ietf-smtp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

BCP for handling DNS SERVFAIL results

2005-11-25 12:32:47
from [Hector Santos] [Permanent Link] 

I'm not an DNS server expert so I am not sure if this mostly a configuration
issue, but my research reveals different information.

Currently our SMTP outgoing mail client is designed to check each DNS server
provided when doing a QUERY except for NXDOMAIN results.

This week, I ran across a particular new customer setup with an email domain
that he hadn't created a MX record yet.  He was using a sub domain,
db.usinterlink.com.

Of course, the SMTP client should:

    - Do a MX query
    - if none result, do a A record query

The problem is that I found while some other DNS servers return NOERROR, my
DNS server returned SERVFAIL to the MX query.

Here is what I found on the net as four different answers:

1) SendMail Configuration/New Behavior

http://www.brandonhutchinson.com/host_map__lookup_(domain)__deferred.html

 However, if the A or MX record lookup for the domain returns a
 "SERVFAIL," Sendmail will queue the message, believing it has
 encountered a transient DNS problem. For example, if a domain has a
 valid A record but returns a "SERVFAIL" when queried for an MX record
 (instead of "NOERROR" with an empty answer section), Sendmail will
 queue the message. You should contact the remote name server
 administrator in order to fix these problems."

2) Use Multiple DNS server.

An IBM solution was to suggest to make sure you have additional DNS servers
to query.

3) Lame Delegation

I saw other comments pointing it to be mostly a DNS configuration issue,
Lame Delegation?

4) Ignore SERVFAIL?

Some just said that the SMTP client should be looking at SERVFAIL as a
NXDOMAIN, etc.

I have a second DNS server so the result was found at my secondary UUNET
server.  But in general, I am trying to see why I got the SERVFAIL error in
the first place and in general for customers who might just have 1 DNS
server, how a SERVFAIL should be handled.  We are querying it. So it not a
matter of lost mail.

I am trying to understand why if I use my home DSL bellsouth.net DNS server,
 the NOERROR is returned, but against my own DNS server, it returns
SERVFAIL.  I'm not clear if its a configuration issue or not.

Any input would be appreciated.

--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Query Regarding CRAM-MD5 Authentication, Frank Ellermann
Next by Date:  Re: BCP for handling DNS SERVFAIL results, ned+ietf-smtp
Previous by Thread:  Query Regarding CRAM-MD5 Authentication, Vijayan
Next by Thread:  Re: BCP for handling DNS SERVFAIL results, ned+ietf-smtp
Indexes:  [Date] [Thread] [Top] [All Lists]