Re: [courier-users] DNS problems with courier 0.63
Brought to you by:
mrsam
From: Chuck W. <ch...@ma...> - 2010-01-28 20:09:32
|
Of course! I'm embarrassed to say I had run into this with a Java app and different symptoms in my development environment a while back and fixed it, but had not updated this email server in a long time, had forgotten about the issue, and didn't associate the two symptom patterns. Thanks so much for the diagnosis! The fact that you are reading this attests to its efficacy. All the best, Chuck Dave wrote on 01/28/2010 07:06 AM: > > bindv6only.conf in /etc/sysctl.d contains: > > # This sysctl sets the default value of the IPV6_V6ONLY socket option. > # > # When disabled, IPv6 sockets will also be able to send and receive IPv4 > # traffic with addresses in the form ::ffff:192.0.2.1 and daemons > listening > # on IPv6 sockets will also accept IPv4 connections. > # > # When IPV6_V6ONLY is enabled, daemons interested in both IPv4 and IPv6 > # connections must open two listening sockets. > # This is the default behaviour of almost all modern operating systems. > > net.ipv6.bindv6only = 1 > > > This was dropped without warning by a very inconsiderate Debian > maintainer. It has no effect until you reboot. Then applications > that put ipv4 addresses into ipv6 sockets start failing. Courier is > one of these. > > I suggest you change it to 0 until Courier is fixed. > > > On 2010-01-28 07:32, Jérôme Blion wrote: >> Hello, >> >> If these problems appear few day ago, it could be a DNS issue: >> >> Try these commands: >> dig +short rs.dns-oarc.net txt >> dig +dnssec DNSKEY ripe.net >> >> http://www.ripe.net/ripe/meetings/ripe-59/presentations/uploads/presentations/Tuesday/Plenary%2014:00/Abley-DNSSEC_for_the_Root_Zone.mId7.pdf >> >> HTH. >> Jerome Blion. >> >> Le 28/01/2010 04:51, Chuck Williams a écrit : >>> Hi All, >>> >>> I recently upgraded my debian server from courier 0.61 to 0.63 and >>> am now having strange problems associated with courier's use of DNS. >>> >>> I have always run with BOFHCHECKDNS=1 (the default) without issue. >>> However, after upgrading all domains were rejected in both inbound >>> and outbound smtp mail. Examples: >>> >>> Jan 25 07:58:25 aloha courieresmtp: >>> id=00000000032E4D3E.000000004B5D8509.00000D76,from=<log...@ma...>,addr=<ma...@gm...>: >>> DNS lookup failed. >>> Jan 25 09:20:06 aloha courieresmtp: >>> id=00000000031FC00E.000000004B5DEDBA.000064D0,from=<su...@wi...>,addr=<ba...@gm...>: >>> DNS lookup failed. >>> >>> Jan 24 18:27:41 aloha courieresmtpd: >>> error,relay=::ffff:209.85.210.189,from=<bna...@gm...>: 417 DNS >>> lookup failure: gmail.com. Try again later >>> Jan 24 18:28:02 aloha courieresmtpd: >>> error,relay=::ffff:209.85.222.148,from=<3wR...@gr...>: >>> 417 DNS lookup failure: groups.bounces.google.com. Try again later. >>> Jan 24 18:49:08 aloha courieresmtpd: >>> error,relay=::ffff:64.79.150.121,from=<nbu...@ne...>: 417 >>> DNS lookup failure: netbeans.org. Try again later. >>> >>> DNS is configured and working fine with all other software on the >>> server. E.g.: >>> >>> aloha:/etc/courier# dig +short MX gmail.com >>> 30 alt3.gmail-smtp-in.l.google.com. >>> 40 alt4.gmail-smtp-in.l.google.com. >>> 5 gmail-smtp-in.l.google.com. >>> 10 alt1.gmail-smtp-in.l.google.com. >>> 20 alt2.gmail-smtp-in.l.google.com. >>> aloha:/etc/courier# dig +short A alt3.gmail-smtp-in.l.google.com >>> 209.85.218.11 >>> aloha:/etc/courier# dig +short MX groups.bounces.google.com >>> 5 gmr-smtp-in.l.google.com. >>> 10 alt1.gmr-smtp-in.l.google.com. >>> 10 alt2.gmr-smtp-in.l.google.com. >>> aloha:/etc/courier# dig +short A gmr-smtp-in.l.google.com >>> 209.85.221.205 >>> aloha:/etc/courier# dig +short MX manawiz.com >>> 0 manawiz.com. >>> aloha:/etc/courier# dig +short A manawiz.com >>> 64.34.170.220 >>> aloha:/etc/courier# >>> >>> I reset BOFHCHECKDNS to 0 to work around this issue, and then for >>> the past couple days have been trying to send a message to this >>> list. Other messages I'm sending, or my users are sending, are >>> generally getting to their recipients, but not messages to the >>> courier-users list. They are all getting delayed-delivery responses >>> with DNS failures, e.g.: >>> >>> <cou...@li...>: >>> <<< DNS lookup failed. >>> >>> >>> The only way I'm able to send this message is to subscribe my gmail >>> account and send from there. As best I can tell, my courier >>> installation will not send to the courier-users list. >>> >>> How does courier access DNS? Any ideas on how I can resolve this >>> issue? Having BOFHCHECKDNS=0 is letting much more spam through, a >>> big problem, so I really need to change it back. >>> >>> Thanks for any help, >>> >>> Chuck >>> >>> >>> ------------------------------------------------------------------------------ >>> The Planet: dedicated and managed hosting, cloud storage, colocation >>> Stay online with enterprise data centers and the best network in the business >>> Choose flexible plans and management services without long-term contracts >>> Personal 24x7 support from experience hosting pros just a phone call away. >>> http://p.sf.net/sfu/theplanet-com >>> >>> >>> _______________________________________________ >>> courier-users mailing list >>> cou...@li... >>> Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users >>> >> >> ------------------------------------------------------------------------ >> >> ------------------------------------------------------------------------------ >> The Planet: dedicated and managed hosting, cloud storage, colocation >> Stay online with enterprise data centers and the best network in the business >> Choose flexible plans and management services without long-term contracts >> Personal 24x7 support from experience hosting pros just a phone call away. >> http://p.sf.net/sfu/theplanet-com >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> courier-users mailing list >> cou...@li... >> Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users >> > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------------ > The Planet: dedicated and managed hosting, cloud storage, colocation > Stay online with enterprise data centers and the best network in the business > Choose flexible plans and management services without long-term contracts > Personal 24x7 support from experience hosting pros just a phone call away. > http://p.sf.net/sfu/theplanet-com > ------------------------------------------------------------------------ > > _______________________________________________ > courier-users mailing list > cou...@li... > Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users > |