MRatWork Forum by Mustafa Ramadhan
Sawo Project - Kloxo-MR Discussions => Kloxo-MR Technical Helps => Topic started by: tonym on 2017-04-12, 08:00:28
-
I have a load of email stuck in the queue since yesterday.
The Kloxo-MR mail queue log page says:
--
Apr 12 04:51:54 mail send: delivery 230: deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/
--
What can cause that?
I have tried this:
---
host -tCNAME hotmail.co.uk 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:
hotmail.co.uk has no CNAME record
---
I'm not sure what lookup I should be testing.
A. Control Panel:
- Kloxo-MR: 7.0.0.c-2017041002
- Web: hiawatha-10.5.0-f.2.mr.el6.i686
- PHP: php54s-5.4.45-1.ius.el6 (fpm mode)
B. Plateform:
- OS: CentOS release 6.9 (Final) i686
- Hostname: mail.mtc1.uk
C. Services:
1. MySQL: MariaDB-server-10.0.30-1.el6.i686
2. PHP:
- Installed:
- Branch: php55w-cli-5.5.38-1.w6.i386
- Multiple:
* php53m-5.3.29-1.ius.centos6
* php54m-5.4.45-1.ius.centos6
* php55m-5.5.38-1.ius.centos6
* php56m-5.6.30-2.ius.centos6
* php70m-7.0.17-1.ius.centos6
* php71m-7.1.3-1.ius.centos6
- Used: php55m-fpm
- Multiple: enable
3. Web Used: apache
- Hiawatha: hiawatha-10.5.0-f.2.mr.el6.i686
- Lighttpd: lighttpd-1.4.45-1.el6.i686
- Nginx: nginx-1.11.13-1.el6.ngx.i386
- Apache: httpd24u-2.4.25-3.ius.el6.i686
- PHP Type: php-fpm_event
- Secondary PHP: off
4. WebCache: none
- ATS: --uninstalled--
- Squid: --uninstalled--
- Varnish: --uninstalled--
5. Dns: none
- Bind: bind-9.9.9-1.mr.el6.i686
- DJBDns: djbdns-1.05-17.4.mr.el6.i386
- NSD: nsd-4.1.14-1.el6.i686
- PowerDNS: pdns-4.0.3-1.el6.MIND.i686
- Yadifa: yadifa-2.2.3-1.mr.el6.i686
6. Mail: qmail-toaster-1.03-1.3.55.mr.el6.i386
- pop3/imap4: courier-imap-toaster-4.1.2-1.3.20.mr.el6.i686
- smtp: qmail-toaster-1.03-1.3.55.mr.el6.i386
- spam: --uninstalled--
7. FTP: pure-ftpd
- pure-ftpd: pure-ftpd-1.0.37-1.mr.el6.i386
8. Stats: awstats
- awstats: --uninstalled--
D. Memory:
total used free shared buffers cached
Mem: 2909 2393 515 1 431 1251
-/+ buffers/cache: 709 2199
Swap: 511 0 511
E. Disk Space:
Filesystem Size Used Avail Use% Mounted on
/dev/vda1 39G 23G 15G 61% /
*** Process Time: 00:00:00:50.50727 (dd:hh:mm:ss:xxxxxx) ***
-
Check your server IP and domain with mxtoolbox.com.
-
Everything still looks OK on mxtoolbox.com
It is not in any blacklist that site checks.
The mx record check is OK, and returns mail.mydomain.com
Test Result
DNS Record Published DNS Record found
SPF check:
Test Result
DNS Record Published DNS Record found
SPF Record Published SPF Record found
SPF Record Deprecated No deprecated records found
SPF Syntax Check The record is valid
SPF Multiple Records Less than two records found
SPF Included Lookups Number of included lookups is OK
The SMTP test:
##
Test Result
SMTP Connection Time 15.017 seconds - Not good! on Connection time More Info
SMTP Transaction Time 17.267 seconds - Not good! on Transaction Time More Info
SMTP Reverse DNS Mismatch OK - 89.33.6.202 resolves to mail.mydomain.com
SMTP Valid Hostname OK - Reverse DNS is a valid Hostname
SMTP Banner Check OK - Reverse DNS matches SMTP Banner
SMTP TLS OK - Supports TLS.
SMTP Open Relay OK - Not an open relay.
DNS test:
Result
Open Zone Transfer Detected
79.170.40.2
79.170.43.3 More Info
DNS Record found
No Bad Glue Detected
At Least Two Name Servers Found
All name servers are responding
All of the name servers are Authoritative
Local NS list matches Parent NS list
Name Servers appear to be Dispersed
Name Servers have Public IP Addresses
Serial numbers match
2016092762
Primary Name Server Listed At Parent
SOA Serial Number Format appears valid
SOA Refresh Value is within the recommended range
SOA Retry Value is within the recommended range
SOA Expire Value within recommended limits
SOA Minimum TTL Value is within allowed values
No Open Recursive Name Server Detected
-
Read https://forum.mratwork.com/kloxo-mr-technical-helps/cname_lookup_failed_temporarily/ for the same issue.
-
Same issue with me
Apr 12 08:29:19 server send: delivery 1: deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/
I think I have a clue but I'm not sure, I read somewhere that qmail can only handle DNS lookups (including cname and mx) up to a certain amount of bits and to be able to work with bigger lookups it need to be patched, but since qmail is installed from the kloxo repos I haven't done any patching and to be honest, I'm not even sure if I know how to do it.
I check the records for the domain that I want to send an e-mail and they are fine, also that error is just happening for a few of the e-mails I try to send from my server
-
Same issue with me
Apr 12 08:29:19 server send: delivery 1: deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/
I think I have a clue but I'm not sure, I read somewhere that qmail can only handle DNS lookups (including cname and mx) up to a certain amount of bits and to be able to work with bigger lookups it need to be patched, but since qmail is installed from the kloxo repos I haven't done any patching and to be honest, I'm not even sure if I know how to do it.
I check the records for the domain that I want to send an e-mail and they are fine, also that error is just happening for a few of the e-mails I try to send from my server
You can use their src.rpm for your patch. See http://rpms.mratwork.com/repo/mratwork/SRPMS/
-
I had worked through this thread before posting:
https://forum.mratwork.com/kloxo-mr-technical-helps/cname_lookup_failed_temporarily/
I have tried other DNS servers from this list in my resolv.conf:
https://www.lifewire.com/free-and-public-dns-servers-2626062
I also found this:
https://support.plesk.com/hc/en-us/articles/213903265-Many-errors-in-maillog-CNAME-lookup-failed-temporarily-4-4-3-
That is why I was trying
host -tCNAME hotmail.co.uk 8.8.8.8
Whereever else I try that (server at work, PC at home), I still get
--
hotmail.co.uk has no CNAME record
--
trying various hosts and DNS servers. Things don't seem to work the way that plesk article said.
How can I see more details debug logging of the outgoing email? What is in the /var/log/maillog is brief.
-
I don't know what changed yesterday to stop qmail sending for me. Or why CNAME lookups don't work.
These instructions for patching look interesting:
https://www.webfactory.de/blog/patch-qmail-in-ubuntu-to-avoid-cname-lookup-failed-temporarily-errors
-
I actually extracted qmail-toaster from MR's repo and checked that qmail is already patched for big DNS lookups, so here it goes my theory.
No idea than what's causing since, I'm in the same boat as you
-
In certain providers, need add 'gateway' in /etc/sysconfig/network.
-
I'm not surprised qmail-toaster already has the big DNS patch. It must have lots of improvements over qmail.
Is there anyting like this patch in there?
https://gist.githubusercontent.com/mpdude/21f358700902d55fb616/raw/eb5ed38db9918da81bb589b67e04118584df42a3/0005-remove-cname-check.diff
-
Wouldn't having a missing GATEWAY in /etc/sysconfig/network mean all networking would be broken?
I do not have one, but web serving and incoming mail are all working normally.
-
This is happening in 3 of my servers running kloxo :(
-
This is interesting:
http://fanf.livejournal.com/122220.html
It sounds like we may need qmail to not use CNAME or ANY queries.
I've tried doing an ANY query to all the DNS servers on the free list I posted earlier, and they all time out:
host -tANY hotmail.co.uk 109.69.8.51
-
FINALLY, I think I fixed, at least my e-mails on the queue were already proccesed after applying the any-to-cname patch
I will update after being 100% sure that the e-mails are working again
UPDATE: Yeah it worked, all my e-mails are being delivered now!
@MRatWork if you want to include this patch in your qmail rpm it would be great, it's just one line that changes in the dns.c which make it trim in all the information qmail needs to make the lookup
http://www.memoryhole.net/qmail/#any-to-cname
Thanks
-
If you mean using https://www.ckdhr.com/ckd/qmail-103.patch, qmail-toaster already use it with named as qmail_qmailtoaster-big-dns.patch
-
If you mean using https://www.ckdhr.com/ckd/qmail-103.patch, qmail-toaster already use it with named as qmail_qmailtoaster-big-dns.patch
It's a different patch, that one you are talking about basically what it does is to increase the maximum size of a lookup qmail do when sending and e-mail, and the patch I was refering is to basically trim the information of the lookup qmail needs, on the dns.c it's just one line that is changed from "any" to "cname".
That was the only way I was able to make it sending e-mails again to providers that have a lot of records
-
Did you compare between 2 patch?.
-
I did now, I don't know what to say, but I've only be able to fix my problem after doing the one I was saying, that change just that single line.
Same issue afecting 3 of my servers (2 x86_64 and the other i686) and after recompiling individually qmail with that patch for each server I was able to fix that error message.
-
Great - thanks!
Rebuilding it with that patch worked for me too. :)
This was the patch:
http://www.memoryhole.net/qmail/any-to-cname.patch
--- qmail-1.03-original/dns.c Mon Jun 15 10:53:16 1998
+++ qmail-1.03/dns.c Wed Mar 5 11:31:13 2003
@@ -196,7 +196,7 @@
if (!sa->len) return loop;
if (sa->s[sa->len - 1] == ']') return loop;
if (sa->s[sa->len - 1] == '.') { --sa->len; continue; }
- switch(resolve(sa,T_ANY))
+ switch(resolve(sa,T_CNAME))
{
case DNS_MEM: return DNS_MEM;
case DNS_SOFT: return DNS_SOFT;
-
Hmm, i'm using Kloxo-MR update from 2 weeks back.
Now i did send a test email to sdfd@live.com:
Apr 12 18:01:43 mail send: delivery 2086: success: User_and_password_not_set,_continuing_without_authentication./<sdfsdf@live.com>_65.55.37.72_accepted_message./Remote_host_said:_250__<8482ed98446fe407e97d924e2c43b8d0@kloxomrdomain.com>_Queued_mail_for_delivery/
I received it right away. Did the issue appear recently?
-
Update with 'yum clean all; yum update -y; sh /script/restart-mail'.