On 2009-05-14, Eric <rabbitearcr...@gmail.com> wrote: > I'm encountering a strange DNS / e-mail problem an a mail server > running OpenBSD 4.3. > > Sometimes, DNS returns completely unexpected results. I get two > completely different answers to the same DNS query with the incorrect > answers being returned by the DNS server that is being used by the > mail server. > > For example, "whois ruhl.in" shows that the name servers are > dns1.name-services.com to dns5.name-services.com. > > Then, "dig @dns1.name-services.com -t mx ruhl.in" returns:
They screwed up their domain setup. People aren't as careful with CNAMEs as they should be. > > ********************************************************************* > > ; <<>> DiG 9.4.2 <<>> @dns1.name-services.com -t mx ruhl.in > ; (1 server found) > ;; global options: printcmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3610 > ;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 5, ADDITIONAL: 5 > > ;; QUESTION SECTION: > ;ruhl.in. IN MX > > ;; ANSWER SECTION: > ruhl.in. 1800 IN MX 10 ASPMX.L.GOOGLE.COM. > ruhl.in. 1800 IN MX 20 ALT1.ASPMX.L.GOOGLE.COM. > ruhl.in. 1800 IN MX 30 ALT2.ASPMX.L.GOOGLE.COM. > ruhl.in. 1800 IN MX 40 ASPMX2.GOOGLEMAIL.COM. > ruhl.in. 1800 IN MX 50 ASPMX3.GOOGLEMAIL.COM. > > ;; AUTHORITY SECTION: > ruhl.in. 3600 IN NS dns1.name-services.com. > ruhl.in. 3600 IN NS dns2.name-services.com. > ruhl.in. 3600 IN NS dns3.name-services.com. > ruhl.in. 3600 IN NS dns4.name-services.com. > ruhl.in. 3600 IN NS dns5.name-services.com. > > ;; ADDITIONAL SECTION: > dns1.name-services.com. 3600 IN A 98.124.192.1 > dns2.name-services.com. 3600 IN A 69.64.157.18 > dns3.name-services.com. 3600 IN A 98.124.193.1 > dns4.name-services.com. 3600 IN A 69.64.145.225 > dns5.name-services.com. 3600 IN A 70.42.37.7 > > ********************************************************************* > > But if I use the name server used by the e-mail server, > "dig -t mx ruhl.in", returns: > > ********************************************************************* > > ; <<>> DiG 9.4.2 <<>> -t mx ruhl.in > ;; global options: printcmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26226 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;ruhl.in. IN MX > > ;; ANSWER SECTION: > ruhl.in. 471 IN CNAME ghs.google.com. > ghs.google.com. 482751 IN CNAME ghs.l.google.com. > > ;; AUTHORITY SECTION: > l.google.com. 60 IN SOA e.l.google.com. > dns-admin.google.com. 1380328 900 900 1800 60 > > ********************************************************************* > > When I change the /etc/resolv.conf file on the mail server > to swap the order of the DNS servers, then dig returns > the correct records for a little while until the records > expire and then switches to the incorrect one! > > Meanwhile, the DNS server that had been listed first and is > now second begins to return the correct records once those > records expire. > > Has anyone seen this kind of behavior before? Can anyone explain > what is happening here? It's driving me up the wall. > > Eric Johnson
