Date: Thu, 18 May 2023 22:44:21 -0400 From: "Dan Mahoney (Ports)" <freebsd@gushi.org> To: vagabond <vagabond@blackfoot.net> Cc: Dewayne <dewayne@heuristicsystems.com.au>, questions@freebsd.org Subject: Re: sendmail error, "MX list for mydomain.com points back to server.mydomain.com" Message-ID: <D387452C-FEB0-4C39-9B24-983973E1DF70@gushi.org> In-Reply-To: <2f8bca59462afe206043bea73241bbf2@blackfoot.net> References: <303e35e4d89e68dcd9863239dcda568e@blackfoot.net> <fc362386-aabd-618f-4dcd-9be14dbe89a5@heuristicsystems.com.au> <30b97aa95162c163c1781ba1a0fa8e25@blackfoot.net> <A118A90A-14E6-409B-AC25-FE2704A19741@gushi.org> <b427a49877034f7407545744b4446744@blackfoot.net> <15AF7ED7-BBD9-428D-939F-4AA5B349C578@gushi.org> <66db9ba3bd66fcc56affdbf7a2621021@blackfoot.net> <2f8bca59462afe206043bea73241bbf2@blackfoot.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_E54FCDCF-8EDE-48F8-B2D3-C2611D36D3A2 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Do you see it? It=E2=80=99s subtle. =20 Your system is asking your own 127.0.0.1 DNS for the AAAA for = ns.dreamchaser.org (because sendmail attempts ipv6 before it attempts = ipv4) You forgot a trailing . in your NS records. Your DNS kicks back that = =E2=80=9Chey, I don=E2=80=99t know about ns.dreamchaser.org=E2=80=9D so = it gives you an SOA record. (answer =3D 0, authority =3D 1) is doing lookups for ns.dreamchaser.org.dreamchaser.org because of that. Post your zone file? Also, pro tip, If you say =E2=80=9CI=E2=80=99m running this query and = everything comes back as expected=E2=80=9D please do include the OUTPUT = of those queries. You don=E2=80=99t know what you=E2=80=99re looking = for. Here=E2=80=99s what I think it happening: (Have a reference here: = https://docstore.mik.ua/orelly/other/Sendmail_3rd/1565928393_sendmail3-chp= -9-sect-2.html) Your system is looking at its own rdns/fdns, and discovering that its = hostname is ns.dreamchaser.org.dreamchaser.org (probably because your = primary IP is not present in /etc/hosts). It attempts to deliver to = itself, and finds that mail SHOULD come to it (since your = misconfiguration says your MX is ns.dreamchaser.org.dreamchaser.org AND = that=E2=80=99s what you resolve to, but = ns.dreamchaser.org.dreamchaser.org isn=E2=80=99t in = /etc/mail/local-host-names. Recommendations: * Put your primary addresses in /etc/hosts =E2=80=94 there are numerous = documented cases of sendmail ignoring /etc/hosts but it *might* help = clue it in to your proper hostname at least. * Fix your forward and reverse DNS * (and in fact, stop faking it out. Fix it at your hosting provider. = if your hosting provider is taking this long, find another one) -Dan > On May 18, 2023, at 6:36 PM, vagabond <vagabond@blackfoot.net> wrote: >=20 > I turned a bunch of debug flags on and ran sendmail in the foreground, > and I see the following output: >=20 > sm_gethostbyname(ns.dreamchaser.org, 28)... > ;; res_nquerydomain(ns.dreamchaser.org, <Nil>, 1, 28) > ;; res_query(ns.dreamchaser.org, 1, 28) > ;; res_nmkquery(QUERY, ns.dreamchaser.org, IN, AAAA) > ;; res_send() > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19039 > ;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > ;; ns.dreamchaser.org, type =3D AAAA, class =3D IN > ;; Querying server (# 1) address =3D 127.0.0.1 > ;; new DG socket > ;; got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19039 > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: = 0 > ;; ns.dreamchaser.org, type =3D AAAA, class =3D IN > dreamchaser.org. 10M IN SOA ns.dreamchaser.org. = root.dreamchaser.org. ( > 2023051708 ; serial > 4H ; refresh > 1H ; retry > 1H ; expiry > 10M ) ; minimum >=20 > ;; rcode =3D (NOERROR), counts =3D an:0 ns:1 ar:0 > ;; res_nquerydomain(ns.dreamchaser.org, dreamchaser.org, 1, 28) > ;; res_query(ns.dreamchaser.org.dreamchaser.org, 1, 28) > ;; res_nmkquery(QUERY, ns.dreamchaser.org.dreamchaser.org, IN, AAAA) > ;; res_send() > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45481 > ;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > ;; ns.dreamchaser.org.dreamchaser.org, type =3D AAAA, class =3D = IN > ;; Querying server (# 1) address =3D 127.0.0.1 > ;; new DG socket > ;; got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45481 >=20 > It's not clear to me what's going on; I don't see any of those = function > calls like res_nquerydomain in the code. > Can someone tell me what those are? >=20 > And does the above point a finger anywhere in particular? >=20 > hostname is "ns.dreamchaser.org", set in rc.conf >=20 > dig @127.0.0.1 ns.dreamchaser.org > dig ns.dreamchaser.org > nslookup dreamchaser.org > nslookup ns.dreamchaser.org >=20 > all successfully return the appropriate ip. >=20 > Thanks, >=20 > Gary --Apple-Mail=_E54FCDCF-8EDE-48F8-B2D3-C2611D36D3A2 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 <html><head><meta http-equiv=3D"content-type" content=3D"text/html; = charset=3Dutf-8"></head><body style=3D"overflow-wrap: break-word; = -webkit-nbsp-mode: space; line-break: after-white-space;">Do you see it? = It=E2=80=99s subtle. <div><br></div><div>Your system is = asking your own 127.0.0.1 DNS for the AAAA for ns.dreamchaser.org = (because sendmail attempts ipv6 before it attempts = ipv4)<br><div><br></div><div>You forgot a trailing . in your NS records. = Your DNS kicks back that =E2=80=9Chey, I don=E2=80=99t know about = ns.dreamchaser.org=E2=80=9D so it gives you an SOA record. (answer =3D = 0, authority =3D 1)</div><div><br></div><div>is doing lookups for = ns.dreamchaser.org.dreamchaser.org because of = that.</div><div><br></div><div>Post your zone = file?<br><div><br></div><div>Also, pro tip, If you say =E2=80=9CI=E2=80=99= m running this query and everything comes back as expected=E2=80=9D = please do include the OUTPUT of those queries. You don=E2=80=99t = know what you=E2=80=99re looking for.</div><div><br></div><div>Here=E2=80=99= s what I think it happening: (Have a reference here: <a = href=3D"https://docstore.mik.ua/orelly/other/Sendmail_3rd/1565928393_sendm= ail3-chp-9-sect-2.html">https://docstore.mik.ua/orelly/other/Sendmail_3rd/= 1565928393_sendmail3-chp-9-sect-2.html</a>)</div><div><br></div><div>Your = system is looking at its own rdns/fdns, and discovering that its = hostname is ns.dreamchaser.org.dreamchaser.org (probably because your = primary IP is not present in /etc/hosts). It attempts to deliver = to itself, and finds that mail SHOULD come to it (since your = misconfiguration says your MX is ns.dreamchaser.org.dreamchaser.org AND = that=E2=80=99s what you resolve to, but = ns.dreamchaser.org.dreamchaser.org isn=E2=80=99t in = /etc/mail/local-host-names.</div><div><br></div><div>Recommendations:</div= ><div><br></div><div>* Put your primary addresses in /etc/hosts =E2=80=94 = there are numerous documented cases of sendmail ignoring /etc/hosts but = it *might* help clue it in to your proper hostname at least.</div><div>* = Fix your forward and reverse DNS</div><div>* (and in fact, stop faking = it out. Fix it at your hosting provider. if your hosting = provider is taking this long, find another = one)</div><div><br></div><div>-Dan<br><div><div><br><blockquote = type=3D"cite"><div>On May 18, 2023, at 6:36 PM, vagabond = <vagabond@blackfoot.net> wrote:</div><br = class=3D"Apple-interchange-newline"><div><div>I turned a bunch of debug = flags on and ran sendmail in the foreground,<br>and I see the following = output:<br><br>sm_gethostbyname(ns.dreamchaser.org, 28)...<br>;; = res_nquerydomain(ns.dreamchaser.org, <Nil>, 1, 28)<br>;; = res_query(ns.dreamchaser.org, 1, 28)<br>;; res_nmkquery(QUERY, = ns.dreamchaser.org, IN, AAAA)<br>;; res_send()<br>;; = ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19039<br>;; = flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0<br>;; = ns.dreamchaser.org, type =3D AAAA, class =3D= IN<br>;; Querying server (# 1) address =3D 127.0.0.1<br>;; new DG = socket<br>;; got answer:<br>;; ->>HEADER<<- opcode: QUERY, = status: NOERROR, id: 19039<br>;; flags: qr aa rd ra; QUERY: 1, ANSWER: = 0, AUTHORITY: 1, ADDITIONAL: 0<br>;; = ns.dreamchaser.org, type =3D AAAA, class =3D= IN<br>dreamchaser.org. 10M IN = SOA ns.dreamchaser.org. = root.dreamchaser.org. (<br> = &n= bsp; &nbs= p; = 2023051708 ; serial<br> = &n= bsp; &nbs= p; = 4H = &n= bsp;; refresh<br> = &n= bsp; &nbs= p; = 1H = &n= bsp;; retry<br> = &n= bsp; &nbs= p; = 1H = &n= bsp;; expiry<br> = &n= bsp; &nbs= p; = 10M ) = ; = minimum<br><br>;; rcode =3D (NOERROR), counts =3D an:0 ns:1 ar:0<br>;; = res_nquerydomain(ns.dreamchaser.org, dreamchaser.org, 1, 28)<br>;; = res_query(ns.dreamchaser.org.dreamchaser.org, 1, 28)<br>;; = res_nmkquery(QUERY, ns.dreamchaser.org.dreamchaser.org, IN, AAAA)<br>;; = res_send()<br>;; ->>HEADER<<- opcode: QUERY, status: = NOERROR, id: 45481<br>;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, = ADDITIONAL: 0<br>;; = ns.dreamchaser.org.dreamchaser.org, type =3D= AAAA, class =3D IN<br>;; Querying server (# 1) address =3D = 127.0.0.1<br>;; new DG socket<br>;; got answer:<br>;; = ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: = 45481<br><br>It's not clear to me what's going on; I don't see any of = those function<br>calls like res_nquerydomain in the code.<br>Can = someone tell me what those are?<br><br>And does the above point a finger = anywhere in particular?<br><br>hostname is "ns.dreamchaser.org", set in = rc.conf<br><br>dig @127.0.0.1 ns.dreamchaser.org<br>dig = ns.dreamchaser.org<br>nslookup dreamchaser.org<br>nslookup = ns.dreamchaser.org<br><br>all successfully return the appropriate = ip.<br><br>Thanks,<br><br>Gary<br></div></div></blockquote></div><br></div= ></div></div></div></body></html>= --Apple-Mail=_E54FCDCF-8EDE-48F8-B2D3-C2611D36D3A2--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?D387452C-FEB0-4C39-9B24-983973E1DF70>