[Resolved]DNS cache seems corrupt
Posted: Tue May 07, 2019 12:54 pm
Hello,
I have a very weird problem that I have just noticed. It all started because mail from a very reputable international insurance company (aetna.com) keeps going into our junk folders for all of our users. At first I was trying to whitelist it, but today I realized that the problem was this.
Server details:
The part that originally didn't catch my attention was that there was a DNS query timeout. This causes the spam score in Spamassassin to go above the spam threashold since DKIM fails.
So I ran this:
Lo and behold it failed.
I ran the same query from my own computer and it worked fine. I ran the same query from other almost identical Zimbra servers that I manage and it was successful, but for some reason this server cannot run a dig command against aetna.com.
/etc/resolv.conf
/etc/network/interfaces
zimbra@zimbra:~$ zmprov getServer `zmhostname` | grep DNSMasterIP
I have tried flushing the cache, but it doesn't help.
I have tried changing the DNS servers to the ISP DNS servers instead of Google, and that doesn't help.
If I shut down the dnscache service using the following command - the query starts working correctly.
The same type of queries to other domains work perfectly fine, so it's not a firewall blocking issue.
Any ideas on what might be going on here? This is really really weird.
Only thing I can possibly think of is the virtual nic card type in VMware guest settings.
I have a very weird problem that I have just noticed. It all started because mail from a very reputable international insurance company (aetna.com) keeps going into our junk folders for all of our users. At first I was trying to whitelist it, but today I realized that the problem was this.
Server details:
Code: Select all
zimbra@zimbra:~$ cat /etc/issue
Ubuntu 14.04.6 LTS \n \l
zimbra@zimbra:~$ zmcontrol -v
Release 8.8.11.GA.3737.UBUNTU14.64 UBUNTU14_64 FOSS edition, Patch 8.8.11_P4.
Code: Select all
Authentication-Results: mail.mydomain.com (amavisd-new); dkim=neutral
reason="invalid (public key: DNS query timeout for Mar2018._domainkey.aetna.com at /opt/zimbra/common/lib/perl5/Mail/DKIM/DNS.pm line 156, <GEN16> line 2304.)"
header.d=aetna.com header.b=SZqPtx4l; dkim=fail (1024-bit key)
So I ran this:
Code: Select all
dig -t txt Mar2018._domainkey.aetna.com
Code: Select all
<<>> DiG 9.9.5-3ubuntu0.19-Ubuntu <<>> -t txt Mar2018._domainkey.aetna.com
;; global options: +cmd
;; connection timed out; no servers could be reached
/etc/resolv.conf
Code: Select all
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
Code: Select all
dns-nameservers 8.8.8.8 8.8.4.4
Code: Select all
zimbraDNSMasterIP: 8.8.8.8
zimbraDNSMasterIP: 8.8.4.4
I have tried changing the DNS servers to the ISP DNS servers instead of Google, and that doesn't help.
If I shut down the dnscache service using the following command - the query starts working correctly.
Code: Select all
/opt/zimbra/bin/zmdnscachectl stop
Any ideas on what might be going on here? This is really really weird.
Only thing I can possibly think of is the virtual nic card type in VMware guest settings.