CNAME lookup failed temporarily.

[SupportA]

<[email protected]>:
CNAME lookup failed temporarily. (#4.4.3)
I'm not going to try again; this message has been in the queue too long.

This looks like a problem with large DNS reply:

http://www.google.com/search?q=qmail+patch+DNS+512+bytes

There is a patch for Qmail for this problem:

http://www.google.com/search?q=DNS+512+patch+qmail+FreeBSD

However, is there anything non-standard with Plesk 8.6 that would
complicate this patch?

Thanks for any light you can shed on this problem.

 

[Faris Raouf]

You can recompile qmail but you'll need the Plesk-specific patches to do so or it will all go horribly wrong.

I'm not sure it is worth the bother though. We all see these from time to time and no harm is done.

Faris.

 

[SupportA]

Well, users are complaining about bounces from
Yahoo, etc., I need to do something.

Where can I get the patches that are Plesk
specific?

 

[IgorG]

http://kb.odin.com/en/1161

 

[SupportA]

Thanks. Are all of these patches necessary?

I don't want to break something that works.

 

[SupportA]

OK. Here's the procedure for FreeBSD.

(This one is primarily for Linux: http://kb.odin.com/en/1161 )

cd /usr/ports/distfiles/

wget ftp://ftp.eu.uu.net/pub/unix/mail/qmail/qmail-1.03.tar.gz

tar xvzf qmail-1.03.tar.gz

cd qmail-1.03

wget http://kb.odin.com/Attachments/806/Attachments/plesk86_qmail_patches.tgz

tar zxvf plesk86_qmail_patches.tgz

patch -p0 < ./files/patch-BC
patch -p0 < ./files/patch-big-dns
patch -p0 < ./files/patch-chown
patch -p0 < ./files/patch-pb
patch -p0 < ./files/patch-pe
patch -p0 < ./files/patch-pf
patch -p0 < ./files/patch-pg
patch -p0 < ./files/patch-ph
patch -p0 < ./files/patch-pi
patch -p0 < ./files/patch-pp
patch -p0 < ./files/patch-ps
patch -p0 < ./files/patch-pt
patch -p0 < ./files/patch-pu-tls
patch -p0 < ./files/patch-pv-smtp-auth
patch -p0 < ./files/patch-qmail-date-localtime
patch -p0 < ./files/patch-qmtpd
patch -p0 < ./files/patch-spf
patch -p0 < ./files/patch-TD
patch -p0 < ./files/patch-z01-isoc
patch -p0 < ./files/patch-z02-libssl
patch -p0 < ./files/patch-z03-next-mx
patch -p0 < ./files/patch-z04-tcp-env
patch -p0 < ./files/patch-z10-spp
patch -p0 < ./files/patch-z15-smtpd-relay-reject
patch -p0 < ./files/patch-z20-perms
patch -p0 < ./files/patch-z25-mms
patch -p0 < ./files/patch-z30-tlsserverciphers-fix
patch -p0 < ./files/patch-z33-dk-0.54
patch -p0 < ./files/patch-z35-dk-auth
patch -p0 < ./files/patch-z37-dk-mailhandler
patch -p0 < ./files/patch-z40-smtpd-maxrcpt
patch -p0 < ./files/patch-z42-inject-maxrcpt

cd /usr/ports/distfiles/qmail-1.03
cp -p conf-users conf-users.1.bak
cp -p conf-groups conf-groups.1.bak

grep -E '^(qmail|alias)' /etc/passwd | awk 'BEGIN {FS=":"; OFS=" ";} {if ($1 == "qmaill") {print $1,$3,"\nroot 0"} else {print $1,$3}}' > conf-users

grep -E '^(qmail|nofiles)' /etc/group | awk 'BEGIN {FS=":"; OFS=" ";} {print $1,$3}' > conf-groups

echo -lssl > ssl.lib

cp -p conf-qmail conf-qmail.1.bak
echo "/usr/local/psa/qmail" > conf-qmail

cd /usr/ports/security/openssl
make install

cd /usr/ports/distfiles/qmail-1.03/
nano -w conf-spawn

Change limit from 1000 to 509:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1000

This is a silent concurrency limit. You can't set it above 255. On some
systems you can't set it above 125. qmail will refuse to compile if the
limit is too high.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
509

This is a silent concurrency limit. You can't set it above 255. On some
systems you can't set it above 125. qmail will refuse to compile if the
limit is too high.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cp -p qmail-dk.c qmail-dk.1.bak.c
nano -w qmail-dk.c

Change line from:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#include <domainkeys.h>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

to:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#include "/usr/local/include/domainkeys.h"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Create some symlinks per: http://www.kaba1ah.org/2008/07/16/adding-domainkeys-support-to-qmail-under-freebsd/

ln -s /usr/local/lib/libdomainkeys.a /usr/lib/libdomainkeys.a
ln -s /usr/local/lib/libdomainkeys.so.3 /usr/lib/libdomainkeys.so
ln -s /usr/local/lib/libdomainkeys.so.3 /usr/lib/libdomainkeys.so.3
ln -s /usr/local/share/libdomainkeys/dknewkey /usr/local/bin/dknewkey

Create a file:

echo "-ldomainkeys" > dk.lib

Compile: (ABSOLUTELY DO NOT TYPE MAKE INSTALL!!!)

make

Set permissions and ownership:

chmod 4511 qmail-queue
chown qmailq qmail-queue
chgrp qmail qmail-queue

chmod 555 qmail-local
chown root qmail-local
chgrp qmail qmail-local

chmod 555 qmail-remote
chown root qmail-remote
chgrp qmail qmail-remote

Copy the files:

cp -p /usr/ports/distfiles/qmail-1.03/qmail-queue /usr/local/psa/qmail/bin/
cp -p /usr/ports/distfiles/qmail-1.03/qmail-local /usr/local/psa/qmail/bin/
cp -p /usr/ports/distfiles/qmail-1.03/qmail-remote /usr/local/psa/qmail/bin/

I just rebooted, rather than restarting services

 

[RowanL]

I tried to follow these instructions on a Ubuntu 8.04 server, but have run into an issue. After installing the compiled binaries the server was no longer unable to send emails and I had to revert to the originals to get it working again.

There doesn't appear to be an error log for smtp, at least that I could find, so I have no idea what the problem could be.

Can anyone help? Where would I find out what qmail is doing with the emails?

 

[Faris Raouf]

It is likely to be the group/owner and permissions that were wrong for Ubuntu.

Take a look at your existing privs etc for qmail-* and then apply these to the patched qmail.

Faris.

 

[alexch]

Before applying the patch, you might want to check if your server responds to TCP DNS queries: http://kb.parallels.com/111616