Sendmail or DNS? I can't tell.

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Tue May 11 05:36:31 UTC 2004 

Kirk Strauser <kirk at strauser.com> wrote:
> --=-=-=
> Content-Transfer-Encoding: quoted-printable
> I'm trying to send email to a friend at an ISP called mo-net.com .  Whenever
> I do, I get this in my maillog:

>     Name server: mo-net.com.: host name lookup failure

> However, I can do the relevant looks manually:

>     % whois mo-net.com | grep NS
>        Registrar: NETWORK SOLUTIONS, INC.
>        Name Server: NS.MO-NET.COM
>        Name Server: NS2.MO-NET.COM
>        NS.MO-NET.COM                12.14.225.10
>        NS2.MO-NET.COM               12.14.225.11


>     kirk at kanga:~% dig -t mx mo-net.com @12.14.225.10

>     ; <<>> DiG 9.2.3 <<>> -t mx mo-net.com @12.14.225.10
>     ;; global options:  printcmd
>     ;; Got answer:
>     ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5268
>     ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

>     ;; QUESTION SECTION:
>     ;mo-net.com.                    IN      MX

>     ;; ANSWER SECTION:
>     mo-net.com.             259200  IN      MX      10 asmtp.mo-net.com.

>     ;; AUTHORITY SECTION:
>     mo-net.com.             259200  IN      NS      ns2.mo-net.com.
>     mo-net.com.             259200  IN      NS      ns.mo-net.com.

>     ;; ADDITIONAL SECTION:
>     asmtp.mo-net.com.       259200  IN      A       12.14.225.18

>     ;; Query time: 81 msec
>     ;; SERVER: 12.14.225.10#53(12.14.225.10)
>     ;; WHEN: Mon May 10 16:44:58 2004
>     ;; MSG SIZE  rcvd: 101



>     kirk at kanga:~% dig -t mx mo-net.com @12.14.225.11

>     ; <<>> DiG 9.2.3 <<>> -t mx mo-net.com @12.14.225.11
>     ;; global options:  printcmd
>     ;; Got answer:
>     ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24305
>     ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

>     ;; QUESTION SECTION:
>     ;mo-net.com.                    IN      MX

>     ;; ANSWER SECTION:
>     mo-net.com.             259200  IN      MX      10 asmtp.mo-net.com.

>     ;; AUTHORITY SECTION:
>     mo-net.com.             259200  IN      NS      ns.mo-net.com.
>     mo-net.com.             259200  IN      NS      ns2.mo-net.com.

>     ;; ADDITIONAL SECTION:
>     asmtp.mo-net.com.       259200  IN      A       12.14.225.18

>     ;; Query time: 70 msec
>     ;; SERVER: 12.14.225.11#53(12.14.225.11)
>     ;; WHEN: Mon May 10 16:45:01 2004
>     ;; MSG SIZE  rcvd: 101


> Now, I have noticed that this network's nameserver records are CNAMEs and
> not As:

>     kirk at kanga:~% dig -t any ns.mo-net.com @ns.mo-net.com

>     ; <<>> DiG 9.2.3 <<>> -t any ns.mo-net.com @ns.mo-net.com
>     ;; global options:  printcmd
>     ;; Got answer:
>     ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25013
>     ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

>     ;; QUESTION SECTION:
>     ;ns.mo-net.com.                 IN      ANY

>     ;; ANSWER SECTION:
>     ns.mo-net.com.          259200  IN      CNAME   pop3.mo-net.com.

>     ;; AUTHORITY SECTION:
>     mo-net.com.             259200  IN      NS      ns.mo-net.com.
>     mo-net.com.             259200  IN      NS      ns2.mo-net.com.

>     ;; Query time: 76 msec
>     ;; SERVER: 12.14.225.10#53(ns.mo-net.com)
>     ;; WHEN: Mon May 10 16:46:13 2004
>     ;; MSG SIZE  rcvd: 82




>     kirk at kanga:~% dig -t any ns2.mo-net.com @ns.mo-net.com

>     ; <<>> DiG 9.2.3 <<>> -t any ns2.mo-net.com @ns.mo-net.com
>     ;; global options:  printcmd
>     ;; Got answer:
>     ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12705
>     ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

>     ;; QUESTION SECTION:
>     ;ns2.mo-net.com.                        IN      ANY

>     ;; ANSWER SECTION:
>     ns2.mo-net.com.         259200  IN      CNAME   lacy.mo-net.com.

>     ;; AUTHORITY SECTION:
>     mo-net.com.             259200  IN      NS      ns.mo-net.com.
>     mo-net.com.             259200  IN      NS      ns2.mo-net.com.

>     ;; Query time: 69 msec
>     ;; SERVER: 12.14.225.10#53(ns.mo-net.com)
>     ;; WHEN: Mon May 10 16:46:20 2004
>     ;; MSG SIZE  rcvd: 82


> I've previously contacted the administrator of this network and he insists
> loudly that he's been doing DNS for years and that there's nothing wrong
> with his setup.  I don't *think* this is a Sendmail problem, since I process
> thousands of emails per day through this system and I'm seeing the exact
> same problem sending to this network from multiple hosts that I have access
> to.

An admin might have been working long, that does not make him/her immune
against doing wrong.

This particular admin does several faults with this domain, 8 according
to 'zonecheck'.

Among the faults is NS as CNAME, all NA on the same spot, lazyness 
with PTR-records etc

> www.dnsreport.com also notices about the DNS records being CNAMEs, but even
> though I know that's completely wrong, I'm not sure how it would cause the
> problem.  Any ideas?

It will cause extra lookups, which in itself is benign but together 
with this zones location of all nameserver (behind a single congested link)
is prone to troule.

> =2D-=20
> Kirk Strauser
> In Googlis non est, ergo non est.

> --=-=-=
> Content-Type: application/pgp-signature

> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (GNU/Linux)

> iD8DBQBAn/kd5sRg+Y0CpvERAtaUAJwNkYd/jfA/NDrPRlJguIeIZzitiQCgn873
> kMLvwJKJJIss2VSGhv7Bnwc=
> =M4da
> -----END PGP SIGNATURE-----
> --=-=-=--



-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.

More information about the bind-users mailing list