I double-checked. The only line is: nameserver 127.0.0.1
dnscache has already cached a lot of stuff, it's like qmail just refuses to work with dns. It tries to deliver a message for almost 30 seconds and then gives the error.
Do you still think it's the firewall?
Maybe? does your qmail server have A and PTR records? Cname is alias and it should not be used with mail-server.
-- Eero
