Single file version available here.
Last updated on 2008-03-01.
To discuss, comment here.
| Prev | Next | |
| Home |
Newsgroups: comp.mail.misc Date: Sun, 23 Mar 2003 23:37:48 GMT
I can see 45 mails in my local sendmail queue. All with error host map: lookup (nankai.edu.cn): deferred)
But when I do 'dig nankai.edu.cn' I get the result instantly. How can I tell sendmail to try again?
The closest command I found in man page is 'sendmail -q'. but that doesn't seems to be working… please help.
Sendmail will retry at intervals automatically. There may be a problem actually reaching the host though. Trying host -t MX nankai.edu.cn I see:
vgw.nankai.edu.cn nankai.edu.cn
Try telnet vgw.nankai.edu.cn 25… can you connect? If you can't, mail won't go. Also try the other one.
By the way, if you haven't dedicated yourself to sendmail yet maybe consider postfix as an alternative. I find it much easier to configure, and it doesn't have a major root vulnerability discovered every year. (In fact, it has an excellent security track record). If you have an old sendmail install, you're waiting to be rooted.
Jem Berkes
> But when I do 'dig nankai.edu.cn' I get the result instantly. How > can I tell sendmail to try again?
Does your system support IPv6?
sendmail -bt -d0.13 </dev/null | grep NETINET6
If it does, look for WorkAroundBrokenAAAA in doc/op/op.* and cf/README.
Claus ABmann
> I disabled the IPv6 on my system. But the sendmail can support it: > Do I still need that work around?
Yes.
> > If it does, look for WorkAroundBrokenAAAA in > > doc/op/op.* and cf/README.
> Is it available somewhere on the web? I looked into the rpm that > comes with RH8 -- doesn't have it.
http://www.sendmail.org/~ca/email/doc8.12/op.html
Claus ABmann
> The closest command I found in man page is 'sendmail -q'. but that > doesn't seems to be working... please help.
What is reported when you "push" the messages in verbose mode with DNS tracking turned on ?
sendmail -Am -v -d8.20 -qRnankai.edu.cn
Andrzej Filip
> > What is reported when you "push" the messages in verbose mode with > > DNS tracking turned on ? > > % sendmail -Am -v -d8.20 -qRcentercomp.com > > Running /var/spool/mqueue/h2P1mQV4009198 (sequence 1 of 1) > dns_getcanonname(yahoo.com, trymx=1) > dns_getcanonname: trying yahoo.com. (AAAA) > NO: errno=0, h_errno=4 > dns_getcanonname: trying yahoo.com. (A) > YES > dns_getcanonname: yahoo.com > dns_getcanonname(centercomp.com, trymx=1) > dns_getcanonname: trying centercomp.com. (AAAA) > NO: errno=110, h_errno=2 > centercomp.com: Name server timeout > <...@centercomp.com>... Transient parse error -- message queued for > future delivery > > What does the above mean (my from is set to yahoo)?
By default sendmail checks domain names in envelope ("MAIL FROM:", "RCPTO TO:") and headers in DNS. Sendmail tries to get AAAA records (IPv6) too. Some broken DNS servers give bad and missleading answers to queries about AAAA records.
Add WorkAroundBrokenAAAA to ResolverOptions in sendmail.cf.
The problem has been discussed a few times in news:comp.mail.sendmail - search the group archive http://www.polbox.com/a/anfi/sendmail/B4UAsk-Sendmail.html#OLD Searching old postings.
<quote file="RELEASE_NOTES"> New ResolverOptions setting: WorkAroundBrokenAAAA. When attempting to canonify a hostname, some broken nameservers will return SERVFAIL (a temporary failure) on T_AAAA (IPv6) lookups. If you want to excuse this behavior, use this new flag. Suggested by Chris Foote of SE Network Access and Mark Roth of the University of Illinois at Urbana-Champaign. </quote>
The ResolverOptions (I) option allows you to tweak name server options. The command line takes a series of flags as documented in resolver(3) (with the leading RES_ deleted). Each can be preceded by an optional + or - . For example, the line
O ResolverOptions=+AAONLY -DNSRCH
turns on the AAONLY (accept authoritative answers only) and turns off the DNSRCH (search the domain path) options. Most resolver libraries default DNSRCH, DEFNAMES, and RECURSE flags on and all others off. If NETINET6 is enabled, most libraries default to USE_INET6 as well. You can also include HasWildcardMX to specify that there is a wildcard MX record matching your domain; this turns off MX matching when canonifying names, which can lead to inappropriate canonifications. Use WorkAroundBrokenAAAA when faced with a broken nameserver that returns SERVFAIL (a temporary failure) on T_AAAA (IPv6) lookups during hostname canonification. Notice: it might be necessary to apply the same (or similar) options to submit.cf too.
ResolverOptions=options
Set resolver options. Values can be set using `flag and cleared using flag;
the flags can be debug , aaonly , usevc , primary , igntc , recurse ,
defnames , stayopen , use_inet6 , or dnsrch . The string HasWildcardMX
(without a ` or ) can be specified to turn off matching against MX records
when doing name canonifications. The string WorkAroundBrokenAAAA (without a
+ or -) can be specified to work around some broken nameservers which return
SERVFAIL (a temporary failure) on T_AAAA (IPv6) lookups. Notice: it might be
necessary to apply the same (or similar) options to submit.cf too.
% sendmail -Am -v -d8.20 -qRnankai.edu.cn _res.options = 12c3, HasWildcardMX = 0
Running /var/spool/mqueue/h2P2UkV4009517 (sequence 1 of 1)
dns_getcanonname(yahoo.com, trymx=1)
dns_getcanonname: trying yahoo.com. (AAAA)
NO: errno=0, h_errno=4
dns_getcanonname: trying yahoo.com. (A)
YES
dns_getcanonname: yahoo.com
dns_getcanonname(nankai.edu.cn, trymx=1)
dns_getcanonname: trying nankai.edu.cn. (AAAA)
NO: errno=110, h_errno=2
dns_getcanonname: trying nankai.edu.cn. (A)
YES
dns_getcanonname: nankai.edu.cn
getmxrr(nankai.edu.cn., droplocalhost=1)
<...@nankai.edu.cn>... Connecting to vgw.nankai.edu.cn. via esmtp...
220 ESMTP ready [64.231.230.149/unknown]
>>> EHLO localhost.localdomain
250-AUTH=LOGIN PLAIN
250-AUTH LOGIN PLAIN
250-PIPELINING
250 8BITMIME
>>> MAIL From:<suntong... | Prev | Next | |
| Home |