Intro
This is probably the most obscure of all postings I will ever do – it’s really just opening up my private journal to the Internet, which helps me when I need to recall how I fixed something.
So the story is that I’m having trouble sending email to anyone in the domain paladinny.com, and I just couldn’t figure out why.
The details
With my sendmail config I finally rolled up my sleeves, and did some debugging, even though I am pressed for time. Start up our sendmail debugging session:
> sendmail -Cconfig_file.cf -bt -d35.9
This produces a lot of blah, blah, configuration settings, blah, blah, and finally a sort of sendmail debugging shell. So let’s test a good “normal” domain:
> 3,0 [email protected]
canonify input: test @ gmail . com Canonify2 input: test < @ gmail . com > Canonify2 returns: test < @ gmail . com . > canonify returns: test < @ gmail . com . > parse input: test < @ gmail . com . > Parse0 input: test < @ gmail . com . > Parse0 returns: test < @ gmail . com . > ParseLocal input: test < @ gmail . com . > ParseLocal returns: test < @ gmail . com . > Parse1 input: test < @ gmail . com . > Mailertable input: < gmail . com > test < @ gmail . com . > Mailertable input: gmail . < com > test < @ gmail . com . > Mailertable returns: test < @ gmail . com . > Mailertable returns: test < @ gmail . com . > SmartTable input: test < @ gmail . com . > SmartTable returns: test < @ gmail . com . > MailerToTriple input: < > test < @ gmail . com . > MailerToTriple returns: test < @ gmail . com . > Parse1 returns: $# esmtp $@ gmail . com . $: test < @ gmail . com . > parse returns: $# esmtp $@ gmail . com . $: test < @ gmail . com . > |
and then this problem domain:
> 3,0 [email protected]
canonify input: test @ paladinny . com Canonify2 input: test < @ paladinny . com > Canonify2 returns: test < @ paladinny . no-ip . biz . > canonify returns: test < @ paladinny . no-ip . biz . > parse input: test < @ paladinny . no-ip . biz . > Parse0 input: test < @ paladinny . no-ip . biz . > Parse0 returns: test < @ paladinny . no-ip . biz . > ParseLocal input: test < @ paladinny . no-ip . biz . > ParseLocal returns: test < @ paladinny . no-ip . biz . > Parse1 input: test < @ paladinny . no-ip . biz . > Mailertable input: < paladinny . no-ip . biz > test < @ paladinny . no-ip . biz . > Mailertable input: paladinny . < no-ip . biz > test < @ paladinny . no-ip . biz . > Mailertable input: paladinny . no-ip . < biz > test < @ paladinny . no-ip . biz . > Mailertable returns: test < @ paladinny . no-ip . biz . > Mailertable returns: test < @ paladinny . no-ip . biz . > Mailertable returns: test < @ paladinny . no-ip . biz . > SmartTable input: test < @ paladinny . no-ip . biz . > SmartTable returns: test < @ paladinny . no-ip . biz . > MailerToTriple input: < > test < @ paladinny . no-ip . biz . > MailerToTriple returns: test < @ paladinny . no-ip . biz . > Parse1 returns: $# esmtp $@ paladinny . no-ip . biz . $: test < @ paladinny . no-ip . biz . > parse returns: $# esmtp $@ paladinny . no-ip . biz . $: test < @ paladinny . no-ip . biz . > |
I have to look more into what Canonify2 does. But this gives me an idea: force the mailertable to handle paladinny . no-ip . biz the way I want it to, namely:
paladinny.no-ip.biz relay:barracuda.cblconsulting.com
because in DNS my DNS server returns this funny result:
> dig mx paladinny.com
; <<>> DiG 9.6-ESV-R7-P3 <<>> mx paladinny.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17559 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;paladinny.com. IN MX ;; ANSWER SECTION: paladinny.com. 351 IN CNAME paladinny.no-ip.biz. ;; AUTHORITY SECTION: no-ip.biz. 60 IN SOA nf1.no-ip.com. hostmaster.no-ip.com. 2052775595 600 300 604800 600 ;; Query time: 30 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Jan 18 08:53:49 2013 ;; MSG SIZE rcvd: 121 |
whereas Google’s public DNS says this, which looks like the intended result:
> dig mx paladinny.com @8.8.8.8
; <<>> DiG 9.6-ESV-R7-P3 <<>> mx paladinny.com @8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3749 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;paladinny.com. IN MX ;; ANSWER SECTION: paladinny.com. 1800 IN MX 10 barracuda.cblconsulting.com. ;; Query time: 236 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Fri Jan 18 08:55:42 2013 ;; MSG SIZE rcvd: 71 |
So at least we know where that odd paladinny.no-ip.biz comes from, sort of. It comes from my nameserver, but where it got that answer from I have no idea. It doesn’t come from the authoritative nameservers:
> dig mx paladinny.com @dns1.name-services.com.
; <<>> DiG 9.6-ESV-R7-P3 <<>> mx paladinny.com @dns1.name-services.com. ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45704 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;paladinny.com. IN MX ;; ANSWER SECTION: paladinny.com. 1800 IN MX 10 barracuda.cblconsulting.com. ;; Query time: 82 msec ;; SERVER: 98.124.192.1#53(98.124.192.1) ;; WHEN: Fri Jan 18 08:59:50 2013 ;; MSG SIZE rcvd: 71 |
A CNAME is not an MX record, so why my nameserver is returning an answer (ANSWER: 1)when queried for the MX record when all it thinks it has is a CNAME seems to be an out-and-out error.
And putting the resolved name in the mailertable is also not normal. Normally you put the domain itself, as in:
paladinny.com relay:barracuda.cblconsulting.com
and of course that’s the first thing I tried, but it has no effect whatsoever.
February Update and Conclusion
The mystery was solved when a whole bunch of email deliveries started failing on my system and I was forced to do some serious debugging. Long story short my SLES system was regrettably running nscd, the nameserver caching daemon. I didn’t even bother to check paladinny.com. So many other things cleared up when I killed it I’m sure it was the cause of the paladinny.com issue as well. This is all described in this post.
One reply on “Strange problem with email to paladinny.com”
[…] An IT pro always keeps unsolved mysteries in his mind. This time I knew I also had in hand the solution an earlier-documented mystery about email to paladinny.com. […]