You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Jerry Malcolm <Je...@Malcolms.com> on 2006/01/26 08:01:27 UTC
"Can't find DNS for domain" when domain does exist
I'm getting a bounce when trying to send mail to a valid domain. I get an
error in the log that says it can't find the dns entry. The dns entry is
clearly there when I do an nslookup.
However, I went to dnsreport.com and got the following error when it
analyzed the DNS for the domain:
===============
FAIL MX A lookups have no CNAMEs WARNING: One or more of your MX records
points to a CNAME. CNAMEs are prohibited in MX records, according to RFC974,
RFC1034 3.6.2, RFC1912 2.4, and RFC2181 10.3. The problem MX record(s) are:
mxmail.register.com.->rcom-outblaze-com.mr.outblaze.com.->205.158.62.206
===============
OK, seems pretty obvious that there's something wrong with the DNS. But is
this what's causing James to be unable to send the mail? Even if the error
is with the destination, my customer tells me other people have no problem
emailing this person. So the question is, how can make James not be so
overly sensitive to this problem?
Thanks.
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: "Can't find DNS for domain" when domain does exist
Posted by Stefano Bagnara <ap...@bago.org>.
JWM wrote:
> Stefano,
>
> I really appreciate your help in this ordeal.
>
> I copied your response to Register. According them, RFCs are now simply
> 'suggestions'... Is that true? I thought they were already mandatory.
Well, there's no JAIL for not following RFCs, but RFC are the only
specification around DNS/SMTP and this "old" internet protocols.
BTW, not to kill is somewhat a suggestion, too.. you can "override" the
rule, you just need a weapon :-).
> The one thing that is still nagging at me is the fact that James is widely
> used, and Register.com is not exactly a tiny outfit. Yet I'm the only
> person in the world having this problem (????). According to what everyone
> has said, it would seem EVERY instance of James in the world sending mail to
> any domain hosted by Register.com would have the same problem. I don't see
> it. I don't know any other domains offhand that are hosted by Register.
> I'd love to find out that other mx records are actually correct at Register.
Sorry, I don't have domains hosted at register.com.
> In the meantime, apparently two wrongs will have to make a right. If you
> could consider adding the incorrect implementation to deal with screwups
> like Register, I'd appreciate it.
The only temporary solution I find now is:
<mailet match="HostIs=brandilyncollins.com" mailet="RemoteDelivery">
... standard remote delivery configuration (please note that you must
use a different outgoing spool for each RemoteDelivery instance...
<gateway>rcom-outblaze-com.mr.outblaze.com</gateway>
</mailet>
This will only fix THAT domain.
Sorry but I don't have currently the time to implement the CNAME stuff.
Should anyone provide the needed patch, I'll review and commit it ASAP.
Stefano
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: "Can't find DNS for domain" when domain does exist
Posted by Stefano Bagnara <ap...@bago.org>.
JWM wrote:
> Stefano,
>
> I am currently running 2.2.0a17. I have no problem installing 2.3.0a1 and
> testing. But can you tell me if I have to make changes to my config file in
> order to upgrade? If so, is it massive? I seem to remember that I had
> significant amount of changes required when I moved up to where I am now.
> I'd love to move up and test it (and hopefully solve the problem). But I
> don't have the bandwidth to do a major migration. Will everything still
> work as-is on the new version?
There are many changes in configuration files:
http://wiki.apache.org/james/JamesV2
2.3.0a1 is ALPHA code so it is not stable: you probably want to test it
only to tell us wether the problem is solved or not so it will be
included in the next stable release.
The good news is that James 2.3-x is fully storage compatible with 2.2.0
so, to move from 2.2.0 to 2.3.0 and back you only need to change the xml
files and the phoenix distribution but you can keep the same identical
db / file store.
So, don't put 2.3.0a1 in production right now, but you probably want to
test it and let us know if the dns problem is solved and if the
2.2.0-2.3.0 upgrade path seems to be easy or if you find any problem
working on it.
You 2.2.0a17 is a "standard" distribution or have you added any
matcher/mailet/custom code to it?
Stefano
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
RE: "Can't find DNS for domain" when domain does exist
Posted by JWM <te...@malcolms.com>.
Stefano,
I am currently running 2.2.0a17. I have no problem installing 2.3.0a1 and
testing. But can you tell me if I have to make changes to my config file in
order to upgrade? If so, is it massive? I seem to remember that I had
significant amount of changes required when I moved up to where I am now.
I'd love to move up and test it (and hopefully solve the problem). But I
don't have the bandwidth to do a major migration. Will everything still
work as-is on the new version?
Thx for continuing to pursue this.
JWM
-----Original Message-----
From: Stefano Bagnara [mailto:apache@bago.org]
Sent: Thursday, March 02, 2006 3:03 PM
To: James Users List
Subject: Re: "Can't find DNS for domain" when domain does exist
JWM wrote:
> Stefano,
>
> I really appreciate your help in this ordeal.
>
> I copied your response to Register. According them, RFCs are now simply
> 'suggestions'... Is that true? I thought they were already mandatory.
Hi JWM,
I just wrote a unittest for the current James trunk to test the scenario
and it seems that James trunk already correctly resolve this mx server.
I'm not able to run the test against 2.2.0 right now.
Are you able to run a test using 2.3.0a1 or a recent nightly build?
Stefano
> JWM wrote:
>> Stefano,
>>
>> The domain in question is: brandilyncollins.com
>
> # host -t mx brandilyncollins.com
> brandilyncollins.com mail is handled by 0 mxmail.register.com.
>
> # host -t a mxmail.register.com.
> mxmail.register.com is an alias for rcom-outblaze-com.mr.outblaze.com.
> rcom-outblaze-com.mr.outblaze.com has address 205.158.62.41
> rcom-outblaze-com.mr.outblaze.com has address 205.158.62.200
> rcom-outblaze-com.mr.outblaze.com has address 205.158.62.206
> rcom-outblaze-com.mr.outblaze.com has address 205.158.62.207
> rcom-outblaze-com.mr.outblaze.com has address 205.158.62.229
> rcom-outblaze-com.mr.outblaze.com has address 205.158.62.230
>
> So, it is clear that the mx host name for brandilyncollins.com does not
> have A or RR but instead it only provide a CNAME.
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: "Can't find DNS for domain" when domain does exist
Posted by Stefano Bagnara <ap...@bago.org>.
JWM wrote:
> Stefano,
>
> I really appreciate your help in this ordeal.
>
> I copied your response to Register. According them, RFCs are now simply
> 'suggestions'... Is that true? I thought they were already mandatory.
Hi JWM,
I just wrote a unittest for the current James trunk to test the scenario
and it seems that James trunk already correctly resolve this mx server.
I'm not able to run the test against 2.2.0 right now.
Are you able to run a test using 2.3.0a1 or a recent nightly build?
Stefano
> JWM wrote:
>> Stefano,
>>
>> The domain in question is: brandilyncollins.com
>
> # host -t mx brandilyncollins.com
> brandilyncollins.com mail is handled by 0 mxmail.register.com.
>
> # host -t a mxmail.register.com.
> mxmail.register.com is an alias for rcom-outblaze-com.mr.outblaze.com.
> rcom-outblaze-com.mr.outblaze.com has address 205.158.62.41
> rcom-outblaze-com.mr.outblaze.com has address 205.158.62.200
> rcom-outblaze-com.mr.outblaze.com has address 205.158.62.206
> rcom-outblaze-com.mr.outblaze.com has address 205.158.62.207
> rcom-outblaze-com.mr.outblaze.com has address 205.158.62.229
> rcom-outblaze-com.mr.outblaze.com has address 205.158.62.230
>
> So, it is clear that the mx host name for brandilyncollins.com does not
> have A or RR but instead it only provide a CNAME.
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
RE: "Can't find DNS for domain" when domain does exist
Posted by JWM <te...@malcolms.com>.
Danny,
I appreciate your response. I completely agree. I have well over 30 years
in this industry and completely understand your position (and 100% agree
with it).
Although given the time to really understand the DNS arena, and given the
time to become intimately familiar with James' internal implementation, I
have no doubt I could create a workaround. But that 'time' isn't available,
so a workaround is not on the radar for me now. I'll just continue to argue
with Register.
Even with the frustration, this has been a tremendous education for me in
this area.
BTW... even though Register.com imposes this MX violation on their customer
base, they aren't stupid enough to do it their own site. Register.com's MX
records are compliant. I called their hand on that, and got no explanation
other than, 'we do it differently for our domain', yet adamantly say their
entire little castle comes crashing down if they do it correctly for their
customers. Go figure.
Thanks again so much. You have been extremely helpful.
Jerry
-----Original Message-----
From: Danny Angus [mailto:Danny_Angus@slc.co.uk]
Sent: Monday, February 06, 2006 5:25 AM
To: James Users List
Subject: RE: "Can't find DNS for domain" when domain does exist
> copied your response to Register. According them, RFCs are now simply
>'suggestions'... Is that true? I thought they were already mandatory.
They are never mandatory.
What they do is to permit interoperability between two people who both
choose to independantly follow the same rules.
James chooses to follow the rules, register.com doesn't. Go figure.
> In the meantime, apparently two wrongs will have to make a right. If you
> could consider adding the incorrect implementation to deal with screwups
> like Register, I'd appreciate it.
The principle we follow is[1]
"We believe that it is our responsibility to adhere to the published
standard. If we allow our implementation to deviate it means that we are
tacitly encouraging the situation whereby interoperability is no longer
guarenteed by standards compliance alone, but also requires access to
undocumented and possibly even commercially licenced technology. There is
no easy route for a newcomer to aquire these secrets, and interoperabilty
becomes something only available to the elite. "
We have no interest in being bloody minded about it though and would
probably be prepared to make the change you require as an optional feature
disabled by default, but you may have to do it yourself or motivate someone
else to do it.
d.
[1] http://james.apache.org/design_objectives.html
***************************************************************************
The information in this e-mail is confidential and for use by the
addressee(s) only. If you are not the intended recipient (or responsible for
delivery of the message to the intended recipient) please notify us
immediately on 0141 306 2050 and delete the message from your computer. You
may not copy or forward it or use or disclose its contents to any other
person. As Internet communications are capable of data corruption Student
Loans Company Limited does not accept any responsibility for changes made
to this message after it was sent. For this reason it may be inappropriate
to rely on advice or opinions contained in an e-mail without obtaining
written confirmation of it. Neither Student Loans Company Limited or the
sender accepts any liability or responsibility for viruses as it is your
responsibility to scan attachments (if any). Opinions and views expressed in
this e-mail are those of the sender and may not reflect the opinions and
views of The Student Loans Company Limit
ed.
This footnote also confirms that this email message has been swept for the
presence of computer viruses.
**************************************************************************
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
RE: "Can't find DNS for domain" when domain does exist
Posted by Danny Angus <Da...@slc.co.uk>.
> copied your response to Register. According them, RFCs are now simply
>'suggestions'... Is that true? I thought they were already mandatory.
They are never mandatory.
What they do is to permit interoperability between two people who both
choose to independantly follow the same rules.
James chooses to follow the rules, register.com doesn't. Go figure.
> In the meantime, apparently two wrongs will have to make a right. If you
> could consider adding the incorrect implementation to deal with screwups
> like Register, I'd appreciate it.
The principle we follow is[1]
"We believe that it is our responsibility to adhere to the published
standard. If we allow our implementation to deviate it means that we are
tacitly encouraging the situation whereby interoperability is no longer
guarenteed by standards compliance alone, but also requires access to
undocumented and possibly even commercially licenced technology. There is
no easy route for a newcomer to aquire these secrets, and interoperabilty
becomes something only available to the elite. "
We have no interest in being bloody minded about it though and would
probably be prepared to make the change you require as an optional feature
disabled by default, but you may have to do it yourself or motivate someone
else to do it.
d.
[1] http://james.apache.org/design_objectives.html
***************************************************************************
The information in this e-mail is confidential and for use by the addressee(s) only. If you are not the intended recipient (or responsible for delivery of the message to the intended recipient) please notify us immediately on 0141 306 2050 and delete the message from your computer. You may not copy or forward it or use or disclose its contents to any other person. As Internet communications are capable of data corruption Student Loans Company Limited does not accept any responsibility for changes made to this message after it was sent. For this reason it may be inappropriate to rely on advice or opinions contained in an e-mail without obtaining written confirmation of it. Neither Student Loans Company Limited or the sender accepts any liability or responsibility for viruses as it is your responsibility to scan attachments (if any). Opinions and views expressed in this e-mail are those of the sender and may not reflect the opinions and views of The Student Loans Company Limit
ed.
This footnote also confirms that this email message has been swept for the presence of computer viruses.
**************************************************************************
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
RE: "Can't find DNS for domain" when domain does exist
Posted by JWM <te...@malcolms.com>.
Stefano,
I really appreciate your help in this ordeal.
I copied your response to Register. According them, RFCs are now simply
'suggestions'... Is that true? I thought they were already mandatory.
The one thing that is still nagging at me is the fact that James is widely
used, and Register.com is not exactly a tiny outfit. Yet I'm the only
person in the world having this problem (????). According to what everyone
has said, it would seem EVERY instance of James in the world sending mail to
any domain hosted by Register.com would have the same problem. I don't see
it. I don't know any other domains offhand that are hosted by Register.
I'd love to find out that other mx records are actually correct at Register.
In the meantime, apparently two wrongs will have to make a right. If you
could consider adding the incorrect implementation to deal with screwups
like Register, I'd appreciate it.
Here is their response... I give up....
=================================
Thank you for contacting Register.com.
We understand your position, and sincerely apologize for any inconvenience
this may cause. However, as the email from apache stated, many services
support the aliased mx records we are currently using as the RFCs are still
suggested practices. Until such time that the RFC guidelines become
mandatory, our email services will remain in the manner they are currently
configured for our customers. You can disable the cname check on your end to
have the emails send/receive properly, however we do not have plans to make
changes to our mx records at this time.
-----Original Message-----
From: Stefano Bagnara [mailto:apache@bago.org]
Sent: Friday, February 03, 2006 3:16 AM
To: James Users List
Subject: Re: "Can't find DNS for domain" when domain does exist
JWM wrote:
> Stefano,
>
> The domain in question is: brandilyncollins.com
# host -t mx brandilyncollins.com
brandilyncollins.com mail is handled by 0 mxmail.register.com.
# host -t a mxmail.register.com.
mxmail.register.com is an alias for rcom-outblaze-com.mr.outblaze.com.
rcom-outblaze-com.mr.outblaze.com has address 205.158.62.41
rcom-outblaze-com.mr.outblaze.com has address 205.158.62.200
rcom-outblaze-com.mr.outblaze.com has address 205.158.62.206
rcom-outblaze-com.mr.outblaze.com has address 205.158.62.207
rcom-outblaze-com.mr.outblaze.com has address 205.158.62.229
rcom-outblaze-com.mr.outblaze.com has address 205.158.62.230
So, it is clear that the mx host name for brandilyncollins.com does not
have A or RR but instead it only provide a CNAME.
The specification is REALLY clear about this, you can see that they
provided a full paragraph to say that an hostname used as MX record must
NEVER be a CNAME (alias)
RFC2181 10.3: "Thus, if an alias is used as the value
of an NS or MX record, no address will be returned with the NS or MX
value.". If I understand correctly, supporting the CNAME for the MX
would be AGAINST the rfc.
So the problem is that RFC is extremely clear but Sendmail, postfix,
qmail, and exim, all support the aliased MXs.
We could consider to add this option to James, too, but don't expect to
happen soon.
"The Register" is not RFC compliant, so they are not providing a
compliant DNS service, and you should complain again.
I added an "improvement request" in our issue tracker to remember this
issue.
Stefano
-----------------------
here is the full 10.3 paragraph from rfc2181 (Clarifications to the DNS
Specification)
10.3. MX and NS records
The domain name used as the value of a NS resource record, or part of
the value of a MX resource record must not be an alias. Not only is
the specification clear on this point, but using an alias in either
of these positions neither works as well as might be hoped, nor well
fulfills the ambition that may have led to this approach. This
domain name must have as its value one or more address records.
Currently those will be A records, however in the future other record
types giving addressing information may be acceptable. It can also
have other RRs, but never a CNAME RR.
Searching for either NS or MX records causes "additional section
processing" in which address records associated with the value of the
record sought are appended to the answer. This helps avoid needless
extra queries that are easily anticipated when the first was made.
Additional section processing does not include CNAME records, let
alone the address records that may be associated with the canonical
name derived from the alias. Thus, if an alias is used as the value
of an NS or MX record, no address will be returned with the NS or MX
value. This can cause extra queries, and extra network burden, on
every query. It is trivial for the DNS administrator to avoid this
by resolving the alias and placing the canonical name directly in the
affected record just once when it is updated or installed. In some
particular hard cases the lack of the additional section address
records in the results of a NS lookup can cause the request to fail.
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: "Can't find DNS for domain" when domain does exist
Posted by Stefano Bagnara <ap...@bago.org>.
JWM wrote:
> Stefano,
>
> The domain in question is: brandilyncollins.com
# host -t mx brandilyncollins.com
brandilyncollins.com mail is handled by 0 mxmail.register.com.
# host -t a mxmail.register.com.
mxmail.register.com is an alias for rcom-outblaze-com.mr.outblaze.com.
rcom-outblaze-com.mr.outblaze.com has address 205.158.62.41
rcom-outblaze-com.mr.outblaze.com has address 205.158.62.200
rcom-outblaze-com.mr.outblaze.com has address 205.158.62.206
rcom-outblaze-com.mr.outblaze.com has address 205.158.62.207
rcom-outblaze-com.mr.outblaze.com has address 205.158.62.229
rcom-outblaze-com.mr.outblaze.com has address 205.158.62.230
So, it is clear that the mx host name for brandilyncollins.com does not
have A or RR but instead it only provide a CNAME.
The specification is REALLY clear about this, you can see that they
provided a full paragraph to say that an hostname used as MX record must
NEVER be a CNAME (alias)
RFC2181 10.3: "Thus, if an alias is used as the value
of an NS or MX record, no address will be returned with the NS or MX
value.". If I understand correctly, supporting the CNAME for the MX
would be AGAINST the rfc.
So the problem is that RFC is extremely clear but Sendmail, postfix,
qmail, and exim, all support the aliased MXs.
We could consider to add this option to James, too, but don't expect to
happen soon.
"The Register" is not RFC compliant, so they are not providing a
compliant DNS service, and you should complain again.
I added an "improvement request" in our issue tracker to remember this
issue.
Stefano
-----------------------
here is the full 10.3 paragraph from rfc2181 (Clarifications to the DNS
Specification)
10.3. MX and NS records
The domain name used as the value of a NS resource record, or part of
the value of a MX resource record must not be an alias. Not only is
the specification clear on this point, but using an alias in either
of these positions neither works as well as might be hoped, nor well
fulfills the ambition that may have led to this approach. This
domain name must have as its value one or more address records.
Currently those will be A records, however in the future other record
types giving addressing information may be acceptable. It can also
have other RRs, but never a CNAME RR.
Searching for either NS or MX records causes "additional section
processing" in which address records associated with the value of the
record sought are appended to the answer. This helps avoid needless
extra queries that are easily anticipated when the first was made.
Additional section processing does not include CNAME records, let
alone the address records that may be associated with the canonical
name derived from the alias. Thus, if an alias is used as the value
of an NS or MX record, no address will be returned with the NS or MX
value. This can cause extra queries, and extra network burden, on
every query. It is trivial for the DNS administrator to avoid this
by resolving the alias and placing the canonical name directly in the
affected record just once when it is updated or installed. In some
particular hard cases the lack of the additional section address
records in the results of a NS lookup can cause the request to fail.
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
RE: "Can't find DNS for domain" when domain does exist
Posted by JWM <te...@malcolms.com>.
Stefano,
The domain in question is: brandilyncollins.com
-----Original Message-----
From: Stefano Bagnara [mailto:apache@bago.org]
Sent: Thursday, February 02, 2006 12:50 PM
To: James Users List
Subject: Re: "Can't find DNS for domain" when domain does exist
JWM wrote:
> See chain of notes below from a couple of weeks ago. I finally got a
> response from Register.com, the owner of the MX record that is in
question.
>
> Seems pretty straightforward that register.com is wrong if the RFCs indeed
> say what this report claims. But I don't have enough background on what
is
> happening to argue with them.
Can you tell us the problematic domain so we can check the dns zone?
Stefano
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: "Can't find DNS for domain" when domain does exist
Posted by Stefano Bagnara <ap...@bago.org>.
JWM wrote:
> See chain of notes below from a couple of weeks ago. I finally got a
> response from Register.com, the owner of the MX record that is in question.
>
> Seems pretty straightforward that register.com is wrong if the RFCs indeed
> say what this report claims. But I don't have enough background on what is
> happening to argue with them.
Can you tell us the problematic domain so we can check the dns zone?
Stefano
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
RE: "Can't find DNS for domain" when domain does exist
Posted by JWM <te...@malcolms.com>.
See chain of notes below from a couple of weeks ago. I finally got a
response from Register.com, the owner of the MX record that is in question.
Here is their response:
=================================
Thank you for contacting Register.com.
We apologize for any incovnenience this may cause, however the mx records
for the domain names are valid, and do not need to be changed. The check you
are running for the mx record is not required, and works properly with most
email providers. We sincerely apologize that the settings we are using are
causing a problem for the email services you are using, and some mail is
becoming undeliverable however the mx records we use currently are required
in this manner due to the services we provide.
==================================
So register.com says they are right. You say James is right. I don't know
enough to know. All I know is that I have customer using James on my server
that can't get email to a client.
The error I get from DNSReport is:
===================================
FAIL MX A lookups have no CNAMEs WARNING: One or more of your MX records
points to a CNAME. CNAMEs are prohibited in MX records, according to RFC974,
RFC1034 3.6.2, RFC1912 2.4, and RFC2181 10.3. The problem MX record(s) are:
mxmail.register.com.->rcom-outblaze-com.mr.outblaze.com.->205.158.62.229
===================================
Seems pretty straightforward that register.com is wrong if the RFCs indeed
say what this report claims. But I don't have enough background on what is
happening to argue with them.
Would somebody like to draft a reply back to Register.com for me? If
Register.com is indeed doing this on all of their records as they indicated,
seems to me that more James users than just me would be upset.
Help!
Thanks.
-----Original Message-----
From: Stefano Bagnara [mailto:apache@bago.org]
Sent: Thursday, January 26, 2006 10:45 AM
To: James Users List
Subject: Re: "Can't find DNS for domain" when domain does exist
JWM wrote:
> Stephano,
>
> Thanks. That appears to be the situation. Does this fix that you
reference
> make james follow a cname in the mx record even though it's an unsupported
> behaviour? (i.e. make james work despite the error?)
No. The fix contains the reference to the behaviour that was not
implemented in James.
The problem fixed was that a host name does not have an MX name
associated but it has a CNAME address associated. A compliant SMTP
server should resolve the CNAME and ask the MX servers for the CNAME host.
That was a COMPLIANCE fix, I don't think it is the same of your case
(not as you described it) but I pointed to it because it is the only
issue reported against James MX resolution.
I think we shouldn't fix the issue you are describing because James
seems to be compliant and the dnsreport site confirms that the
destination domain dns is bad.
The fix for your problem is to write to the DNS mantainer for that
domain, attaching the dnsreport response.
Stefano
> Is there any way to patch this fix into my existing installation of James
> (e.g. replace one jar file, etc), or do I need to do a complete reinstall
of
> the latest version? I just don't have the bandwidth in my schedule now to
> risk a massive upgrade.
>
> Thanks for the info.
>
> Jerry
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: "Can't find DNS for domain" when domain does exist
Posted by Stefano Bagnara <ap...@bago.org>.
JWM wrote:
> Stephano,
>
> Thanks. That appears to be the situation. Does this fix that you reference
> make james follow a cname in the mx record even though it's an unsupported
> behaviour? (i.e. make james work despite the error?)
No. The fix contains the reference to the behaviour that was not
implemented in James.
The problem fixed was that a host name does not have an MX name
associated but it has a CNAME address associated. A compliant SMTP
server should resolve the CNAME and ask the MX servers for the CNAME host.
That was a COMPLIANCE fix, I don't think it is the same of your case
(not as you described it) but I pointed to it because it is the only
issue reported against James MX resolution.
I think we shouldn't fix the issue you are describing because James
seems to be compliant and the dnsreport site confirms that the
destination domain dns is bad.
The fix for your problem is to write to the DNS mantainer for that
domain, attaching the dnsreport response.
Stefano
> Is there any way to patch this fix into my existing installation of James
> (e.g. replace one jar file, etc), or do I need to do a complete reinstall of
> the latest version? I just don't have the bandwidth in my schedule now to
> risk a massive upgrade.
>
> Thanks for the info.
>
> Jerry
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
RE: "Can't find DNS for domain" when domain does exist
Posted by JWM <te...@malcolms.com>.
Stephano,
Thanks. That appears to be the situation. Does this fix that you reference
make james follow a cname in the mx record even though it's an unsupported
behaviour? (i.e. make james work despite the error?)
Is there any way to patch this fix into my existing installation of James
(e.g. replace one jar file, etc), or do I need to do a complete reinstall of
the latest version? I just don't have the bandwidth in my schedule now to
risk a massive upgrade.
Thanks for the info.
Jerry
-----Original Message-----
From: Stefano Bagnara [mailto:apache@bago.org]
Sent: Thursday, January 26, 2006 3:18 AM
To: James Users List
Subject: Re: "Can't find DNS for domain" when domain does exist
Jerry Malcolm wrote:
> I'm getting a bounce when trying to send mail to a valid domain. I get an
> error in the log that says it can't find the dns entry. The dns entry is
> clearly there when I do an nslookup.
>
> However, I went to dnsreport.com and got the following error when it
> analyzed the DNS for the domain:
>
> ===============
>
> FAIL MX A lookups have no CNAMEs WARNING: One or more of your MX records
> points to a CNAME. CNAMEs are prohibited in MX records, according to
RFC974,
> RFC1034 3.6.2, RFC1912 2.4, and RFC2181 10.3. The problem MX record(s)
are:
> mxmail.register.com.->rcom-outblaze-com.mr.outblaze.com.->205.158.62.206
>
> ===============
>
> OK, seems pretty obvious that there's something wrong with the DNS. But
is
> this what's causing James to be unable to send the mail? Even if the
error
I would say yes: DNS is the routing information for the mail systems. If
it's wrong mail systems will not deliver messages.
The only bug I found in James about DNS handling is described here:
http://issues.apache.org/jira/browse/JAMES-413
If this is your case then it's fixed in the current trunk.
Many MTA will follow the CNAME anyway, but this is an unsupported
behaviour and not standard.
They should fix their MX. Send the dnsreport result to the "bad" domain
owner and let him know he's loosing mail because of this
misconfiguration and he will be happy to ask his provider to fix this.
Stefano
> is with the destination, my customer tells me other people have no problem
> emailing this person. So the question is, how can make James not be so
> overly sensitive to this problem?
>
> Thanks.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
Re: "Can't find DNS for domain" when domain does exist
Posted by Stefano Bagnara <ap...@bago.org>.
Jerry Malcolm wrote:
> I'm getting a bounce when trying to send mail to a valid domain. I get an
> error in the log that says it can't find the dns entry. The dns entry is
> clearly there when I do an nslookup.
>
> However, I went to dnsreport.com and got the following error when it
> analyzed the DNS for the domain:
>
> ===============
>
> FAIL MX A lookups have no CNAMEs WARNING: One or more of your MX records
> points to a CNAME. CNAMEs are prohibited in MX records, according to RFC974,
> RFC1034 3.6.2, RFC1912 2.4, and RFC2181 10.3. The problem MX record(s) are:
> mxmail.register.com.->rcom-outblaze-com.mr.outblaze.com.->205.158.62.206
>
> ===============
>
> OK, seems pretty obvious that there's something wrong with the DNS. But is
> this what's causing James to be unable to send the mail? Even if the error
I would say yes: DNS is the routing information for the mail systems. If
it's wrong mail systems will not deliver messages.
The only bug I found in James about DNS handling is described here:
http://issues.apache.org/jira/browse/JAMES-413
If this is your case then it's fixed in the current trunk.
Many MTA will follow the CNAME anyway, but this is an unsupported
behaviour and not standard.
They should fix their MX. Send the dnsreport result to the "bad" domain
owner and let him know he's loosing mail because of this
misconfiguration and he will be happy to ask his provider to fix this.
Stefano
> is with the destination, my customer tells me other people have no problem
> emailing this person. So the question is, how can make James not be so
> overly sensitive to this problem?
>
> Thanks.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org