Askdns problem ?

Fri, 16 Sep 2022 14:05:41 -0700 

Hi,
I'm facing a problem with SA, that seems to be related to askdns.
Mail server on Ubuntu 22.04 LTS, spamassassin 3.4.6 via exim4. Local bind9 DNS server.
Mail received from webex.com does not get SPF checked, which in turn triggers a local rule: 
meta DMARK_REJECT !(DKIM_VALID_AU || SPF_PASS || NO_RELAYS)
Webex does not use DKIM, but it has a kind of complex SPF setup, that may be ok (not 100% sure, but they are cisco after all ?) 

After enabling debug I can see that the TXT query returns 0 RRs:
Sep 16 11:45:39 doors spamd[462278]: askdns: answer received, rcode NOERROR, query IN/TXT/webex.com, answer has 0 records 

while dig has a different idea:

dig -t TXT webex.com
;; Truncated, retrying in TCP mode.

; <<>> DiG 9.18.1-1ubuntu1.1-Ubuntu <<>> -t TXT webex.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56230
;; flags: qr rd ra; QUERY: 1, ANSWER: 26, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: b7c24959678df920010000006324d83008d33f7982f281d1 (good)
;; QUESTION SECTION:
;webex.com.                     IN      TXT

;; ANSWER SECTION:
webex.com. 300 IN TXT "google-site-verification=qXk-s_bdPaqiuaDN9jJCQjvNyw_hVkxXDhkm-1mZn14" 
webex.com.              300     IN      TXT     "slimtesttxt20170824002"
webex.com. 300 IN TXT "QuoVadis=c1bf1f71-e21f-4ef5-92d9-3285c488767a" webex.com. 300 IN TXT "google-site-verification=BEWshakJYRMouwSQKX3vk5144-qUL1wwUWLU-XtfQ" 
webex.com.              300     IN      TXT     "slimtesttxt20170824001"
webex.com.              300     IN      TXT     "MS=ms74589643"
webex.com. 300 IN TXT "google-site-verification=BEWshakJYRMouwSQKX_3vk5_144-qUL1wwUWLU-XtfQ" webex.com. 300 IN TXT "identrust_validate=5g4Ebjbv8fCTROWcobqHmDRBtTU+zBMHM1AiuGdcCbtd" 
webex.com.              300     IN      TXT     "MS=ms61160488"
webex.com. 300 IN TXT "QuoVadis=5a740d9e-6664-4d4c-8d87-716da9d530a7" 
webex.com.              300     IN      TXT     "MS=ms67549965"
webex.com. 300 IN TXT "identrust_validate=08N0ASND+yUGXL08IVK8mdMWNhvz1ZqiXe6WCC5eI2e/" webex.com. 300 IN TXT "v=spf1 redirect=_spf.webex.com" 
webex.com.              300     IN      TXT     "lqucp0f6u7alqi7kgrjo5vsov5"
webex.com. 300 IN TXT "QuoVadis=eed4c791-aa21-4b45-8c91-2d83a93af871" 
webex.com.              300     IN      TXT     "lrg2pr6u4ubansuv47jtmmfd3p"
webex.com.              300     IN      TXT     " ms93683787.msv1.invalid"
webex.com. 300 IN TXT "amazonses:n3XkGYyvmC8SrhX+CqICjY4eWnyKFwPo6mdHTMsmeu4=" 
webex.com.              300     IN      TXT     "9cef3rr776cnjs1cu53q6hrium"
webex.com. 300 IN TXT "google-site-verification=3NhfQ1u_2ogGy3CA8qlIfFtMlW_nhx-VO85vAhT15a0" webex.com. 300 IN TXT "identrust_validate=bCd4oCoacz6pZ8C8/IRU0rItc1avij7uuIRBeMwUxa8T" webex.com. 300 IN TXT "google-site-verification=t2i1Swk8XPQDj6Llz_4Uxu3OKL3wfO_aaxYylFmQ8MU" 
webex.com.              300     IN      TXT     "MS=ms93683787"
webex.com. 300 IN TXT "google-site-verification=Z4Iwv_W8wkGKrlaPKLdcm3C_LDCydAJD6z3L1MAP7DI" webex.com. 300 IN TXT "google-site-verification=fHXTAHXgtW5_Dzt4PHZKGF2PAI0r6PEHqmHJbkxo4_k" webex.com. 300 IN TXT "google-site-verification=D1PXZV2EBUXGvgJdUWr3cahNprUgckDpzo8MgniDQHk" 

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (TCP)
;; WHEN: Fri Sep 16 17:10:24 -03 2022
;; MSG SIZE  rcvd: 1552

which leads me to believe askdns might not support tcp for resolving ?
In any case, help ?
TIA
--
Carlos G Mendioroz  <t...@huapi.ba.ar>  LW7 EQI  Argentina

Reply via email to