Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 24 Apr 2015 00:08:00 +0200
From: Harald Becker <>
Subject: Re: Still not possible to send mail to domain

On 23.04.2015 23:55, Harald Becker wrote:
> Hi Rich,
> extending my search on qhe net I found the following:
> All of the senders experiencing the bounced messages mentioning cname
> lookup failure appear to be running the qmail mail server software.
> Qmail, if not using a third party patch that was written in the late
> 90’s, has an issue sending to domains whose name servers respond to DNS
> queries of type “ANY” with more than 512 bytes of data; that is a bug in
> qmail and the author has never fixed it because he wants you to use his
> DNS server software which also eliminates the issue in a different way.
> Google’s name servers do respond to queries of type “ANY” with more than
> 512 bytes of data, so when an unpatched qmail server tries to send an
> email to a domain whose lowest cost MX record ends in, qmail
> is going to do a DNS query of type ANY against one of’s
> authoritative name servers, get back more than it can correctly handle
> and defer repeatedly until ultimately bouncing the message with that
> cname lookup failure…

Sorry I forgot to add the link:

> Harald

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.