On Thu, 2015-08-20 at 15:10 +0100, hospice admin wrote: > Basically ... Mail is being deferred if any of the To or Cc addresses > in the mail *header* fail DNS resolution. So, if I receive a mail: > To: me@mydomain.comCc: some...@bogusdomain.com > Mail sits in teh queue on my server until the NS for bogusdomain.com > comes back to life. If I add an entry for the bogus domain to my DNS > server, all is fine. I can see the query come into my nameserver logs > if I do this. > My guess is that some of the processing that SA is doing generates > the lookup on To/Cc addresses, since if I take MD out of my > sendmail.mc, this doesn't happen.
I don't know if this is relevant but.... I haven't seen any similar misbehaviour from SA since I upgraded to Fedora 22. However, I have noticed that DNS queries seem slower than before and that after the upgrade DNS started logging a shedload of DNS log messages which show up in the daily logwatch report. These are mostly unexpected RCODEs during lookups and reverse lookups along with a smaller number of validation requests failing due to invalid signatures and a few timeouts while fetching DNSKEY sets. My SA setup is quite a lot different to yours: I only scan incoming mail, which is periodically fetched with getmail. Its mail delivery script uses spamc to pass messages to spamd, afyter which it quarantines spam and passes ham to Postfix for delivery. I don't use Postfix to do sender address checks, so DNS lookup failure can't cause mail delivery delays. I wonder if similar DNS issues can be causing your delivery delays? Martin
