Re: intermittent DNS lookup failure in combination with reject_unknown_client_hostname
- On Sat, Dec 01, 2012 at 09:31:41PM +0100, IMAP List Administration wrote:
> At any rate, we periodically see (1-5 times per day) a "Client host rejected:If you see this for all remote MTAs, the problem is with your DNS
> cannot find your hostname" rejection, followed by a successful retry from the
> remote MTA. When we check the DNS records, they always appear to be in order.
> The remote MTAs belong to various organizations, but typically ones where one
> would expect the DNS config to be well-maintained. (see bottom for an example
> rejection and the ensuing successful retry).
software or network connectivity. If it is just for certain remote
MTAs and not the rest, the problem is with their DNS.
> 1) is it possible that we are observing a bug in postfix in conjunction withNo such bugs are known, likely or observed by other sites. DNS
> DNS-queries? Are there any such known bugs?
clients are much simpler than DNS servers, look for bugs in DNS
configuration then the DNS servers or in the network.
> 2) can someone give me a tip on how to configure BIND to log the information IThis is not simple. First use your Postfix logs to find out which domains
> need to figure out why DNS lookups may be failing intermittently, and how to
> read it properly?
or IPs exhibit the transient errors, and whether such errors are
random or tied to specific domains.
- IMAP List Administration:
> Summary:Obviously, the above attempts all share the same problem, i.e. the
> - upgraded OS
> - upgraded Postfix
> - cut local named out of system
> but no change. Anyone have a suggestion as to how to pursue this problem?
problem is your network or something beyond your network.
Try running nsping (name server ping) over a long stretch of time
(e.g., 24 hours). It will tell you about dropped queries a variations
in response times.