Koozali.org: home of the SME Server

Qmail cname temporarily failed

Qmail cname temporarily failed
« on: April 08, 2015, 04:41:11 PM »
Hello,

I just started working in a company which uses sme server 9, and it work great, except for the fact that some emails to external domains cannot be send. After going through the logs I found that the most likely reason is the size of dns query replies (it is even posted as bug 7946 for sme server 8). I am new to sme server, and have found some patches for when you can rebuild qmail, but am wondering if there is a way to solve this using perhaps the controls folder in qmail? If not could someone perhaps direct through patching qmail (something like this http://www.memoryhole.net/qmail/qmail-103.patch) on sme server 9. Any help is greatly appreciated.




Offline CharlieBrady

  • *
  • 6,918
  • +3/-0
Re: Qmail cname temporarily failed
« Reply #1 on: April 08, 2015, 04:54:22 PM »
Please post your information to bug 7946. Please identify which external domains you are not able to send to.

Offline brianr

  • *
  • 988
  • +2/-0
Brian j Read
(retired, for a second time, still got 2 installations though)
The instrument I am playing is my favourite Melodeon.
.........

Re: Qmail cname temporarily failed
« Reply #3 on: April 09, 2015, 10:52:37 PM »
You are right, I didn't include any information about the domains that are failing. I just looked into the var/log/qmail/current and the last domains that gave the error CNAME_lookup_failed_temporarily are

@hotmail.com
@gmail.com
@philips.com
@crconstructora.ec

I am not quite sure on how to fix this issue on a test server given that the patches that I have found are to change dns.c so I was wondering if there is a way around this through some additional configuration to qmail on the sme server. Thanks for a quick reply.

guest22

Re: Qmail cname temporarily failed
« Reply #4 on: April 09, 2015, 11:02:16 PM »
Hello,


Hi, and welcome! Sorry we forgot to welcome you in the first place.

Offline janet

  • ****
  • 4,812
  • +0/-0
Re: Qmail cname temporarily failed
« Reply #5 on: April 10, 2015, 03:14:48 AM »
i2e_smeserver

To fix this, please do as asked, & post your information to the existing bug report.
Bugzilla is where the problem will get fixed as there are very experienced devs there.
Link is at top of forums, just create a new account using a valid email address as your login user ID.

Thanks

@hotmail.com
@gmail.com
@philips.com
@crconstructora.ec
Please search before asking, an answer may already exist.
The Search & other links to useful information are at top of Forum.

Offline Curtis

  • 12
  • +0/-0
Re: Qmail cname temporarily failed
« Reply #6 on: December 20, 2019, 05:50:39 PM »
Greetings and happy holidays!

Sorry to bump this old thread, but I'm encountering the same issue on SME 9.2 with qmail (1.03-23.el6.sme@smeupdates-testing) for one particular host: usace.army.mil

2019-12-20 01:42:26.313099500 starting delivery 4751: msg 81789691 to remote redacted@usace.army.mil
2019-12-20 01:42:26.313104500 status: local 0/20 remote 1/20
2019-12-20 01:42:46.334695500 delivery 4751: deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/

# nslookup usace.army.mil
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
*** Can't find usace.army.mil: No answer

# dig usace.army.mil MX

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.3 <<>> usace.army.mil MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54395
;; flags: qr rd ra; QUERY: 1, ANSWER: 10, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;usace.army.mil.                        IN      MX

;; ANSWER SECTION:
usace.army.mil.         1291    IN      MX      10 pri-jeemsg.eemsg.mail.mil.
usace.army.mil.         1291    IN      MX      20 sec-jeemsg.eemsg.mail.mil.
usace.army.mil.         1291    IN      MX      30 gw1.usace.army.mil.
usace.army.mil.         1291    IN      MX      30 gw2.usace.army.mil.
usace.army.mil.         1291    IN      MX      30 gw3.usace.army.mil.
usace.army.mil.         1291    IN      MX      30 gw4.usace.army.mil.
usace.army.mil.         1291    IN      MX      30 gw5.usace.army.mil.
usace.army.mil.         1291    IN      MX      30 gw6.usace.army.mil.
usace.army.mil.         1291    IN      MX      30 gw7.usace.army.mil.
usace.army.mil.         1291    IN      MX      30 gw8.usace.army.mil.

;; Query time: 78 msec


Is there any workaround to allow my users to send to a mailbox at usace.army.mil ? 

Thanks!







Offline ReetP

  • *
  • 3,722
  • +5/-0
Re: Qmail cname temporarily failed
« Reply #7 on: December 21, 2019, 02:02:25 PM »
You probably need to follow up on the bug with that domain info for someone to check properly.

Any reason you are using the updates testing version? We would not normally recommend that unless you really are testing.

1.03-23.el6.sme@smeupdates-testing

As an aside note also that this is in smetest but is unlikely to cure the issue.
qmail-1.03-24.el6.sme.x86_64

Again, not recommended to use either unless you really are testing on debugging.

As above, follow up on the bug.
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

Offline Curtis

  • 12
  • +0/-0
Re: Qmail cname temporarily failed
« Reply #8 on: December 21, 2019, 07:39:47 PM »
You probably need to follow up on the bug with that domain info for someone to check properly.

Any reason you are using the updates testing version? We would not normally recommend that unless you really are testing.

1.03-23.el6.sme@smeupdates-testing

As an aside note also that this is in smetest but is unlikely to cure the issue.
qmail-1.03-24.el6.sme.x86_64

Again, not recommended to use either unless you really are testing on debugging.

As above, follow up on the bug.

Honestly I had forgotten that I was using the qmail version from testing.  The purpose was to allow outbound TLS per: https://forums.contribs.org/index.php/topic,53919.15.html  and it has been working flawlessly for months.  If the default repos now include qmail with outbound TLS support, I will reinstall from those.

If failures persist, I will submit a bug report as requested. 

Thanks for your help!

Online Jean-Philippe Pialasse

  • *
  • 2,745
  • +11/-0
  • aka Unnilennium
    • http://smeserver.pialasse.com
Re: Qmail cname temporarily failed
« Reply #9 on: December 21, 2019, 08:01:56 PM »
Any reason to use google dns instead of SME own service?

There are more and more reason currently not to use a big dns service.
Fitst you will not get localized result
Second you sell your privacy
Third you will hit denial of service on some services because they were getting too much hits from this dns server (could give issues with emails)
....

Offline TerryF

  • grumpy old man
  • *
  • 1,821
  • +6/-0
Re: Qmail cname temporarily failed
« Reply #10 on: December 21, 2019, 08:34:37 PM »
Any reason to use google dns instead of SME own service?

There are more and more reason currently not to use a big dns service.
Fitst you will not get localized result
Second you sell your privacy
Third you will hit denial of service on some services because they were getting too much hits from this dns server (could give issues with emails)
....

Excuse my jump to a non sme issue, not related to this post, however, interesting

Interesting JPP, I have only just changed my TVs streaming box DNS to use my home servers local IP (server/gateway mode), of late was having almost daily issues with it dropping out, been a week or so now without issue with change to its DNS settings
--
qui scribit bis legit

Offline Curtis

  • 12
  • +0/-0
Re: Qmail cname temporarily failed
« Reply #11 on: December 21, 2019, 08:52:45 PM »
Thanks, J.P., those are certainly valid points regarding Google DNS, though I'm not using it by default for SME.  I specified the server 8.8.8.8 for the nslookup (should have pasted that bit of text to avoid confusion) to prove that a public resolver was unable to return a CNAME result for usace.army.mil. 

Any reason to use google dns instead of SME own service?

There are more and more reason currently not to use a big dns service.
Fitst you will not get localized result
Second you sell your privacy
Third you will hit denial of service on some services because they were getting too much hits from this dns server (could give issues with emails)
....

Offline ReetP

  • *
  • 3,722
  • +5/-0
Re: Qmail cname temporarily failed
« Reply #12 on: December 22, 2019, 01:33:47 PM »
I specified the server 8.8.8.8 for the nslookup (should have pasted that bit of text to avoid confusion) to prove that a public resolver was unable to return a CNAME result for usace.army.mil.

In which case if Google can't resolve it I am not sure anyone else can either! Sounds more like an issue with their DNS than anything else?
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation