Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 6 Aug 2013 15:10:05 +0400
From:      Pavel Timofeev <timp87@gmail.com>
To:        freebsd-stable@freebsd.org
Cc:        gshapiro@freebsd.org
Subject:   Sendmail-8.14.7 doesn't work with MS DNS in IPv4 network
Message-ID:  <CAAoTqfurC_A8EsSz=jz4Cpkxj1=JutVnYQ-rpaB5eVyshm1g8w@mail.gmail.com>
next in thread | raw e-mail | index | archive | help 
Hello!

I found a problem in new FreeBSD 9.2-{BETA2,RC1} which uses Sendmail-8.14.7.
If you try to send email from FreeBSD 9.2 in IPv4 network with MS DNS
you won't receive it.
But in same time email passes from FreeBSD 9.1-RELEASE which uses
Sendmail-8.14.5.

It's because of two things.

First thing: Sendmail behaviour changed between these two releases
when it tries to resolve mx server name. For example, I did `echo foo
| mail timp@xxx.ru`.

Sendmail-8.14.5's tcpdump output:
14:30:45.061950 IP 10.0.2.15.30979 > hercules.xxx.ru.domain: 62684+
MX? xxx.ru. (24)
14:30:45.063064 IP hercules.xxx.ru.domain > 10.0.2.15.30979: 62684*
1/0/1 MX kalmar.xxx.ru. 10 (63)
14:30:45.063624 IP 10.0.2.15.39212 > hercules.xxx.ru.domain: 62685+
AAAA? kalmar.xxx.ru. (31)
14:30:45.064460 IP hercules.xxx.ru.domain > 10.0.2.15.39212: 62685* 0/1/0 (82)
14:30:45.064766 IP 10.0.2.15.44381 > hercules.xxx.ru.domain: 62686+ A?
kalmar.xxx.ru. (31)
14:30:45.065530 IP hercules.xxx.ru.domain > 10.0.2.15.44381: 62686*
1/0/0 A 192.168.31.190 (47)
14:30:45.066014 IP 10.0.2.15.42197 > hercules.xxx.ru.domain: 62687+ A?
kalmar.xxx.ru. (31)
14:30:45.066810 IP hercules.xxx.ru.domain > 10.0.2.15.42197: 62687*
1/0/0 A 192.168.31.190 (47)
14:30:45.071833 IP 10.0.2.15.23534 > hercules.xxx.ru.domain: 62688+
PTR? 15.2.0.10.in-addr.arpa. (40)


Sendmail-8.14.7's tcpdump output:
14:59:50.793338 IP reticulum.xxx.ru.19032 > hercules.xxx.ru.domain:
53417+ AAAA? xxx.ru. (24) [13/98]
14:59:50.793662 IP hercules.xxx.ru.domain > reticulum.xxx.ru.19032:
53417* 0/1/0 (75)
14:59:50.793696 IP reticulum.xxx.ru.55299 > hercules.xxx.ru.domain:
53418+ A? xxx.ru. (24)
14:59:50.794087 IP hercules.xxx.ru.domain > reticulum.xxx.ru.55299:
53418* 7/0/0 A 192.168.2.11, A 192.168.2.12, A 192.168.41.4, A
192.168.14.12, A 192.168.34.100, A 192.168.34.110, A 192.168.44.19  (136)
14:59:50.973445 IP reticulum.xxx.ru.29244 > hercules.xxx.ru.domain:
53419+ MX? xxx.ru. (24)
14:59:50.973754 IP hercules.xxx.ru.domain > reticulum.xxx.ru.29244:
53419* 1/0/1 MX kalmar.xxx.ru. 10 (63)
14:59:50.974061 IP reticulum.xxx.ru.56461 > hercules.xxx.ru.domain:
53420+ AAAA? kalmar.xxx.ru. (31)
14:59:50.974340 IP hercules.xxx.ru.domain > reticulum.xxx.ru.56461:
53420* 0/1/0 (82)
14:59:50.974570 IP reticulum.xxx.ru.28332 > hercules.xxx.ru.domain:
53421+ AAAA? kalmar.xxx.ru. (31)
14:59:50.974887 IP hercules.xxx.ru.domain > reticulum.xxx.ru.28332:
53421* 0/1/0 (82)
14:59:50.974919 IP reticulum.xxx.ru.21453 > hercules.xxx.ru.domain:
53422+ AAAA? kalmar. (24)
14:59:50.975290 IP hercules.xxx.ru.domain > reticulum.xxx.ru.21453:
53422 ServFail 0/0/0 (24)
14:59:50.975314 IP reticulum.xxx.ru.63038 > hercules.xxx.ru.domain:
53422+ AAAA? kalmar. (24)
14:59:50.975674 IP hercules.xxx.ru.domain > reticulum.xxx.ru.63038:
53422 ServFail 0/0/0 (24)
14:59:50.975749 IP reticulum.xxx.ru.38393 > hercules.xxx.ru.domain:
53423+ AAAA? kalmar.xxx.ru. (31)
14:59:50.976105 IP hercules.xxx.ru.domain > reticulum.xxx.ru.38393:
53423* 0/1/0 (82)
14:59:50.976176 IP reticulum.xxx.ru.45558 > hercules.xxx.ru.domain:
53424+ AAAA? kalmar. (24)
14:59:50.976483 IP hercules.xxx.ru.domain > reticulum.xxx.ru.45558:
53424 ServFail 0/0/0 (24)
14:59:50.976512 IP reticulum.xxx.ru.45297 > hercules.xxx.ru.domain:
53424+ AAAA? kalmar. (24)
14:59:50.976864 IP hercules.xxx.ru.domain > reticulum.xxx.ru.45297:
53424 ServFail 0/0/0 (24)


All of them asked MX and got it - kalmar.xxx.ru. Then they went to
resolve kalmar.xxx.ru.
Sendmail-8.14.5 asked one time for 'AAAA kalmar.xxx.ru.' and then went
to ask 'A kalmar.xxx.ru.'.
But Sendmail-8.15.7 asked several times for 'AAAA kalmar.xxx.ru.' and
then went to ask 'AAAA kalmar.' Without xxx.ru at then end, just
servername. What for? I don't know. This is change.
And yes, sendmail ignored ADDITIONAL SECTION from MX record and tried
to resolve mx server name independently.



Second thing: Sendmail-8.15.7 doesn't work with MS DNS in IPv4 network.
MS DNS answers SERVFAIL on 'AAAA kalmar.'
But BIND answers NXDOMAIN on same query.
In case of SERVFAIL answer Sendmail never goes to ask for any A
records. It tries to resolve 'AAAA kalmar.' again and again.
In case of NXDOMAIN answer Sendmail goes to ask for A record and no problem.
I checked it, set BIND server as DNS server for this test host.

In my network there are only MS DNS servers.
I tried to install sendmail-8.14.5 on FreeBSD 9.2-RC1 and got no
problem with email.
I tried to use ip6addrctl. No effect.

So what we gonna do? There will be so many crying persons in
mailinglist after 9.2-RELEASE I think)

P.S. here is russian version small discussion
http://ru-freebsd.livejournal.com/226451.html

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAAoTqfurC_A8EsSz=jz4Cpkxj1=JutVnYQ-rpaB5eVyshm1g8w>