# SpamAssassin DNS errors.

## Philippe23

For the last week or so, I've been getting a ton of these in my logs:

```
Apr  6 22:22:36 ip-172-30-3-20 spamd[14660]: rules: failed to run NO_DNS_FOR_FROM RBL test, skipping:

Apr  6 22:22:36 ip-172-30-3-20 spamd[14660]:  (available_nameservers: [...] No DNS servers available!)

Apr  6 22:22:36 ip-172-30-3-20 spamd[14660]: spf: lookup failed: available_nameservers: No DNS servers available!

Apr  6 22:22:36 ip-172-30-3-20 spamd[14660]: spf: lookup failed: available_nameservers: No DNS servers available!

Apr  6 22:22:36 ip-172-30-3-20 spamd[14660]: rules: failed to run DKIM_ADSP_CUSTOM_MED test, skipping:

Apr  6 22:22:36 ip-172-30-3-20 spamd[14660]:  (available_nameservers: [...] No DNS servers available!

Apr  6 22:22:36 ip-172-30-3-20 spamd[14660]: )

Apr  6 22:24:01 ip-172-30-3-20 spamd[14660]: plugin: eval failed: available_nameservers: No DNS servers available!
```

I'm baffled because I have DNS available including 8.8.8.8 (Google) and 4.2.2.1 (Verizon) as backups to my ISP's primary DNS.  Nothing else is complaining about DNS resolve issues.

Everything I've found related to this is talking about a bug from 2014 that was fixed (eg: https://forum.directadmin.com/showthread.php?t=50083 ), but the code looks nothing like that patch anymore, so I'm pretty sure we're all well past that.

I went to try downgrading dev-perl/Net-DNS, but it looks like there's only one version in portage at this point.

Anyone have any idea how to fix this?

----------

## Philippe23

I'm totally wrong.  That code is absolutely in there.  Applying patch to see if it fixes it.

----------

## noclear2000

did you resp. the pacth  fix it

----------

## Philippe23

 *noclear2000 wrote:*   

> did you resp. the pacth  fix it

 

Sorry, I don't understand.

----------

## noclear2000

sorry if i expressed myself unclear?

I wanted to know if the patch solved the issue for you? (I face the same problem)

----------

## Philippe23

Yes, the patch made the errors go away.

I've submitted a Gentoo bug, but it's just waiting for someone to add the patch.  https://bugs.gentoo.org/show_bug.cgi?id=579222

If you apply the patch, watch out if a new version comes out, you'll have to re-apply it.

----------

## noclear2000

thank you!

----------

## vespaman

So I have also recognised this issue in my logs. But my mail server is on a stable amd64 system, where 3.4.0-r1 is the latest. And to add to that, I don't even have the DnsResolver.pm anywhere but here: /usr/lib64/perl5/vendor_perl/5.20.2/Mail/SpamAssassin/DnsResolver.pm 

Is this the file in fault? How can I resolve this?

I have tried to update spamassassin by temporary setting ~arch, but that pulls lots of stuff, and conflicts, so that does not seam to be the route forward.

----------

## Philippe23

Do you have dev-perl/Mail-DKIM installed?  Which version?

----------

## toralf

Hhm, here sa-update suddenly (tm) no longer works since few days with the same error emssage given in the origin of this thread. After deleting /var/lib/spamassassin/3.004000/ spamd refuses to start:

```
# /usr/sbin/spamd

Aug 30 20:55:08.553 [24396] error: config: no rules were found! Do you need to run 'sa-update'?

config: no rules were found!  Do you need to run 'sa-update'?

```

:-/ FWIW:

```
# qlist -ICv DKIM

dev-perl/Mail-DKIM-0.400.0

# qlist -ICv DNS

dev-perl/Net-DNS-1.40.0

dev-perl/Net-DNS-Resolver-Programmable-0.3.0-r1
```

----------

## Philippe23

What spamassassin ebuild version are you running and what's your sa-update command line?

----------

## toralf

 *Philippe23 wrote:*   

> What spamassassin ebuild version are you running and what's your sa-update command line?

 Tried 3.4.0-r1 and ~3.4.1-r6

```
sa-update 2>&1 | wgetpaste
```

is in https://bpaste.net/show/889eedc975a6

----------

## Philippe23

Looks like some one upstream screwed up: https://www.mail-archive.com/users@spamassassin.apache.org/msg97105.html

 *Quote:*   

> <very_weird>
> 
> Pulled 10_uridnsbl_skip_financial.cf from my sandbox till we can figure out why sa-update is tripping over it
> 
> sa-update should be back to normal after next update

 

That was well over 24-hours ago though.  Not sure why the fix hasn't made it out yet.Last edited by Philippe23 on Tue Aug 30, 2016 7:20 pm; edited 1 time in total

----------

## toralf

I'd blame upstream too b/c there's nothing in the emerge history here which could break it.

FWIW I do use DNSSEC here since months and was wondering if there's some side effects in the mean while.

----------

