The ANY querys only fail from our local DNS servers not from any others on the internet including the ones at army.mil also there are several other domains that return this error intermittently. So is it more of an DNS error on which side? I found this about DNS from:
818. [bug] Certain pathological responses to ANY queries could
cause an assertion failure. [RT #1218]
Does this fit my puzzle here?
Sent: Wednesday, April 03, 2002 8:31 AM
Subject: Drifting OT (was Re: FW: "no data known" vrs "host not found")
> > > Sendmail has traditionally done an ANY query so that it can get
> > > look up the MX and A records in one query, rather than first doing
> > > an MX query and then an A query if that fails.
> > > I'm not sure if this is a configurable option or it has changed in
> > > recent versions.
> > i could well be wrong, but i think this changed as of 8.10 or 8.11.
> I believe sendmail uses ANY queries up through 8.11.
Produces the following:
Apr 03 07:54:43.723 client 127.0.0.1#1207: query: www.gsa.gov IN ANY Apr 03 07:54:43.803 client 127.0.0.1#1207: query: www.wip.gsa.gov IN ANY Apr 03 07:54:44.026 client 127.0.0.1#1207: query: www.wip.gsa.gov IN MX Apr 03 07:54:44.078 client 127.0.0.1#1207: query: www.wip.gsa.gov IN ANY Apr 03 07:54:44.178 client 127.0.0.1#1207: query: www.wip.gsa.gov IN A
Interesting that it took five queries! Have to look into that, I guess.
I also found an interesting DNS/sendmail interaction that I had not expected.
On my test lan, I have a machine corinth.athena.inc. that sometimes runs an http/s server but not mail servers. In the athena.inc. zone were:
athena.inc. CNAME corinth.athena.inc.
athena.inc. MX 5 sparta.athena.inc.
along with the usual A RRs.
The solution is to add a "sendmail alias" for athena.inc. to the appropriate sendmail configuration file ('access' in this case). Now sendmail would accept the MX RR as a source for information rather than ignoring it and using the chain of athena.inc. ->CNAME
->corinth.athena.inc. ->A ->192.168.1.3 -.No MTA connection refused.
From the RELEASE-NOTES for sendmail 8.12.0/8.12.0 2001/09/08
T_ANY queries are no longer used by sendmail.
Quote:> - Kevin