I'm having CNAME issues when trying to deliver outbound mail. Almost
all the mai is getting held up going outbound by an error saying
CNAME_lookup_failed_temporarily._(#4.4.3).
I've looked all around and find that all the solutions related to an old
patch which is in this version of code.
I a
Rich Kasting wrote:
I'm having CNAME issues when trying to deliver outbound mail. Almost
all the mai is getting held up going outbound by an error saying
CNAME_lookup_failed_temporarily._(#4.4.3).
I've looked all around and find that all the solutions related to an old
patch which is in this v
The weird part is that it's not blocking DNS queries that I issue from a
command prompt. It seems to think that the ones that qmail issues are
some sort of intrusion attempt pattern.
I can actually perform successful dig a and dig mx from the command prompt.
Does qmail really do something that
On Mon, 2005-03-28 at 08:28 -0500, Rich Kasting wrote:
Can you run dnscache on the qmail box? Also make sure that DNS Fixup is
enabled on the PIX (iirc) i havnt touched a PIX for a while.
Shane
> The weird part is that it's not blocking DNS queries that I issue from a
> command prompt. It seem
I didn't think dnscache would help because non of the email is getting
out because all are failing.
What will dnscache actually do to fix the problem? I know it will
cache lookups, does it query in a different manner? Will it take over
for qmail's queries? If so, where can I find good instr
On Mon, 2005-03-28 at 08:49 -0500, Rich Kasting wrote:
> I didn't think dnscache would help because non of the email is getting
> out because all are failing.
>
You said that when you do a normal dig or host lookup from the shell
there is no problem, so one would assume that using dnscache the qu
Do you know where I can find good directions to install dnscache? Is
there an rpm for Fedora Core 3.
Shane Chrisp wrote:
On Mon, 2005-03-28 at 08:49 -0500, Rich Kasting wrote:
I didn't think dnscache would help because non of the email is getting
out because all are failing.
On Mon, 2005-03-28 at 09:28 -0500, Rich Kasting wrote:
> Do you know where I can find good directions to install dnscache? Is
> there an rpm for Fedora Core 3.
>
Try this http://cr.yp.to/djbdns/run-cache.html
Shane Chrisp wrote:
On Mon, 2005-03-28 at 09:28 -0500, Rich Kasting wrote:
Do you know where I can find good directions to install dnscache? Is
there an rpm for Fedora Core 3.
Try this http://cr.yp.to/djbdns/run-cache.html
I don't think that it is solution. Fix broken pix firewall rules.
--
Eero
I put it on place. The dnscaching works, but qmail still has cname
errors.
Any ideas? I'm getting desperate. It seems as though qmail is just
busted.
Shane Chrisp wrote:
On Mon, 2005-03-28 at 09:28 -0500, Rich Kasting wrote:
Do you know where I can find good directions to ins
On Mon, 2005-03-28 at 10:08 -0500, Rich Kasting wrote:
> I put it on place. The dnscaching works, but qmail still has cname
> errors.
Did you change /etc/resolv.conf to point to the local dnscache instead
of your external resolver?
I double-checked. The only line is:
nameserver 127.0.0.1
dnscache has already cached a lot of stuff, it's like qmail just refuses
to work with dns. It tries to deliver a message for almost 30 seconds
and then gives the error.
Do you still think it's the firewall?
There is only one other change
Rich Kasting wrote:
I double-checked. The only line is:
nameserver 127.0.0.1
dnscache has already cached a lot of stuff, it's like qmail just refuses
to work with dns. It tries to deliver a message for almost 30 seconds
and then gives the error.
Do you still think it's the firewall?
Maybe? doe
Really? If I use an alias (CNAME) for the mailserver, it will not want
to deliver?
I'm not sure if that's the case, but I'll check with the network guy.
Come to think of it, the server name is mail.netprivateer.com and the
domain is netprivateer.com... would it be aliased to accomodate that?
S
Rich Kasting wrote:
Really? If I use an alias (CNAME) for the mailserver, it will not want
to deliver?
I'm not sure if that's the case, but I'll check with the network guy.
Come to think of it, the server name is mail.netprivateer.com and the
domain is netprivateer.com... would it be aliased to
I noticed that my dnscache is pointing to an external dns server, not
the internal one. This is also bad because the server can't see itself
with it's internal address. How do I configure which dns servers it
uses as sources?
Rich Kasting wrote:
Really? If I use an alias (CNAME) for the mail
Rich Kasting wrote:
I noticed that my dnscache is pointing to an external dns server, not
the internal one. This is also bad because the server can't see itself
with it's internal address. How do I configure which dns servers it
uses as sources?
This is starting to get off-topic here, and has
OK. Sorry for clogging the thread. It sounds like everyone is in
agreement that it's related to the PIX because it's interfering with DNS?
If so, I'll wait for our network guy to return, we'll pursue that, and
I'll put a response here with the solution.
Bill Shupp wrote:
Rich Kasting wrote:
I
Rich Kasting wrote:
OK. Sorry for clogging the thread. It sounds like everyone is in
agreement that it's related to the PIX because it's interfering with DNS?
If so, I'll wait for our network guy to return, we'll pursue that, and
I'll put a response here with the solution.
Perfect. Thanks!
Bi
Solution:
Here is the final word: my qmail server does an all records request
whenever it tries to send for mail... or at least that's what the PIX
thinks it is doing. The PIX intrusion detection engine drops the DNS
session and kills delivery.
On the PIX:
ip audit signature 6053 disable
wr m
Rich Kasting wrote:
Solution:
Here is the final word: my qmail server does an all records request
whenever it tries to send for mail... or at least that's what the PIX
thinks it is doing. The PIX intrusion detection engine drops the DNS
session and kills delivery.
Update your PIX or switch to
Rich Kasting wrote:
Solution:
On the PIX:
ip audit signature 6053 disable
wr mem
Great, thanks for posting the solution. I'm sure it'll come up again.
Regards,
Bill
Hi,
I know that this thread if off-topic, so I looking for some direction and
I would like to thanks everyone that can give some "light". I'll undestand
if it's not possible and not post again asking for this.
In the toaster we setup two run scripts for pop protocol: one for pop3d
and anothe
Walter Souto R. Junior wrote:
Hi,
I know that this thread if off-topic, so I looking for some direction
and I would like to thanks everyone that can give some "light". I'll
undestand if it's not possible and not post again asking for this.
In the toaster we setup two run scripts for pop protoc
Has anyone tried ezmlm-idx-0.435? Specifically, does it work with
qmailadmin nicely?
I'm investigating this after a client pointed out that received headers
on messages going through ezmlm do NOT contain IP addresses or
hostnames. I do not see this mentioned in the change log of
ezmlm-idx-0.
25 matches
Mail list logo
