From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 31552 invoked from network); 26 Jun 2021 03:39:59 -0000 Received: from 1ess.inri.net (216.126.196.35) by inbox.vuxu.org with ESMTPUTF8; 26 Jun 2021 03:39:59 -0000 Received: from sdaoden.eu ([217.144.132.164]) by 1ess; Fri Jun 25 19:37:00 -0400 2021 Received: from kent.sdaoden.eu (kent.sdaoden.eu [10.5.0.2]) by sdaoden.eu (Postfix) with ESMTPS id B3A9716056; Sat, 26 Jun 2021 00:58:10 +0200 (CEST) Received: by kent.sdaoden.eu (Postfix, from userid 1000) id 010B011908; Sat, 26 Jun 2021 00:58:07 +0200 (CEST) Date: Sat, 26 Jun 2021 00:58:07 +0200 Author: Steffen Nurpmeso From: Steffen Nurpmeso To: 9front@9front.org Message-ID: <20210625225807.1lBix%steffen@sdaoden.eu> In-Reply-To: <75418F19-3615-43AF-8BBF-532350ED207E@stanleylieber.com> References: <1FC08B4E4797C194AE4949ACB7B0D467@bss-wf.de> <9A009966-F20C-49DF-A9F1-C2128929D06B@stanleylieber.com> <75418F19-3615-43AF-8BBF-532350ED207E@stanleylieber.com> Mail-Followup-To: 9front@9front.org User-Agent: s-nail v14.9.22-160-g3279f725ff OpenPGP: id=EE19E1C1F2F7054F8D3954D8308964B51883A0DD; url=https://ftp.sdaoden.eu/steffen.asc; preference=signencrypt BlahBlahBlah: Any stupid boy can crush a beetle. But all the professors in the world can make no bugs. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: general-purpose plugin lifecycle locator Subject: Re: [9front] Mailing list mails completely lost? Reply-To: 9front@9front.org Precedence: bulk Stanley Lieber wrote in <75418F19-3615-43AF-8BBF-532350ED207E@stanleylieber.com>: |On June 25, 2021 2:02:11 PM EDT, Kurt H Maier wrote: |>On Fri, Jun 25, 2021 at 10:22:26AM -0400, Stanley Lieber wrote: |>> I still see a lot of: |>>=20 |>> 1ess Jun 25 10:15:09 delivery '/net.alt/dns' does not exist (net!bss-w= f.\ |>> de) ... |>Which DNS resolver are you querying? I presume not 9cloud, but I used |>to have problems with assholes returning AAAA records that were useless. ... |we've been seeing similar behavior for a long time. that "'/net.alt/dns' \ |does not exist" error shows up *a lot* in the logs, frequently for \ |hosts that do exist and whose hostnames do resolve on the command line. Mind you i have had exactly this problem with my VM hoster's DNS server that i used exclusively (two of them), ever since i enabled DNSSEC. Especially with FreeBSD MX (where using dig goes "Truncated, retrying in TCP mode"). I first minimized negative caching, then had to add a reassurance to the blocklist logic using 8.8.8.8 as an upstream as a hotfix, and i did not understand because doing a local dig on all the addresses succeeded. Ie # Could be local resolver error, try this first if(DEBUG) es =3D 1 else es =3D system("{ command -v host && \ host " j " 8.8.8.8 || \ nslookup " j " 8.8.8.8; } >/dev/null 2>&1") if(es =3D=3D 0){ unign[j] =3D 1 After logging for weeks they said some query flag combinations seem to trigger bind bugs, and gave me an additional powerdns based upstream server (which, funnily, results in errors with dnsbl.sorbs.net rbl's, but not spamhaus). However, with these two different upstream servers (for local dnsmasq cache) i now run smooth again. (I still have FreeBSD MX in /etc/hosts on the VM thoug=C4=A7.) --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)