I see in my logs: @400000004174b9241e26e134 starting delivery 14856: msg 3216304 to remote Jaroslav.Kral@ipbpojistovna.cz @400000004174b9241e26e51c status: local 0/10 remote 2/20 @400000004174b9242b9612cc delivery 14856: deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/ The fix seems to be at http://www.faqts.com./knowledge_base/view.phtml/aid/28942/fid/284%3E I use 1.03-r13 as it seems to be the stable version and I'd appreciate this patch to be included in stable ASAP. ;)
could you find the actual patch and link directly to it?
http://homepages.tesco.net./~J.deBoynePollard/Softwares/qmail/any-to-cname.patch This patch does the ANY -> CNAME fix. This one I believe is not that necessary, but here are comments from author: Whilst you are about it, you also might consider applying the patch (hyperlink given above) that makes "qmail" actually use "CNAME" queries when it wants to look up "CNAME" resource records. http://www.ckdhr.com./ckd/qmail-103.patch This patch fixes the buffer. This one I believe is a must.
we have included the patch from http://www.ckdhr.com./ckd/qmail-103.patch for an extremely long time (before I had even heard of Gentoo). I'll see about the any to cname fix, as it's been bugging me lately (and I'm a BIND9 user).
> we have included the patch from http://www.ckdhr.com./ckd/qmail-103.patch > for an extremely long time (before I had even heard of Gentoo). That's strange. That would mean that those dns responses are over 65535 bytes long?!!! > > I'll see about the any to cname fix, as it's been bugging me lately (and I'm a BIND9 user). That will make qmail ask for CNAME and not for ANY and then stupidly parse result and search for CNAME. So teh error will appear in less cases. Maybe the first patch get broken by some other patches?
Does this still happen in -r16?
Yes, I have -r16 since Jul 03, 2005 I hit the problem serveral times. Unfortunately when emailing those email addresses which had the problem think work fine at teh very moment. :( But last case was between Aug 3 and Aug 5. I had maybe a similar problem on my workstation computer. I just booted the machine few days ago and rather quickly after logged into X11, I've sent an email. I got the email back from qmail that the target host does not exist. It was a clear failure of the resolver/dns. I have and ~x86 branch. I have nscd running, named running and don't ask me why but I see no nameserver lines in my resolv.conf. The local namerver perfectly answers at localhost interface and that from where I get the addresses translated, I hope. It's clear I should have received at most temporary failure message. Maybe if you'd play with things like this you could find some problems? ;)
qmail does not use libresolv from glibc, it uses its own DNS resolver library. Can you give me a DNS name or two where this problem happens? (No full e-mail address is required)
@egu-vvn.cz @gvmyto.cz For the latter, I see a series of unsuccessfull atempts and at the end one succeeded for this user: delivery 70727: deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/ ... delivery 70765: success: User_and_password_not_set,_continuing_without_authentication./<xxxx@gvmyto.cz>_213.235.123.18_accepted_message./Remote_host_said:_250_A0736FBA588_accepted_for_delivery/
I am getting this problem again with users at @seznam.cz domain using 1.03-r16. 2006-04-04 17:00:17.709782500 delivery 272: deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/ 2006-04-04 17:00:17.709785500 status: local 0/10 remote 2/20 Portage 2.1_pre6-r6 (default-linux/x86/2005.0, gcc-3.4.5, glibc-2.4-r1, 2.6.16-rc1 i686) ================================================================= System uname: 2.6.16-rc1 i686 Intel(R) Pentium(R) 4 CPU 2.60GHz Gentoo Base System version 1.12.0_pre16 dev-lang/python: 2.3.5, 2.4.2-r1 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2 sys-devel/binutils: 2.16.1-r2 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.4.19-r1, 2.6.11-r3 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-mmmx -msse -msse2 -O2 -fomit-frame-pointer -mtune=pentium4 -march=pentium4 -funroll-loops -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.4/env /usr/kde/3.4/share/config /usr/kde/3.4/shutdown /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/kde/3/share/config /usr/lib/mozilla/defaults/pref /usr/share/X11/xkb /usr/share/config /var/bind /var/qmail/alias /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c /etc/env.d" CXXFLAGS="-mmmx -msse -msse2 -O2 -fomit-frame-pointer -mtune=pentium4 -march=pentium4 -funroll-loops -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks metadata-transfer sandbox sfperms strict" GENTOO_MIRRORS="ftp://ftp.muni.cz/pub/linux/gentoo http://gentoo.mirror.icd.hu/ http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ http://gd.tuwien.ac.at/opsys/linux/gentoo/ ftp://ftp.tu-clausthal.de/pub/linux/gentoo/" LINGUAS="cs cz en" MAKEOPTS="-j1" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X Xaw3d acpi apache2 apm arts ati avi berkdb bitmap-fonts bonobo ccache cdr crypt cscope cups curl dba dga directfb dri dvb dvd dvdr eds elibc_glibc emacs emacs-w3 emboss encode esd ethereal f77 fam fbcom flac foomaticdb fortran freetype2 fvwm fvwm2 gb gd gdbm ggi gif gphoto2 gpm gstreamer gtk gtk2 gtkhtml icc ifc imagemagick imlib innodb ipv6 isdnlog ithreads java jpeg kernel_linux lcms leim libg++ libwww linguas_cs linguas_cz linguas_en mad mcal mesa mikmod mmx motif mozilla mp3 mpeg mule myisam mysql ncurses nls nptl nptlonly ogg oggvorbis opengl oss pam pda pdflib perl plotutils png ppds pppd pthread pthreads python qt quicktime readline samba scanner sdl server slp spell sse sse2 ssl stroke tcltk tcpd tetex thread threads tiff truetype truetype-fonts type1-fonts unicode usb userland_GNU utf8 video_cards_radeon vorbis wmf x86 xml xml2 xmms xv zlib" Unset: ASFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, LANG, LC_ALL, LDFLAGS
http://www.cyber-sentry.com/index.php?id=58 I can confirm the patch http://homepages.tesco.net./~J.deBoynePollard/Softwares/qmail/any-to-cname.patch applies over -r16 and restaring qmail with "qmHandle -a" makes the server immediately deliver by 99 messages pending in the que for that target domain. Please push the patch into portage soon. Maybe someone could inspect those DNS responses and check their length. I don't know what to look for, but guess this issue might be recognized soon by admin of that domain and the DNS adjusted not to exceed this legth. So, be quick a get the testcase in time. ;)
http://www.faqts.com/knowledge_base/view.phtml/aid/28942/fid/284 http://www.webservertalk.com/archive66-2004-4-201036.html
Robin, any time to push the patch in? Thanks!
Maybe you can try mail-mta/netqmail, which hasn't that many patches.
I suspect the patch should be appplied over it as well, but do not face the issues right now so cannot show that by testing. Are you _sure_ it is not necessary or is it just a guess? ;-) After reading CHANGES file I see netqmail doing the type ANY DNS query since 1996, and not much about "CNAME" since then. The THOUGHTS file has no section about CNAME queries, so that did not convince me either this patch is not necessary. # patch -p1 < /root/any-to-cname.patch patching file dns.c Hunk #1 succeeded at 194 (offset -2 lines). # pwd /var/tmp/portage/netqmail-1.05-r2/work/netqmail-1.05/netqmail-1.05 #
(In reply to comment #14) > I suspect the patch should be appplied over it as well,
(In reply to comment #14) > I suspect the patch should be appplied over it as well, Nack, in netqmail, we try to minimize the patches. Use QMAIL_PATCH_DIR if you need a special patch.
In that case, please do: 1. remove the patch from netqmail which adds the SSL support. 2. patch qmail with the patch http://homepages.tesco.net./~J.deBoynePollard/Softwares/qmail/any-to-cname.patch
(In reply to comment #16) > 1. remove the patch from netqmail which adds the SSL support. No, you go convince upstream of this. We're not going to modify upstream patches in netqmail anymore. Doing this caused many of the bugs and the bad reputation of the qmail ebuild before. We'll move netqmail to the default qmail installation in Gentoo soon, anyway. Please don't reopen this bug.
(In reply to comment #18) > (In reply to comment #16) > > 1. remove the patch from netqmail which adds the SSL support. > > No, you go convince upstream of this. > > We're not going to modify upstream patches in netqmail anymore. Doing this > caused many of the bugs and the bad reputation of the qmail ebuild before. > > We'll move netqmail to the default qmail installation in Gentoo soon, anyway. > Please don't reopen this bug. I hit this again with a new server install. To recapitulate the current situation ...: none of the patches is in netqmail-1.0.6 yet. #ebuild /usr/portage/mail-mta/netqmail/netqmail-1.06.ebuild unpack #cd /var/tmp/portage/mail-mta/netqmail-1.06/work/netqmail-1.06/ #wget http://www.ckdhr.com./ckd/qmail-103.patch #patch -p1 < qmail-103.patch patching file dns.c Hunk #1 succeeded at 19 (offset -2 lines). Hunk #2 succeeded at 45 (offset -2 lines). Hunk #3 succeeded at 81 (offset -2 lines). #wget http://homepages.tesco.net./~J.deBoynePollard/Softwares/qmail/any-to-cname.patch #patch -p1 < any-to-cname.patch (Stripping trailing CRs from patch.) patching file dns.c Hunk #1 succeeded at 211 (offset 15 lines). # It is sad that netqmail is now worse than qmail package 5 years ago.