Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
CNAME lookup failed temporarily - Please help [SOLVED]
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
lazloman
Guru
Guru


Joined: 27 Dec 2003
Posts: 343
Location: Skokie, Il. USA

PostPosted: Sun Jan 31, 2010 5:51 pm    Post subject: CNAME lookup failed temporarily - Please help [SOLVED] Reply with quote

I;ve been getting this error for some time now when I try to send mail to my wife's job at hud.gov. I could find anything here in the forums, but in Google, I found many references. The most promising suggests that too much information is returned when the lookup is done, leading to the failure. I can send mail to everyone else and I can send mail to my wife via google mail, just not from my mail server. Can someone help me out with this?
Thanks
_________________
Gentoo x86
2x Dell Optiplex GX200

"My Break-Dancing days are over, but there's always the Funky Chicken."
--The Full Monty


Last edited by lazloman on Mon Feb 01, 2010 1:20 pm; edited 1 time in total
Back to top
View user's profile Send private message
gerdesj
l33t
l33t


Joined: 29 Sep 2005
Posts: 621
Location: Yeovil, Somerset, UK

PostPosted: Mon Feb 01, 2010 1:15 am    Post subject: Re: CNAME lookup failed temporarily - Please help Reply with quote

lazloman wrote:
I;ve been getting this error for some time now when I try to send mail to my wife's job at hud.gov. I could find anything here in the forums, but in Google, I found many references. The most promising suggests that too much information is returned when the lookup is done, leading to the failure. I can send mail to everyone else and I can send mail to my wife via google mail, just not from my mail server. Can someone help me out with this?
Thanks


You don't give many clues to go on!

What mail server software are you using?
What email client?

I've just done some dig-ing and hud.gov have three MX records all with a priority of 0 (zero) which is a bit weird but OK. The first two repond to a quick telnet on port 25 but the third doesn't and so it may be broken or tired or something.

On your box with the mail server on it please type at a console prompt:

$dig hud.gov MX

and post the results back here. Note the $ represents your prompt and should not be typed. You may have to install net-dns/bind-tools first.

Cheers
Jon
Back to top
View user's profile Send private message
lazloman
Guru
Guru


Joined: 27 Dec 2003
Posts: 343
Location: Skokie, Il. USA

PostPosted: Mon Feb 01, 2010 6:24 am    Post subject: Reply with quote

Sorry, I can't believe I left out such important details. I'm using qmail 1.03 (virtual/qmail-1.03), connecting with the Mac Mail application. Here's the output you requested:

dig hud.gov MX
Code:

Hedley control # dig hud.gov MX

; <<>> DiG 9.4.3-P4 <<>> hud.gov MX
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19842
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 3

;; QUESTION SECTION:
;hud.gov.         IN   MX

;; ANSWER SECTION:
hud.gov.      72410   IN   MX   0 horluep003.hud.gov.
hud.gov.      72410   IN   MX   0 hlanuep001.hud.gov.
hud.gov.      72410   IN   MX   0 hlanuep002.hud.gov.

;; AUTHORITY SECTION:[
hud.gov.      72410   IN   NS   hudgater.hud.gov.
hud.gov.      72410   IN   NS   hudgate.hud.gov.

;; ADDITIONAL SECTION:
horluep003.hud.gov.   72410   IN   A   170.97.202.58
hlanuep001.hud.gov.   72410   IN   A   170.97.200.33
hlanuep002.hud.gov.   72410   IN   A   170.97.200.34

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Feb  1 00:02:52 2010
;; MSG SIZE  rcvd: 199


The post I looked at suggested that this error might be caused by a server that sends back to much info for a ANY query. Here's the output from this query:
Code:

Hedley control # dig hud.gov ANY
;; Truncated, retrying in TCP mode.

; <<>> DiG 9.4.3-P4 <<>> hud.gov ANY
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1272
;; flags: qr rd ra; QUERY: 1, ANSWER: 19, AUTHORITY: 2, ADDITIONAL: 3

;; QUESTION SECTION:
;hud.gov.         IN   ANY

;; ANSWER SECTION:
hud.gov.      72344   IN   RRSIG   DNSKEY 7 2 86400 20100302014952 20100131014952 41417 hud.gov. izkgKbLiY5lshmra9WGCrj7+OlqUkNpTQgz2pAG/7GgbJFWTw2fH+Ifj gvcY38B5It9vXhfjNd06KxifqsmDrS2Xyg6pyeA8SV/ilZRy86qg8PU6 ijvOG77442RZWDzhBNj989MED24zmCJ/Y/KibkU69Utmu19kXP42Qe4I WJldNLVFUoBOERY9/zgEWkwb9axevhFoLNTv/QPsFuncrUI+hAmGwH4T 6gCuQqiuwsTcIelzFpcobnG2xBO6rD2c6m+4hA5bNY+ZH0VhXR5WjvpH M1tVWnxs92BAcxNndL5/sDzOZRXwrSm0BQU6crmKjx4et9ycdCCT/SFe 2TlF2A==
hud.gov.      72344   IN   RRSIG   DNSKEY 7 2 86400 20100302014952 20100131014952 52146 hud.gov. Js4j7k4rq1FdFsVnytg/uMoxGGP9noiA4aDFa6kJ15nvPT+X+U9lRBxn rRK5vEJYhTbgyGR6Uz6NoqJj7mi5VmBIBpIj1xgq85xwc0xki6d1VTdk sx4Y0SVmmx8s5cAmlfS/7F1J7VrQMmuI6SAWh7QBZoZMmnDcB4ywr37J O6BzrNI1STj+dXnNUYSGKlPOULjqyYuBU+bV62Qn82sug7CRxh36vQE6 rPfG1B8UUlMacsew2nhR+9Pp3Ae375cZ1ZstbcbpXef+960Ucsqy2wDG Psmv9dU3rxzkDTOcHAj6c8afD/K5hp4Rzuy8oHMiPlthUCWqfFfTQ56D s+pevA==
hud.gov.      72344   IN   DNSKEY   256 3 7 AwEAAbMOxcq4cME7e6g9ps2Sum4FQTbnehSJLbbuPTIlcepWs1VmvRqm k3iGi24D3Ci5a6q3illeJKeMX5MT2CXFwfO1y9HinLrpru2GY9YOdv5r WWz1ZfiEq5h/+2Znuv/YLHvKSibfygD9g+C1JmGIelJkK82yU1hnTHS5 Ox9FuQ6XpR/ZRcIWJYz+OY5lZ5hsqb60VqYaTMox3IMDR/A5e40Limt9 wIs+rxc0pvh0Ag4FFkrilO8LKOe1NH5Py6ru9Cz6kKndyHfJuNCt5m3t veRI4lhbRXMUVLh91WnRM35V/M3gpPB0/IzbdHkhoUg9tP7NAepgH5uk MeP1PMwgiIE=
hud.gov.      72344   IN   DNSKEY   256 3 7 AwEAAdAPF5GOOWvzdjIVo2Rza4trLMvP1HSW6BjOLmw6tWyKAQ3c0U7w UeC4K2IXjthRQTkyRD/NIrC7P9o70OThFT+uuWfwp+UxDEpb2naZb+7r yqswMOZmZTYA3mGGBrknfE/P4wvkrXhvsacD0zWuiheMLL4Mcibrfwix OvbJQG73s014AhLYj3dSKYs5SUGThAzjZsmPqwmkJ82TTd+x+FsjXtgH QHnRVytMkfKIRLZFH5Q1aS+bRMBvUNHGcvXx3ijCaRZHDpZjvlSvYMJW n329YrhcQkfGgqxzayKU88/pxFGsACZAKLFPHa14Vas5MNKlAexk2UI3 VDH88Kxqo7U=
hud.gov.      72344   IN   DNSKEY   257 3 7 AwEAAZ50d20TkOzWzJD+anUMSIMfGaI8m4If6DMax4NQnZ34yta6UOb9 07SRqBs2vJ+MpcJkyRuLx/Z9vGlfZQ7V9eBgI62EZwmfiitanwSFPZgC zM8nVswpDS+/CmaHhXUoLdgNgUYh4WSl/7fXroluC/18xyMl3ZGQRRjJ ftpQSMXubP/n9nCHZXE5YiDw1cRklqA4lLyNeXBgadWa8klekr89WNij 454KApevbg0GSudEJw7IWzbOb09npvQ1hnLz8pmDsaahfIsGBvcHSUEJ rjSkk3J1oHDj0B7Gxm+tZH4Er21RTucEWeroyIJSQmsYN+Cm0FyfgJ75 bNEsRe5M4Vc=
hud.gov.      72344   IN   RRSIG   MX 7 2 86400 20100302014952 20100131014952 41417 hud.gov. VbHeZBc9yQ6j0rqsblRJmVtzm8wPOBmcbK5uFUo2REycXn9vAtMO1a5Z yvOVfol3FOav4cNab8i40sgaxqV+DKpTaO5Qs232IqtKaH+KBgfvD4T0 q8yC1usMm/HUhMRcUospR66keVNXMVvZ60iwTKvMIPZRhN44wGBUyaxO FXAXXlnRDSgsa0kfj9sRLce6VM7Mg09zmFruMiK7s3ujZM1GTOzILrzG 3Op+5dzrkm8eZpwouUQOGebkLeKpiWiOi6/dfc9SM3VmK8ytW9UIClam JrJoP1M7i8wEUWadGkm7wHUOIFgdSWIpXhn/YYgUNeHRGdUnFvUWU7wq h34vkQ==
hud.gov.      72344   IN   MX   0 hlanuep002.hud.gov.
hud.gov.      72344   IN   MX   0 horluep003.hud.gov.
hud.gov.      72344   IN   MX   0 hlanuep001.hud.gov.
hud.gov.      72344   IN   RRSIG   A 7 2 86400 20100302014952 20100131014952 41417 hud.gov. Hqkr209gupXyrsMlng1g1OO90p/t9ZTfj/1g/MUdjPROH9uKzopnvk1C Bv/8gbdrfom8XhMIKFEpsmtXV/gKdOe1r9zw1ptF6jMpnXLfJrv/v2JT xmr1JDsqDTdVoJeRgSkoDOBKDgpasRH3sCrIRsz+Ol3D3b8p3o8MCrJ8 zSICvEKpZplKKcsx5Goz/kxfGysrhxtHMIa94R1/u47nSBecIDgkvIHW Y3hnkTVUOnvza+jEnS6u1TTXVcxORauhVUd8I3FevP8HPC9FgLTd2DyP utDaoYp98WuzKsKlV2umQ0dEGUh5qMkKFiVFINePSQjwsoEeKBx4S1NA rsgarg==
hud.gov.      72344   IN   A   170.97.167.13
hud.gov.      72344   IN   A   170.97.67.13
hud.gov.      72344   IN   RRSIG   NS 7 2 86400 20100302014952 20100131014952 41417 hud.gov. IZEHqWwQ945IT241y2UaI7btE6xDHYQv0LUohtwAYyyhMneoA2ngJEFf wcSoJiia/qZoNQ9ONMp9fcnofX4VfRcP6cokiAhxW/3F+4s8RSFh0tj2 eIVkTNJGOIYxUhqgjZlIiaotzgU9k4HponNKneC9j/5N26bHr4gdfUEY XLPYEjGe4hKFDfZDMmiEDlKL47O30gY8gmPIy+WoJ5JD/Od73CSp1GyC q5q6U98VsddsUoPXVECGqXr609OcPmIn/tHknCGrne6Fw7XFoGYLRSRH AO385MsgsTnUyNfUy6FDNluMhK/jsjy2ruC0LXrr+aZwDCAv3ExSFhCl Z0CrKA==
hud.gov.      72344   IN   RRSIG   SOA 7 2 86400 20100302014952 20100131014952 41417 hud.gov. hZ8wevH30oELnB4DiEvtCPYIqUQCuj7DjhjeC0Qu/yX7bxcd5qrL7PEa /3mYuu6iRhmBtruhFtFPzINDu/NFu7NndaKZ8AQ0oPJiHSnKAkcTELN6 Rupy0tOhZi9diBdFZ/w3DWgjP3O3qQc/KzcTYxP4fMCUDzrb8UU3AmAQ eZtk2DaKXpGeIDSu5JSusF+mojz6FDEu1gt0wyhDkaCOAAj4+kFhQ/fk iqwzRTokRBtyo3ZIrSAWnnpAq/9BrQl9widTnGh8GKpnWNPtqZxD6IOM ekl0LcZmjSzgtYNyvZzvOcgbnOQiYaptkiw6hwouvilBJSpje3NkhCsZ +dqa9g==
hud.gov.      72344   IN   SOA   hudgate.hud.gov. root.hudgate.hud.gov. 2010013001 3600 1800 2600000 86400
hud.gov.      72344   IN   RRSIG   DS 7 2 86400 20100205151702 20100131151702 51998 gov. d/PjyYj6wkFx5cVJ2Xa7AGsa6tIOr62D++BmWDENSjiJN6aP3LOqB8Yi X7VjZckp+8B2lIiY1Qe+Zv/u+Pi93o/mK6ANpTpiOKM2QIAN0VJN4K88 rJsWeoqjD7kro5+YSkSUNotXFaIfJN83Y0/b8PVUoY1L4xb13j0d4sk1 AK0=
hud.gov.      72344   IN   DS   52146 7 2 54AF554FC3FFC532BB898B9AB39F1276FD17B59D3E44772C3142EA62 680D71C7
hud.gov.      72344   IN   NS   hudgater.hud.gov.
hud.gov.      72344   IN   NS   hudgate.hud.gov.

;; AUTHORITY SECTION:
hud.gov.      72344   IN   NS   hudgate.hud.gov.
hud.gov.      72344   IN   NS   hudgater.hud.gov.

;; ADDITIONAL SECTION:
horluep003.hud.gov.   72344   IN   A   170.97.202.58
hlanuep001.hud.gov.   72344   IN   A   170.97.200.33
hlanuep002.hud.gov.   72344   IN   A   170.97.200.34

;; Query time: 34 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Feb  1 00:03:58 2010
;; MSG SIZE  rcvd: 3109



I'm not an MTA guru, but is 3109 too large for qmail? In the post I found is here:
http://forum.qmailrocks.org/archive/index.php/t-2589.html

The last entry in the post asks if a large reply for an ANY query might be the cause and suggests a patch. But given the age of the post (4 years) one would think this situation would have been addressed by now.

Here's another post where the oversized reply might be the issue, but its' never quite nailed down:
http://faqts.com/knowledge_base/view.phtml/aid/28942

Old as well, but more clearly states that qmail does an ANY lookup instead of a CNAME and may be receiving too much data. But again, the age makes this a bit dubious.

I should also add that I've had problems with HUD in the past. I might get this error for a few weeks, with messages being bounced, and then for several weeks, things would work just fine and I could send email there. But now, messages have been getting bounced for the last 3 months.
I feel pretty confident that the problem lies on their end as I just don't make changes to my server's configuration except for the occasional qmail upgrade, which just doesn't happen very often. I have been able to send with this version of qmail.

I hope this helps and I really appreciate the assistance.
_________________
Gentoo x86
2x Dell Optiplex GX200

"My Break-Dancing days are over, but there's always the Funky Chicken."
--The Full Monty
Back to top
View user's profile Send private message
doctork
Guru
Guru


Joined: 25 Apr 2004
Posts: 370
Location: Cleveland, OH

PostPosted: Mon Feb 01, 2010 7:09 am    Post subject: Reply with quote

The obvious solution is to get rid of qmail and use a MTA that doesn't do totally unnecessary CNAME queries. :(
I'm a postfix fan, myself.
--
doc
Back to top
View user's profile Send private message
gerdesj
l33t
l33t


Joined: 29 Sep 2005
Posts: 621
Location: Yeovil, Somerset, UK

PostPosted: Mon Feb 01, 2010 12:22 pm    Post subject: Reply with quote

doctork wrote:
The obvious solution is to get rid of qmail and use a MTA that doesn't do totally unnecessary CNAME queries. :(
I'm a postfix fan, myself.
--
doc


Not exactly helpful. Personally I'm an Exim fan.

Now the MTA (Qmail) should be doing an MX lookup and this must resolve to just an IP address and not a CNAME and from dig that is what we get back. It is pretty unlikely that Qmail would do an ANY query because that would be hugely wasteful.

You could confirm this by running:

#tcpdump -vv port 53 at a terminal on the server and sending a mail through. If you can get Wireshark on it even better - its a lot easier to translate!

Its been years since I ran Qmail but I seem to remember that you can create static routes in a control file for mail delivery.

... Google ....

Here we go, read man qmail-remote especially the bit about smtproutes a line like this might do the trick:

hud.gov:hlanuep001.hud.gov

Its a bodge but it gets you up and running.

Cheers
Jon
Back to top
View user's profile Send private message
lazloman
Guru
Guru


Joined: 27 Dec 2003
Posts: 343
Location: Skokie, Il. USA

PostPosted: Mon Feb 01, 2010 12:57 pm    Post subject: Reply with quote

Thanks for all the replies. I added the smtproute and the qmail-send log indicates that it was accepted, so I think I may be good now. I'd like to avoid having to switch MTA's right now unless I really have to.
Thanks again.
_________________
Gentoo x86
2x Dell Optiplex GX200

"My Break-Dancing days are over, but there's always the Funky Chicken."
--The Full Monty
Back to top
View user's profile Send private message
gerdesj
l33t
l33t


Joined: 29 Sep 2005
Posts: 621
Location: Yeovil, Somerset, UK

PostPosted: Tue Feb 02, 2010 12:09 am    Post subject: Reply with quote

lazloman wrote:
Thanks for all the replies. I added the smtproute and the qmail-send log indicates that it was accepted, so I think I may be good now. I'd like to avoid having to switch MTA's right now unless I really have to.
Thanks again.


I used to run QMail for a 500K mail per week site but switched to Exim when QMail's lack of fancy routing and stuff got to be a pain. I have rather a lot of customer sites using it now - it's great to put in front of an expensive commercial system that can't cut it when it comes to pretty reasonable customer requirements. QMail and Exchange's SMTP service are about on a par 8)

However, QMail + DaemonTools + QMailScanner with Spam Assassin etc was a very stable and reliable system for me.

Frankly I'd stick with what you know if it does the job. If you outgrow it then look around.

Cheers
Jon
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum