# CNAME lookup failed temporarily - Please help [SOLVED]

## lazloman

I;ve been getting this error for some time now when I try to send mail to my wife's job at hud.gov. I could find anything here in the forums, but in Google, I found many references. The most promising suggests that too much information is returned when the lookup is done, leading to the failure. I can send mail to everyone else and I can send mail to my wife via google mail, just not from my mail server. Can someone help  me out with this?

Thanks

----------

## gerdesj

 *lazloman wrote:*   

> I;ve been getting this error for some time now when I try to send mail to my wife's job at hud.gov. I could find anything here in the forums, but in Google, I found many references. The most promising suggests that too much information is returned when the lookup is done, leading to the failure. I can send mail to everyone else and I can send mail to my wife via google mail, just not from my mail server. Can someone help  me out with this?
> 
> Thanks

 

You don't give many clues to go on!

What mail server software are you using?

What email client?

I've just done some dig-ing and hud.gov have three MX records all with a priority of 0 (zero) which is a bit weird but OK.  The first two repond to a quick telnet on port 25 but the third doesn't and so it may be broken or tired or something.

On your box with the mail server on it please type at a console prompt: 

$dig hud.gov MX 

and post the results back here.  Note the $ represents your prompt and should not be typed. You may have to install net-dns/bind-tools first.

Cheers

Jon

----------

## lazloman

Sorry, I can't believe I left out such important details. I'm using qmail 1.03 (virtual/qmail-1.03), connecting with the Mac Mail application.  Here's the output you requested:

dig hud.gov MX 

```

Hedley control # dig hud.gov MX 

; <<>> DiG 9.4.3-P4 <<>> hud.gov MX

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19842

;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 3

;; QUESTION SECTION:

;hud.gov.         IN   MX

;; ANSWER SECTION:

hud.gov.      72410   IN   MX   0 horluep003.hud.gov.

hud.gov.      72410   IN   MX   0 hlanuep001.hud.gov.

hud.gov.      72410   IN   MX   0 hlanuep002.hud.gov.

;; AUTHORITY SECTION:[

hud.gov.      72410   IN   NS   hudgater.hud.gov.

hud.gov.      72410   IN   NS   hudgate.hud.gov.

;; ADDITIONAL SECTION:

horluep003.hud.gov.   72410   IN   A   170.97.202.58

hlanuep001.hud.gov.   72410   IN   A   170.97.200.33

hlanuep002.hud.gov.   72410   IN   A   170.97.200.34

;; Query time: 1 msec

;; SERVER: 127.0.0.1#53(127.0.0.1)

;; WHEN: Mon Feb  1 00:02:52 2010

;; MSG SIZE  rcvd: 199

```

The post I looked at suggested that this error might be caused by a server that sends back to much info for a ANY query. Here's the output from this query:

```

Hedley control # dig hud.gov ANY

;; Truncated, retrying in TCP mode.

; <<>> DiG 9.4.3-P4 <<>> hud.gov ANY

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1272

;; flags: qr rd ra; QUERY: 1, ANSWER: 19, AUTHORITY: 2, ADDITIONAL: 3

;; QUESTION SECTION:

;hud.gov.         IN   ANY

;; ANSWER SECTION:

hud.gov.      72344   IN   RRSIG   DNSKEY 7 2 86400 20100302014952 20100131014952 41417 hud.gov. izkgKbLiY5lshmra9WGCrj7+OlqUkNpTQgz2pAG/7GgbJFWTw2fH+Ifj gvcY38B5It9vXhfjNd06KxifqsmDrS2Xyg6pyeA8SV/ilZRy86qg8PU6 ijvOG77442RZWDzhBNj989MED24zmCJ/Y/KibkU69Utmu19kXP42Qe4I WJldNLVFUoBOERY9/zgEWkwb9axevhFoLNTv/QPsFuncrUI+hAmGwH4T 6gCuQqiuwsTcIelzFpcobnG2xBO6rD2c6m+4hA5bNY+ZH0VhXR5WjvpH M1tVWnxs92BAcxNndL5/sDzOZRXwrSm0BQU6crmKjx4et9ycdCCT/SFe 2TlF2A==

hud.gov.      72344   IN   RRSIG   DNSKEY 7 2 86400 20100302014952 20100131014952 52146 hud.gov. Js4j7k4rq1FdFsVnytg/uMoxGGP9noiA4aDFa6kJ15nvPT+X+U9lRBxn rRK5vEJYhTbgyGR6Uz6NoqJj7mi5VmBIBpIj1xgq85xwc0xki6d1VTdk sx4Y0SVmmx8s5cAmlfS/7F1J7VrQMmuI6SAWh7QBZoZMmnDcB4ywr37J O6BzrNI1STj+dXnNUYSGKlPOULjqyYuBU+bV62Qn82sug7CRxh36vQE6 rPfG1B8UUlMacsew2nhR+9Pp3Ae375cZ1ZstbcbpXef+960Ucsqy2wDG Psmv9dU3rxzkDTOcHAj6c8afD/K5hp4Rzuy8oHMiPlthUCWqfFfTQ56D s+pevA==

hud.gov.      72344   IN   DNSKEY   256 3 7 AwEAAbMOxcq4cME7e6g9ps2Sum4FQTbnehSJLbbuPTIlcepWs1VmvRqm k3iGi24D3Ci5a6q3illeJKeMX5MT2CXFwfO1y9HinLrpru2GY9YOdv5r WWz1ZfiEq5h/+2Znuv/YLHvKSibfygD9g+C1JmGIelJkK82yU1hnTHS5 Ox9FuQ6XpR/ZRcIWJYz+OY5lZ5hsqb60VqYaTMox3IMDR/A5e40Limt9 wIs+rxc0pvh0Ag4FFkrilO8LKOe1NH5Py6ru9Cz6kKndyHfJuNCt5m3t veRI4lhbRXMUVLh91WnRM35V/M3gpPB0/IzbdHkhoUg9tP7NAepgH5uk MeP1PMwgiIE=

hud.gov.      72344   IN   DNSKEY   256 3 7 AwEAAdAPF5GOOWvzdjIVo2Rza4trLMvP1HSW6BjOLmw6tWyKAQ3c0U7w UeC4K2IXjthRQTkyRD/NIrC7P9o70OThFT+uuWfwp+UxDEpb2naZb+7r yqswMOZmZTYA3mGGBrknfE/P4wvkrXhvsacD0zWuiheMLL4Mcibrfwix OvbJQG73s014AhLYj3dSKYs5SUGThAzjZsmPqwmkJ82TTd+x+FsjXtgH QHnRVytMkfKIRLZFH5Q1aS+bRMBvUNHGcvXx3ijCaRZHDpZjvlSvYMJW n329YrhcQkfGgqxzayKU88/pxFGsACZAKLFPHa14Vas5MNKlAexk2UI3 VDH88Kxqo7U=

hud.gov.      72344   IN   DNSKEY   257 3 7 AwEAAZ50d20TkOzWzJD+anUMSIMfGaI8m4If6DMax4NQnZ34yta6UOb9 07SRqBs2vJ+MpcJkyRuLx/Z9vGlfZQ7V9eBgI62EZwmfiitanwSFPZgC zM8nVswpDS+/CmaHhXUoLdgNgUYh4WSl/7fXroluC/18xyMl3ZGQRRjJ ftpQSMXubP/n9nCHZXE5YiDw1cRklqA4lLyNeXBgadWa8klekr89WNij 454KApevbg0GSudEJw7IWzbOb09npvQ1hnLz8pmDsaahfIsGBvcHSUEJ rjSkk3J1oHDj0B7Gxm+tZH4Er21RTucEWeroyIJSQmsYN+Cm0FyfgJ75 bNEsRe5M4Vc=

hud.gov.      72344   IN   RRSIG   MX 7 2 86400 20100302014952 20100131014952 41417 hud.gov. VbHeZBc9yQ6j0rqsblRJmVtzm8wPOBmcbK5uFUo2REycXn9vAtMO1a5Z yvOVfol3FOav4cNab8i40sgaxqV+DKpTaO5Qs232IqtKaH+KBgfvD4T0 q8yC1usMm/HUhMRcUospR66keVNXMVvZ60iwTKvMIPZRhN44wGBUyaxO FXAXXlnRDSgsa0kfj9sRLce6VM7Mg09zmFruMiK7s3ujZM1GTOzILrzG 3Op+5dzrkm8eZpwouUQOGebkLeKpiWiOi6/dfc9SM3VmK8ytW9UIClam JrJoP1M7i8wEUWadGkm7wHUOIFgdSWIpXhn/YYgUNeHRGdUnFvUWU7wq h34vkQ==

hud.gov.      72344   IN   MX   0 hlanuep002.hud.gov.

hud.gov.      72344   IN   MX   0 horluep003.hud.gov.

hud.gov.      72344   IN   MX   0 hlanuep001.hud.gov.

hud.gov.      72344   IN   RRSIG   A 7 2 86400 20100302014952 20100131014952 41417 hud.gov. Hqkr209gupXyrsMlng1g1OO90p/t9ZTfj/1g/MUdjPROH9uKzopnvk1C Bv/8gbdrfom8XhMIKFEpsmtXV/gKdOe1r9zw1ptF6jMpnXLfJrv/v2JT xmr1JDsqDTdVoJeRgSkoDOBKDgpasRH3sCrIRsz+Ol3D3b8p3o8MCrJ8 zSICvEKpZplKKcsx5Goz/kxfGysrhxtHMIa94R1/u47nSBecIDgkvIHW Y3hnkTVUOnvza+jEnS6u1TTXVcxORauhVUd8I3FevP8HPC9FgLTd2DyP utDaoYp98WuzKsKlV2umQ0dEGUh5qMkKFiVFINePSQjwsoEeKBx4S1NA rsgarg==

hud.gov.      72344   IN   A   170.97.167.13

hud.gov.      72344   IN   A   170.97.67.13

hud.gov.      72344   IN   RRSIG   NS 7 2 86400 20100302014952 20100131014952 41417 hud.gov. IZEHqWwQ945IT241y2UaI7btE6xDHYQv0LUohtwAYyyhMneoA2ngJEFf wcSoJiia/qZoNQ9ONMp9fcnofX4VfRcP6cokiAhxW/3F+4s8RSFh0tj2 eIVkTNJGOIYxUhqgjZlIiaotzgU9k4HponNKneC9j/5N26bHr4gdfUEY XLPYEjGe4hKFDfZDMmiEDlKL47O30gY8gmPIy+WoJ5JD/Od73CSp1GyC q5q6U98VsddsUoPXVECGqXr609OcPmIn/tHknCGrne6Fw7XFoGYLRSRH AO385MsgsTnUyNfUy6FDNluMhK/jsjy2ruC0LXrr+aZwDCAv3ExSFhCl Z0CrKA==

hud.gov.      72344   IN   RRSIG   SOA 7 2 86400 20100302014952 20100131014952 41417 hud.gov. hZ8wevH30oELnB4DiEvtCPYIqUQCuj7DjhjeC0Qu/yX7bxcd5qrL7PEa /3mYuu6iRhmBtruhFtFPzINDu/NFu7NndaKZ8AQ0oPJiHSnKAkcTELN6 Rupy0tOhZi9diBdFZ/w3DWgjP3O3qQc/KzcTYxP4fMCUDzrb8UU3AmAQ eZtk2DaKXpGeIDSu5JSusF+mojz6FDEu1gt0wyhDkaCOAAj4+kFhQ/fk iqwzRTokRBtyo3ZIrSAWnnpAq/9BrQl9widTnGh8GKpnWNPtqZxD6IOM ekl0LcZmjSzgtYNyvZzvOcgbnOQiYaptkiw6hwouvilBJSpje3NkhCsZ +dqa9g==

hud.gov.      72344   IN   SOA   hudgate.hud.gov. root.hudgate.hud.gov. 2010013001 3600 1800 2600000 86400

hud.gov.      72344   IN   RRSIG   DS 7 2 86400 20100205151702 20100131151702 51998 gov. d/PjyYj6wkFx5cVJ2Xa7AGsa6tIOr62D++BmWDENSjiJN6aP3LOqB8Yi X7VjZckp+8B2lIiY1Qe+Zv/u+Pi93o/mK6ANpTpiOKM2QIAN0VJN4K88 rJsWeoqjD7kro5+YSkSUNotXFaIfJN83Y0/b8PVUoY1L4xb13j0d4sk1 AK0=

hud.gov.      72344   IN   DS   52146 7 2 54AF554FC3FFC532BB898B9AB39F1276FD17B59D3E44772C3142EA62 680D71C7

hud.gov.      72344   IN   NS   hudgater.hud.gov.

hud.gov.      72344   IN   NS   hudgate.hud.gov.

;; AUTHORITY SECTION:

hud.gov.      72344   IN   NS   hudgate.hud.gov.

hud.gov.      72344   IN   NS   hudgater.hud.gov.

;; ADDITIONAL SECTION:

horluep003.hud.gov.   72344   IN   A   170.97.202.58

hlanuep001.hud.gov.   72344   IN   A   170.97.200.33

hlanuep002.hud.gov.   72344   IN   A   170.97.200.34

;; Query time: 34 msec

;; SERVER: 127.0.0.1#53(127.0.0.1)

;; WHEN: Mon Feb  1 00:03:58 2010

;; MSG SIZE  rcvd: 3109

```

I'm not an MTA guru, but is 3109 too large for qmail? In the post I found is here:

http://forum.qmailrocks.org/archive/index.php/t-2589.html

The last entry in the post asks if a large reply for an ANY query might be the cause and suggests a patch. But given the age of the post (4 years) one would think this situation would have been addressed by now.

Here's another post where the oversized reply might be the issue, but its' never quite nailed down:

http://faqts.com/knowledge_base/view.phtml/aid/28942

Old as well, but more clearly states that qmail does an ANY lookup instead of a CNAME and may be receiving too much data. But again, the age makes this a bit dubious.

I should also add that I've had problems with HUD in the past. I might get this error for a few weeks, with messages being bounced, and then for several weeks, things would work just fine and I could send email there. But now, messages have been getting bounced for the last 3 months.

I feel pretty confident that the problem lies on their end as I just don't make changes to my server's configuration except for the occasional qmail upgrade, which just doesn't happen very often. I have been able to send with this version of qmail.

I hope this helps and I really appreciate the assistance.

----------

## doctork

The obvious solution is to get rid of qmail and use a MTA that doesn't do totally unnecessary CNAME queries.  :Sad: 

I'm a postfix fan, myself.

--

doc

----------

## gerdesj

 *doctork wrote:*   

> The obvious solution is to get rid of qmail and use a MTA that doesn't do totally unnecessary CNAME queries. 
> 
> I'm a postfix fan, myself.
> 
> --
> ...

 

Not exactly helpful.  Personally I'm an Exim fan.

Now the MTA (Qmail) should be doing an MX lookup and this must resolve to just an IP address and not a CNAME and from dig that is what we get back.  It is pretty unlikely that Qmail would do an ANY query because that would be hugely wasteful.

You could confirm this by running:

#tcpdump -vv port 53 at a terminal on the server and sending a mail through.  If you can get Wireshark on it even better - its a lot easier to translate!

Its been years since I ran Qmail but I seem to remember that you can create static routes in a control file for mail delivery.

... Google ....

Here we go, read man qmail-remote especially the bit about smtproutes a line like this might do the trick:

hud.gov:hlanuep001.hud.gov

Its a bodge but it gets you up and running.

Cheers

Jon

----------

## lazloman

Thanks for all the replies. I added the smtproute and the qmail-send log indicates that it was accepted, so I think I may be good now. I'd like to avoid having to switch MTA's right now unless I really have to.

Thanks again.

----------

## gerdesj

 *lazloman wrote:*   

> Thanks for all the replies. I added the smtproute and the qmail-send log indicates that it was accepted, so I think I may be good now. I'd like to avoid having to switch MTA's right now unless I really have to.
> 
> Thanks again.

 

I used to run QMail for a 500K mail per week site but switched to Exim when QMail's lack of fancy routing and stuff got to be a pain.  I have rather a lot of customer sites using it now - it's great to put in front of an expensive commercial system that can't cut it when it comes to pretty reasonable customer requirements.  QMail and Exchange's SMTP service are about on a par  :Cool: 

However, QMail + DaemonTools + QMailScanner with Spam Assassin etc was a very stable and reliable system for me.  

Frankly I'd stick with what you know if it does the job.  If you outgrow it then look around.

Cheers

Jon

----------

