[9fans] dns failure in smtp

[9fans] dns failure in smtp

[Kenji Arisawa]

Sorry for noise.

Someone in this list send me a mail but I cannot reply to the mail
because of dns failure in smtp.
This is a private message to him.

ar% pwd
/sys/log
ar% tail smtp.fail
ar Aug 24 08:30:13 dns: dns failure (net!sounine.nanosouffle.net)
ar Aug 24 09:40:13 dns: dns failure (net!sounine.nanosouffle.net)
ar Aug 24 10:50:13 dns: dns failure (net!sounine.nanosouffle.net)
ar Aug 24 12:00:13 dns: dns failure (net!sounine.nanosouffle.net)
ar Aug 24 13:10:14 dns: dns failure (net!sounine.nanosouffle.net)
ar Aug 24 14:20:13 dns: dns failure (net!sounine.nanosouffle.net)
ar Aug 24 15:30:13 dns: dns failure (net!sounine.nanosouffle.net)
ar Aug 24 16:40:13 dns: dns failure (net!sounine.nanosouffle.net)
ar Aug 24 17:50:13 dns: dns failure (net!sounine.nanosouffle.net)
ar Aug 24 19:16:08 dns: dns failure (net!sounine.nanosouffle.net)
ar% ndb/dnsquery
 > sounine.nanosouffle.net mx
!dns: resource does not exist
 > sounine.nanosouffle.net
sounine.nanosouffle.net ip	75.58.233.41
 >


I think mx record is required in official dns server, although I feel
the condition is too strict.

/sys/src/cmd/upas/smtp/mxdial.c

	nmx = 0;
	snprint(buf, sizeof buf, "%s mx", ds->host);
	if(debug)
		fprint(2, "sending %s '%s'\n", dnsname, buf);
	/*
	 * don't hang indefinitely in the write to /net/dns.
	 */
	n = timedwrite(fd, buf, strlen(buf), 60*1000);
	if(n < 0){
		rerrstr(buf, sizeof buf);
		if(debug)
			fprint(2, "dns: %s\n", buf);
		if(strstr(buf, "dns failure")){
			/* if dns fails for the mx lookup, we have to stop */
			close(fd);
			return -1;
		}
	} else {


Kenji Arisawa
Email: arisawa@aichi-u.ac.jp

Re: [9fans] dns failure in smtp

[Dave Eckhardt]

> I think mx record is required in official dns server,
> although I feel  the condition is too strict.

Keep in mind that a DNS *failure* is not the same thing
as a particular DNS record not existing.

If you ask whether there is an MX record for foo, and
get a timeout, you can't assume there is not an MX
record for foo and "fall back" on the A query.

Misconfigured DNS servers with some frequency will
return SERVFAIL ("I am misconfigured or broken") to
an MX query while happily answering A queries.

The right thing is to request the administrator of
that domain to return an MX record to the MX query
or to return zero records.

Dave Eckhardt

Re: [9fans] dns failure in smtp

[erik quanstrom]

assuming that my mxdial.c is up-to-date (sources is
failing in a wierd way), that's not the full story.
mxdial calls callmx.  callmx has this code

static int
callmx(DS *ds, char *dest, char *domain)
{
	int fd, i, nmx;
	char addr[Maxstring];

	/* get a list of mx entries */
	nmx = mxlookup(ds, domain);
	if(nmx < 0){
		/* dns isn't working, don't just dial */
		return -1;
	}
	if(nmx == 0){
		if(debug)
			fprint(2, "mxlookup returns nothing\n");
		return dial(dest, 0, 0, 0);
	}
[...]

so if there is no mx record, the normal address is dialed.
(in this case the check against a returned address of 127.0.0.1
is skipped.  i would think if this check is necessary for mx
records, it is also necessary for a records.  but i can't
see why plan 9 cares.  if you do have a loopback, it's likely
for venti.)

in any event that's not what's happening.  using upas/spf
(it's on sources & submitted) we see that that two mx records
are found rfcmail.nanosouffle.net and sounine.nanosouffle.net:

; upas/spf -d nanosouffle.net 75.58.233.41
dnsquery(/net, nanosouffle.net, txt) ->
	dom	nanosouffle.net
	txt	v=spf1 mx -all
dnsquery(/net, nanosouffle.net, mx) ->
	dom	nanosouffle.net
	pref	1
	mx	rfcmail.nanosouffle.net
	dom	nanosouffle.net
	pref	10
	mx	sounine.nanosouffle.net
dnsquery(/net, rfcmail.nanosouffle.net, any) ->
	dom	rfcmail.nanosouffle.net
	ip	75.58.233.40
dnsquery(/net, sounine.nanosouffle.net, any) ->
	dom	sounine.nanosouffle.net
	ip	75.58.233.41

i would guess that dns cs may be or have been confused.
to eliminate the possibility of continuing confusion,
have you tried

	telnet /net.alt/tcp!sounine.nanosouffle.net!smtp

- erik