Re: Sendmail - how to disable ipv6 AAAA lookups

To: Robert S <robert_s@emailme.net.au>
Cc: debian-user@lists.debian.org
Subject: Re: Sendmail - how to disable ipv6 AAAA lookups
From: Richard A Nelson <cowboy@debian.org>
Date: Fri, 10 Sep 2004 23:42:42 -0700 (PDT)
Message-id: <[🔎] Pine.LNX.4.58.0409102331191.19152@hygvzn-guhyr.pnirva.bet>
In-reply-to: <[🔎] chtau6$319$1@sea.gmane.org>
References: <[🔎] chtau6$319$1@sea.gmane.org>

On Sat, 11 Sep 2004, Robert S wrote:

> I have posted a question recently about sendmail not resolving host names.
> It looks to me as if it is failing to do AAAA lookups.

That'd be a DNS failure - not sendmail...  Some resolvers are b0rked
wrt AAAA/A6 lookups :(

> Is is possible to prevent sendmail from trying to do AAAA lookups?  This
> might solve the problem.

From: /usr/share/sendmail/cf.README.gz:
        Some DNS based rejection lists cause failures if asked
        for AAAA records. If your sendmail version is compiled
        with IPv6 support (NETINET6) and you experience this
        problem, add

            define(`DNSBL_MAP', `dns -R A')

From: /usr/share/sendmail/changelog.gz:
    Add "use_inet6" as a new ResolverOptions flag to control the
        RES_USE_INET6 resolver option.  Based on patch from Rick
        Nelson of IBM.
Wait... I know that guy... Oh, never mind, that'd be something
akin to:
	dnl define(`confBIND_OPTS',
	dnl `-use_inet6')dnl #%%%%%

From: /usr/share/sendmail/op/op.txt.gz:
          O ResolverOptions=+AAONLY -DNSRCH

      turns  on  the  AAONLY  (accept  authoritative answers
      only) and turns off  the  DNSRCH  (search  the  domain
      path)   options.    Most  resolver  libraries  default
      DNSRCH, DEFNAMES, and RECURSE flags on and all  others
      off.   If  NETINET6 is enabled, most libraries default
      to USE_INET6 as well.  You can also include  "HasWild-
      cardMX"  to specify that there is a wildcard MX record
      matching your domain; this turns off MX matching  when
      canonifying  names,  which  can  lead to inappropriate
      canonifications.   Use   "WorkAroundBrokenAAAA"   when
      faced  with  a broken nameserver that returns SERVFAIL
      (a temporary failure) on T_AAAA (IPv6) lookups  during
      hostname  canonification.   Notice: it might be neces-
      sary to apply the same (or similar)  options  to  sub-
      mit.cf too.

Which, in .m4 parlance would be something akin to:
	dnl define(`confBIND_OPTS',
	dnl `+WorkAroundBrokenAAAA -DNSRCH -DEFNAMES')dnl #%%%%%

> I'm not very keen on recompiling sendmail - I'd like to keep the original
> (debian 3.0) binary for ease of upgrading!!  I haven't managed to find
> answers on google groups.

Should be no need....

What is the exact nature of your problem, now that you've apparently
narrowed it down some more ?

-- 
Rick Nelson
<Marticus> There's too much blood in my caffeine system.

Reply to:

References:
- Sendmail - how to disable ipv6 AAAA lookups
  - From: "Robert S" <robert_s@emailme.net.au>

Prev by Date: Re: spurious interrupt error causes a kernel panic during Debian install
Next by Date: Re: spurious interrupt error causes a kernel panic during Debian install
Previous by thread: Sendmail - how to disable ipv6 AAAA lookups
Next by thread: KDE Apps Fonts without KDE
Index(es):
- Date
- Thread