Amavis DNS query timeout
Dominic Raferd
dominic at timedicer.co.uk
Sun Feb 12 18:37:17 CET 2017
On 12 February 2017 at 17:20, Tim Smith <randomdev4 at gmail.com> wrote:
>
> Well surely amavis is using the same DNS servers as the server ?
> Therefore a "dig" on the server indicates that my DNS lookups are
> working, and therefore why I am saying amavis is not right when it
> says "DNS timeout".
>
> If you could point me in the right direction of how to collect the
> further troubleshooting data you need, I'll be happy to oblige !
>
> On 12 February 2017 at 14:52, Patrick Domack <patrickdk at patrickdk.com> wrote:
> > I don't see how the dig test has anything to do with amavis dns test.
> >
> > The amavis dns lookup could have timeout but still succeeded in your dns
> > cache server, and your dig would return that result instantly.
> >
> > Without any more details, such as un-mung results, no more investigation can
> > be done.
> >
> >
> >
> > Quoting Tim Smith <randomdev4 at gmail.com>:
> >
> >> Hi,
> >>
> >> amavisd is adding the following header to my mails :
> >>
> >> Authentication-Results: my.example.com (amavisd-new); dkim=neutral
> >> reason="invalid (public key: DNS query timeout for
> >> their._domainkey.example.com)" header.d=example.com
> >>
> >> The problem is that this is a lie !
> >>
> >> I have no DNS problems, and if I do :
> >>
> >> dig their._domainkey.example.com TXT
> >>
> >> dig returns fine without any substantial wait.
> >>
> >> What setting am I missing ? Where am I going wrong ?
> >>
> >>
> >> Thanks !
I don't think the presence of (amavisd-new) in the Authentication
Header means that the header was generated by or has anything to do
with amavisd-new. The header looks to be from a dkim milter such as
opendkim, which may not be correctly set up to generate the dkim
header for your outgoing emails.
More information about the amavis-users
mailing list