers do respond to queries of type "ANY" with more
than 512 bytes of data, so when an unpatched qmail server tries to send
an email to a domain whose lowest cost MX record ends in .google.com
<http://google.com/>, qmail is going to do a DNS query of type ANY
against one ofgoogle.com <http://google.com/>'s authoritative name
servers, get back more than it can correctly handle and defer repeatedly
until ultimately bouncing the message with that cname lookup failure.

http://productforums.google.com/forum/#!category-topic/apps/mail-settings/mIGTQVZiFxo



Can anyone confirm that Qmailtoaster has been patched with this patch -
http://www.ckdhr.com/ckd/qmail-103.patch???

http://www.memoryhole.net/qmail/#oversize-dns



On 12/13/2012 08:46 AM, rvau...@libertycasting.com wrote:

This is what I get when I dig comcast.net

[root@mail1 pdns-recursor]# dig  comcast.net

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.5 <<>> comcast.net
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15929
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;comcast.net. IN      A

;; ANSWER SECTION:
comcast.net. 2530    IN A       207.223.8.109
comcast.net. 2530    IN A       76.96.39.101
comcast.net. 2530    IN A       207.223.8.110
comcast.net. 2530    IN A       76.96.39.102

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Dec 13 11:39:38 2012
;; MSG SIZE  rcvd: 93

> <html>
> <head>
> <meta content="text/html; charset=ISO-8859-1"
> http-equiv="Content-Type">
> </head>
> <body bgcolor="#FFFFFF" text="#000000">
> Have you done any DNS testing to see if comcast.net resolves?<br>
> <br>
> <br>
> <div class="moz-cite-prefix">On 12/13/2012 04:53 AM, Rvaught
> wrote:<br>
> </div>
> <blockquote cite="mid:007a01cdd930$e94b0d80$bbe12880$@com"
> type="cite">
> <pre wrap="">My resolv.conf has :
>
> Search libertycasting.com
>
> Nameserver 192.168.120.20 ( this local a network dns forwarder)
>
>
> I still have bind installed . I think on my old server I was running the
> tinydns.
>
>
>
> I installed pdns-recursor package
>
> Still have same problem
>
> -----Original Message-----
>
From: Eric Shubert [<a class="moz-txt-link-freetext"
> href="mailto:e...@shubes.net";>mailto:e...@shubes.net</a>]
> Sent: Wednesday, December 12, 2012 1:17 PM
> To: <a class="moz-txt-link-abbreviated"
>
href="mailto:qmailtoaster-list@qmailtoaster.com";>qmailtoaster-list@qmailtoaster.com</a>
> Subject: [qmailtoaster] Re: Problem sending mail to comcast.net
>
> On 12/12/2012 11:00 AM, Rvaught wrote:
> </pre>
> <blockquote type="cite">
> <pre wrap="">Since I have set up my new QMT server I am having
> trouble sending mail
> to this domain. This is the error I receive:
>
> &lt;<a class="moz-txt-link-abbreviated"
> href="mailto:chlevi...@comcast.net";>chlevi...@comcast.net</a> <a
> class="moz-txt-link-rfc2396E"
>
href="mailto:chlevi...@comcast.net";>&lt;mailto:chlevi...@comcast.net&gt;</a>&gt;:
>
> CNAME lookup failed temporarily. (#4.4.3) I'm not going to try again;
> this message has been in the queue too long.
>
> Not sure about what I need to adjust.
>
> I also like to thank everyone for help on previous problems.
>
> Rick
>
> Liberty Casting
>
> </pre>
> </blockquote>
> <pre wrap="">
> What are you using for a DNS resolver? (cat /etc/resolv.conf)
>
> I recommend using the pdns-recursor package. It's available via yum from
> the
> centos repos.
>
> --
> -Eric 'shubes'
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: <a class="moz-txt-link-abbreviated"
>
href="mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com";>qmailtoaster-list-unsubscr...@qmailtoaster.com</a>
> For additional commands, e-mail: <a class="moz-txt-link-abbreviated"
>
href="mailto:qmailtoaster-list-h...@qmailtoaster.com";>qmailtoaster-list-h...@qmailtoaster.com</a>
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: <a class="moz-txt-link-abbreviated"
>
href="mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com";>qmailtoaster-list-unsubscr...@qmailtoaster.com</a>
> For additional commands, e-mail: <a class="moz-txt-link-abbreviated"
>
href="mailto:qmailtoaster-list-h...@qmailtoaster.com";>qmailtoaster-list-h...@qmailtoaster.com</a>
>
> </pre>
> </blockquote>
> <br>
> <div class="moz-signature">-- <br>
> <img src="cid:part1.01030605.00020307@yother.com" border="0"></div>
> </body>
> </html>
>



--

According to the package (rpm -qi qmail-toaster) it includes the "Big 
DNS Patch". I'm not sure exactly where the patch came from w/out looking 
at the source. Anyone care to take a look?


--
-Eric 'shubes'

---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com