Currently experiencing a strange issue,
We have used OpenDNS to filter our internet traffic for a few years, but recently we found emails were being deferred and getting stuck in the mail queue before failing several days later, looking through the logs I found the following
/var/log/qmail/current
2017-08-17 10:49:18.076598500 starting delivery 109: msg 90967592 to remote aperson@ms17.hinet.net
2017-08-17 10:49:18.076600500 status: local 0/20 remote 1/20
2017-08-17 10:49:38.097636500 delivery 109: deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/
/var/log/dnscache/current
2017-08-17 10:50:17.138974500 servfail ms17.hinet.net. input/output error
2017-08-17 10:50:17.139027500 sent 2263 32
2017-08-17 10:50:17.139028500 servfail ms17.hinet.net. input/output error
2017-08-17 10:50:17.139086500 sent 2293 32
2017-08-17 10:50:17.139087500 servfail ms17.hinet.net. input/output error
2017-08-17 10:50:17.139103500 sent 2325 32
2017-08-17 10:50:17.139103500 servfail ms17.hinet.net. input/output error
2017-08-17 10:50:17.139139500 sent 2329 32
As a quick check I updated our name servers to 8.8.8.8 in "configure this server" from the OpenDNS name server [208.67.222.222] and the emails all got delivered when I flushed the mail queue but we are
no longer filtering our web traffic making the work around not viable.
When using the
https://cachecheck.opendns.com/ both domains resolve (msa.hinet.net and ms17.hinet.net).
The OpenDNS name servers are 208.67.222.222 and/or 208.67.220.220
I tested updating djbdns but this didn't seem to fix the issue
Current dns rpm versions are[root@myserv01 ~]# rpm -qa | grep dns
e-smith-dnscache-2.4.0-1.el6.sme.noarch
e-smith-dynamicdns-yi-2.4.0-1.el6.sme.noarch
e-smith-dynamicdns-dyndns.org-2.4.0-1.el6.sme.noarch
djbdns-1.05-11.el6.sme.x86_64
e-smith-dynamicdns-tzo-2.4.0-1.el6.sme.noarch
e-smith-tinydns-2.4.0-8.el6.sme.noarch
e-smith-dynamicdns-dyndns-2.4.0-1.el6.sme.noarch
My reading has also taken me to these placesRe: Strange DNS issue - can't find some sites
https://forums.contribs.org/index.php/topic,53236.15.htmlhttps://forums.contribs.org/index.php/topic,53236.msg275930.html#msg275930RE: dnscache and akamai oddness
https://marc.info/?l=djbdns&m=109482686727881&w=2URIBL.com and Google/opendns
https://forums.contribs.org/index.php/topic,52003.msg265759.html#msg265759Related Bugs
https://bugs.contribs.org/show_bug.cgi?id=10381https://bugs.contribs.org/show_bug.cgi?id=10374https://bugs.contribs.org/show_bug.cgi?id=8362How to test latest djbdns release
yum update djbdns --enablerepo=smeupdates-testing
But I am yet to find a solution to this problem, any advice would be welcome.
Thanks,