I think you didn't read what I actually wrote:
I know for certain that Postfix and Smail will immediately bounce a message when the domain is authoritatively non-existant. I'd be very ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ surprised and dismayed if sendmail and all other true SMTP mailers did not do exactly the same thing.
I.e. when a nameserver authoritative for the parent domain returns an authoritative "no such domain" answer then the mail must bounce immediately. Now I do apologise for giving an incomplete answer to a different question, especially the way I changed the subject line. I'm afraid the new subject line was somewhat of an afterthought and indeed ended up being misleading. Now, remember, in the DNS a "host name" is a "domain name" (with an A RR). If someone sends mail to <postmaster@mail.notadomain.weird.com>, but that time none of the nameservers for "notadomain.weird.com" are authoritative (i.e. lame delegation) then the default behaviour of most DNS resolvers will be to return a non-authoritative NO_DATA (or HOST_NOT_FOUND depending on what question was asked). Now unfortunately not all resolvers, and more importantly not all resolver interface libraries, are alike. Mailers that use the res_search(3) interface do not always get a "TRY_AGAIN" answer, even in the above case (which is about the "best case" scenario for the failure case which started this thread). I've seen several 4.9.x based resolvers return HOST_NOT_FOUND or NO_DATA (which are supposed to only be returned for authoritative answers according to some manuals). If I'm not mistaken the following is an example of this happening (from the RES_DEBUG output): ;; res_querydomain(mail.notadomain.weird.com, <Nil>, 1, 15) ;; res_query(mail.notadomain.weird.com, 1, 15) ;; res_mkquery(0, mail.notadomain.weird.com, 1, 15) ;; res_send() ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17056 ;; flags: rd; Ques: 1, Ans: 0, Auth: 0, Addit: 0 ;; QUESTIONS: ;; mail.notadomain.weird.com, type = MX, class = IN ;; Querying server (# 1) address = 204.92.254.16 ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17056 ;; flags: qr rd ra; Ques: 1, Ans: 0, Auth: 1, Addit: 0 ;; QUESTIONS: ;; mail.notadomain.weird.com, type = MX, class = IN ;; AUTHORITY RECORDS: weird.com. 8926 IN SOA ns.weird.com. postmaster.weird.com. ( 2000010200 ; serial 14400 ; refresh (4 hours) 7200 ; retry (2 hours) 604800 ; expire (7 days) 14400 ) ; minimum (4 hours) ;; rcode = 3, ancount=0 The point is that things aren't always as simple as they might seem at first, and indeed it's not always the mailer's fault.... [ On Saturday, January 1, 2000 at 21:41:25 (-0500), Steven J. Sobol wrote: ]
Subject: Re: mail does bounce (was: Customers down?)
Hm. I think you're looking at this from a different angle. Yes. If the domain can't be found because there are no records in the root nameserver, a sane mailer should bounce the message,
Even though it appears you do understand (at least fundamentally), and indeed agree with what I actually said! :-)
and in fact, Sendmail does, as shown by the following bounce message
I thought so.....
What I was referring to was a situation where the domain does exist in the root nameservers but the authoritative nameservers are unavailable.
If you s/root/parent/ then indeed you've got it right, as does Postfix, Smail, and supposedly sendmail too, but they rely on the resolver library working as it should too. Now if only we could just teach sendmail that mail must also bounce immediately when any 5xx *permanent* error reply is returned! :-) -- Greg A. Woods +1 416 218-0098 VE3TCP <gwoods@acm.org> <robohack!woods> Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>