Page 1 of 1

No email delivered - Sender Domain not found (all DNS broken)

Posted: 14 Apr 2020 01:57
by DavidRa
I'm not sure if this is something new as of a recent update, but just this morning I've woken to EFA not delivering anything from anyone. I'm running the same environment as I built months ago, now updated to 4.0.2. Up until yesterday everything seemed kosher. Today, external emails are rejected with the error shown:

Code: Select all

MAIL FROM: <sender@example.com>
250 2.1.0 OK
RCPT TO: <mailbox@example.com>
450 4.1.8 <sender@example.com>: Sender address rejected: Domain not found
On reviewing the configuration, nothing has really changed as far as I remember. There are some... weirdnesses, though.
  • /etc/sysconfig/network-scripts/ifcfg-eth0 was a bit broken - note the missing double-quote:

    Code: Select all

    ...
    ONBOOT="yes"
    IPADDR="192.168.1.41
    PREFIX="24"
    #IPADDR="192.168.1.41"
    #PREFIX="24""
    But fixing that didn't help, and at least eth0 comes up now.
  • Default name resolution doesn't work:

    Code: Select all

    $ nslookup gmail.com
    ;; Got SERVFAIL reply from 127.0.0.1, trying next server
    ;; connection timed out; no servers could be reached
Note that if I specify the correct DNS servers on the nslookup command line, the same ones configured in eFa-Configure, I get correct responses - it's only the local resolver - is it unbound? - that isn't resolving.

Updating /etc/resolv.conf so that it has the correct nameservers instead of localhost doesn't fix it either, so there could be something else at play. Right now I've had to disable EFA to get mail flowing - which isn't ideal!

Note that I did find the other similar topics but I don't think they match:
  • I already have

    Code: Select all

    define('QUARANTINE_USE_SENDMAIL', false);
    in mailscanner.conf
  • The other post is pretty vague but seems to indicate a similar "fix"
Annoyingly, if I enable recursion (using eFa-Configure > IP Settings > DNS Recursion), name resolution starts working - but of course, ignores the two internal name servers so I lose the internal DNS that I think I need (I mean, I could be wrong about needing them but I'd rather not find out the hard way)).

Re: No email delivered - Sender Domain not found (all DNS broken)

Posted: 14 Apr 2020 02:55
by shawniverson
You should be using recursion, if at all possible. I would stick with it if you can.

I'm not sure how your interface config was altered, no updates touch the interfaces as far as I know.

Changing your resolv.conf to point to your own DNS servers and still failing indicates something is indeed not quite right.

Re: No email delivered - Sender Domain not found (all DNS broken)

Posted: 14 Apr 2020 03:38
by DavidRa
My quibble with enabling recursion is that it disables all forwarders - and the configuration for recursion is hidden / unavailable. In fact the reason it was disabled in the first place was so that I could properly specify the internal nameservers - rather than reconfiguring the firewall to permit the EFA server to query DNS directly.

I can demonstrate that eFa-Configure adjusts the interface configuration file - it adds the extra lines I indicated (#IPADDR1 and #PREFIX1). It doesn't SEEM to break the IPADDR line though, so that's another separate weirdness. The addition of those commented lines also causes eFa-Configure to display its menu for IP Settings incorrectly:

Code: Select all

2) IPV6_AUTOCONF        : yes
3) IP                   : 192.168.1.44
#IPADDR1=192.168.1.44
4) Netmask:             : 255.255.255.0

Re: No email delivered - Sender Domain not found (all DNS broken)

Posted: 14 Apr 2020 04:59
by gregecslo
Same here.

After update resolvning didn`t work and resolv.conf was reverted to recursion. I also had specified internal dns server and they were gone after update.
Had to restore snapshot to make it work.

Re: No email delivered - Sender Domain not found (all DNS broken)

Posted: 14 Apr 2020 07:38
by alexmateescu
same here

this is an issue as the email stopped working yesterday for 5 hours.

we need an option to disable resolv.conf to return to recursion if the dns servers are set.

i am also having the following errors after the upgrade

ERROR: check_for_new_database_version: Failed to find daily database using server
https://database.clamav.net.
ERROR: check_for_new_database_version: Failed to find daily database using server
https://database.clamav.net.
ERROR: remote_cvdhead: Download failed (6) ERROR: Message: Couldn't resolve host name
ERROR: check_for_new_database_version: Failed to find daily database using server
https://database.clamav.net.
ERROR: Update failed for database: daily
ERROR: Database update process failed: HTTP GET failed (11)
ERROR: Update failed.

Re: No email delivered - Sender Domain not found (all DNS broken)

Posted: 14 Apr 2020 11:17
by shawniverson
Working on a fix.

Re: No email delivered - Sender Domain not found (all DNS broken)

Posted: 14 Apr 2020 11:32
by shawniverson
Fixed going forward.

For all affected, return /etc/resolv.conf to this setting below or specify your own DNS nameservers.

Code: Select all

echo "nameserver 127.0.0.1" > /etc/resolv.conf

Re: No email delivered - Sender Domain not found (all DNS broken)

Posted: 14 Apr 2020 14:46
by gregecslo
Yup, working just fine now.

except bayes and old symlink issue that I posted to other thread.

Re: No email delivered - Sender Domain not found (all DNS broken)

Posted: 14 Apr 2020 16:31
by alexmateescu
what about the next reboot? will there be an update to take care of things? actually to leave resolv.conf as is?

Re: No email delivered - Sender Domain not found (all DNS broken)

Posted: 14 Apr 2020 18:43
by shawniverson
Yeah, I fixed the update and also pulled the faulty one.

You might still have to reset /etc/resolv.conf if it is interfering with the update process.

Re: No email delivered - Sender Domain not found (all DNS broken)

Posted: 15 Apr 2020 15:55
by doggy101
same here for the second time now, today with the update it happened again...

Re: No email delivered - Sender Domain not found (all DNS broken)

Posted: 20 Apr 2020 16:07
by kettchenkuno
Same error here for some days. Today, typically on monday, the problem came to light. Your "System Restore" menu entry saved my life today :clap: