Mipam
2004-05-10 10:17:37 UTC
Hi,
By accident i run into some icmp type 3 code 3 from the mailserver to the
dns server. Actually quite a lot of them, it happens all the time.
After checking i found this:
postfix does a request for the mx record of a domain in order to be able
to deliver the mail:
11:29:27.750125 x.x.x.x.56849 > y.y.y.y.53: [bad udp cksum
af79!] 64858+ MX? netland.nl. (28) (ttl 64, id 27385, len 56, bad cksum
0!)
(note that the NIC has tcp checksum offloading, therefore the bad
checksums in the tcpdump outputs.
Later i got this response:
11:30:22.825167 y.y.y.y.53 > x.x.x.x.56849: [udp sum ok]
64858 ServFail q: MX? netland.nl. 0/0/0 (28) (ttl 64, id 11282, len 56)
The postfix machine answered:
11:30:22.825193 x.x.x.x > y.y.y.y: icmp: 82.201.105.244 udp
port 56849 unreachable for y.y.y.y.53 > x.x.x.x.56849: [no cksum]
[|domain] (ttl 64, id 11282, len 56) (ttl 64, id 27415, len 56, bad cksum 0!)
4500 0038 6b17 0000 4001 0000 xxxx xxxx
yyyy yyyy 0303 1e92 0000 0000 4500 0038
2c12 0000 4011 d527 52c9 69f5 52c9 69f4
0035 de11 0024 0000
Actually, i'm seeing these message many many times.
All the time: after 55 seconds the dns responds back to postfix that
there's ServFail and postfix allready seems to have closed the listening
port so an icmp type 3 code 3 is being generated.
Note that this only happens in the case of ServFails most domains can be
resolved in time of course.
These icmps come when a SerFail has been reported.
In the postfix logs i see:
May 10 11:30:07 mail01 postfix/smtpd[29714]: 80FAB5C98: reject: RCPT from
host.domain.com[z.z.z.z]: 450 <***@netland.nl>: Recipient
address rejected: Domain not found;
So seemingly postfix waits 40 seconds for an answer, if no dns response
haas been received within this time, the message is rejected and the port
is being closed. Is there a time which i can adjust to match the dns timer
or maybe i should adjust the dns timer?
Bye,
Mipam.
By accident i run into some icmp type 3 code 3 from the mailserver to the
dns server. Actually quite a lot of them, it happens all the time.
After checking i found this:
postfix does a request for the mx record of a domain in order to be able
to deliver the mail:
11:29:27.750125 x.x.x.x.56849 > y.y.y.y.53: [bad udp cksum
af79!] 64858+ MX? netland.nl. (28) (ttl 64, id 27385, len 56, bad cksum
0!)
(note that the NIC has tcp checksum offloading, therefore the bad
checksums in the tcpdump outputs.
Later i got this response:
11:30:22.825167 y.y.y.y.53 > x.x.x.x.56849: [udp sum ok]
64858 ServFail q: MX? netland.nl. 0/0/0 (28) (ttl 64, id 11282, len 56)
The postfix machine answered:
11:30:22.825193 x.x.x.x > y.y.y.y: icmp: 82.201.105.244 udp
port 56849 unreachable for y.y.y.y.53 > x.x.x.x.56849: [no cksum]
[|domain] (ttl 64, id 11282, len 56) (ttl 64, id 27415, len 56, bad cksum 0!)
4500 0038 6b17 0000 4001 0000 xxxx xxxx
yyyy yyyy 0303 1e92 0000 0000 4500 0038
2c12 0000 4011 d527 52c9 69f5 52c9 69f4
0035 de11 0024 0000
Actually, i'm seeing these message many many times.
All the time: after 55 seconds the dns responds back to postfix that
there's ServFail and postfix allready seems to have closed the listening
port so an icmp type 3 code 3 is being generated.
Note that this only happens in the case of ServFails most domains can be
resolved in time of course.
These icmps come when a SerFail has been reported.
In the postfix logs i see:
May 10 11:30:07 mail01 postfix/smtpd[29714]: 80FAB5C98: reject: RCPT from
host.domain.com[z.z.z.z]: 450 <***@netland.nl>: Recipient
address rejected: Domain not found;
So seemingly postfix waits 40 seconds for an answer, if no dns response
haas been received within this time, the message is rejected and the port
is being closed. Is there a time which i can adjust to match the dns timer
or maybe i should adjust the dns timer?
Bye,
Mipam.