Re: mail does bounce (was: Customers down?)
I know for certain that Postfix and Smail will immediately bounce a message when the domain is authoritatively non-existant. I'd be very surprised and dismayed if sendmail and all other true SMTP mailers did not do exactly the same thing.
Sendmail most definitely does not, instead treating the error as a transient error, issuing an SMTP error code in the 400 series, and continuing to try to send the mail for up to five days (the default), or whatever the mail server admin configured for that particular server.
I think I like it better that way. Just because both nameservers are temporarily down doesn't mean the domain doesn't exist. :P
Seems to me you're talking past one another. If all nameservers for a domain are down there *is* no nameserver which can say that the domain is authoritatively non-existent. (OK, you could get a negative caching answer from one of the authoritative servers on the level above, but that's a different issue...) I agree with Greg Woods - if a domain is authoritatively non-existent, I'd expect a sane mailer to bounce the message. Steinar Haug, Nethelp consulting, sthaug@nethelp.no
I think I like it better that way. Just because both nameservers are temporarily down doesn't mean the domain doesn't exist. :P
Seems to me you're talking past one another. If all nameservers for a domain are down there *is* no nameserver which can say that the domain is authoritatively non-existent. (OK, you could get a negative caching answer from one of the authoritative servers on the level above, but that's a different issue...)
I agree with Greg Woods - if a domain is authoritatively non-existent, I'd expect a sane mailer to bounce the message.
I'm glad that you don't write code, especially sendmail code.
On Sat, 1 Jan 2000 sthaug@nethelp.no wrote:
I know for certain that Postfix and Smail will immediately bounce a message when the domain is authoritatively non-existant. I'd be very surprised and dismayed if sendmail and all other true SMTP mailers did not do exactly the same thing.
Sendmail most definitely does not, instead treating the error as a transient error, issuing an SMTP error code in the 400 series, and continuing to try to send the mail for up to five days (the default), or whatever the mail server admin configured for that particular server.
I think I like it better that way. Just because both nameservers are temporarily down doesn't mean the domain doesn't exist. :P
Seems to me you're talking past one another. If all nameservers for a domain are down there *is* no nameserver which can say that the domain is authoritatively non-existent. (OK, you could get a negative caching answer from one of the authoritative servers on the level above, but that's a different issue...)
I agree with Greg Woods - if a domain is authoritatively non-existent, I'd expect a sane mailer to bounce the message.
Hm. I think you're looking at this from a different angle. Yes. If the domain can't be found because there are no records in the root nameserver, a sane mailer should bounce the message, and in fact, Sendmail does, as shown by the following bounce message from my Sendmail server after a message to sjsobol@NorthShoreTechnologies.org, which doesn't exist: ----- Transcript of session follows ----- 501 5.1.2 sjsobol@northshoretechnologies.org... Host unknown (Name server: northshoretechnologies.org: host not found) The 500-series errors are permanent (fatal) failures. What I was referring to was a situation where the domain does exist in the root nameservers but the authoritative nameservers are unavailable. -- North Shore Technologies http://NorthShoreTechnologies.net 888.480.4NET Steve Sobol, President, Chief Website Architect and Janitor sjsobol@NorthShoreTechnologies.net My opinions DO, in fact, represent the official opinions of North Shore Technologies Corporation, since I own the company. Thanks for asking.
I think you didn't read what I actually wrote:
I know for certain that Postfix and Smail will immediately bounce a message when the domain is authoritatively non-existant. I'd be very ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ surprised and dismayed if sendmail and all other true SMTP mailers did not do exactly the same thing.
I.e. when a nameserver authoritative for the parent domain returns an authoritative "no such domain" answer then the mail must bounce immediately. Now I do apologise for giving an incomplete answer to a different question, especially the way I changed the subject line. I'm afraid the new subject line was somewhat of an afterthought and indeed ended up being misleading. Now, remember, in the DNS a "host name" is a "domain name" (with an A RR). If someone sends mail to <postmaster@mail.notadomain.weird.com>, but that time none of the nameservers for "notadomain.weird.com" are authoritative (i.e. lame delegation) then the default behaviour of most DNS resolvers will be to return a non-authoritative NO_DATA (or HOST_NOT_FOUND depending on what question was asked). Now unfortunately not all resolvers, and more importantly not all resolver interface libraries, are alike. Mailers that use the res_search(3) interface do not always get a "TRY_AGAIN" answer, even in the above case (which is about the "best case" scenario for the failure case which started this thread). I've seen several 4.9.x based resolvers return HOST_NOT_FOUND or NO_DATA (which are supposed to only be returned for authoritative answers according to some manuals). If I'm not mistaken the following is an example of this happening (from the RES_DEBUG output): ;; res_querydomain(mail.notadomain.weird.com, <Nil>, 1, 15) ;; res_query(mail.notadomain.weird.com, 1, 15) ;; res_mkquery(0, mail.notadomain.weird.com, 1, 15) ;; res_send() ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17056 ;; flags: rd; Ques: 1, Ans: 0, Auth: 0, Addit: 0 ;; QUESTIONS: ;; mail.notadomain.weird.com, type = MX, class = IN ;; Querying server (# 1) address = 204.92.254.16 ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17056 ;; flags: qr rd ra; Ques: 1, Ans: 0, Auth: 1, Addit: 0 ;; QUESTIONS: ;; mail.notadomain.weird.com, type = MX, class = IN ;; AUTHORITY RECORDS: weird.com. 8926 IN SOA ns.weird.com. postmaster.weird.com. ( 2000010200 ; serial 14400 ; refresh (4 hours) 7200 ; retry (2 hours) 604800 ; expire (7 days) 14400 ) ; minimum (4 hours) ;; rcode = 3, ancount=0 The point is that things aren't always as simple as they might seem at first, and indeed it's not always the mailer's fault.... [ On Saturday, January 1, 2000 at 21:41:25 (-0500), Steven J. Sobol wrote: ]
Subject: Re: mail does bounce (was: Customers down?)
Hm. I think you're looking at this from a different angle. Yes. If the domain can't be found because there are no records in the root nameserver, a sane mailer should bounce the message,
Even though it appears you do understand (at least fundamentally), and indeed agree with what I actually said! :-)
and in fact, Sendmail does, as shown by the following bounce message
I thought so.....
What I was referring to was a situation where the domain does exist in the root nameservers but the authoritative nameservers are unavailable.
If you s/root/parent/ then indeed you've got it right, as does Postfix, Smail, and supposedly sendmail too, but they rely on the resolver library working as it should too. Now if only we could just teach sendmail that mail must also bounce immediately when any 5xx *permanent* error reply is returned! :-) -- Greg A. Woods +1 416 218-0098 VE3TCP <gwoods@acm.org> <robohack!woods> Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>
participants (4)
-
Roeland M.J. Meyer -
Steven J. Sobol -
sthaug@nethelp.no -
woods@most.weird.com