[Dnsmasq-discuss] dnsmasq responses.

Simon Kelley simon at thekelleys.org.uk
Thu Feb 16 20:42:47 GMT 2006

Henri wrote:
> Hello all,
> I'm new to the list, mainly because I have a question about dnsmasq
> for which I could not find an answer on the net, nor in this list's
> archives.
> My mailserver runs dnsmasq as a forwarding DNS server. My MTA is XMail
> (www.xmailserver.com) which supports spam filtering by querying
> several blacklists available on the internet (spamcop, sorbs, etc).
> These lists return an ip address, usually between and
> means the ip address is not blacklisted, all
> others mean it is blacklisted. My problem is that dnsmasq does not
> seem to return to my mailserver. Here's a part of my syslog:
> query 1:
> query[type=1910] from
> forwarded to
> query 2:
> query[A] from
> forwarded to
> reply is
> The first query never comes back with a reply. The ip (
> is not blacklisten on dnsbl.sorbs.net so it should have returned

When I attempt query 1, I get a reply, but it's not, it's "no
such domain". The logging is a bit confusing, because NXDOMAIN replies
only get logged if they are entered into the cache. If the nameserver
doesn't  return an SOA record in its reply, the name won't go into the
cache, and won't be logged. Here, there's no SOA and no log entry, but
that's a function of my ISP's nameserver, so it might not be the same
for you. The NXDOMAIN reply will get back to requestor, even if it's not

Try running "dig". I get

srk:~/dnsmasq-2.27/dnsmasq-2.27/src > dig

; <<>> DiG 9.2.4rc5 <<>>
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1234
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

; IN    A

;; Query time: 2258 msec
;; WHEN: Thu Feb 16 20:36:45 2006
;; MSG SIZE  rcvd: 49

notice: "status NXDOMAIN" and the AUTHORITY section doesn't have an SOA
entry. That query went through dnsmasq.

Short answer: returns NXDOMAIN, which
might not get logged, but will get back to your MTA. dnsmasq doesn't do
anything special with anyway.

> The second query does return an ip address because this one is
> blacklisted.
> Does anybody know what the problem is here? My smtp threads wait for
> about 90 seconds for a reply from my dns server. During a wave of spam
> (I receive about 30,000 a day) all my smtp threads are waiting...
> blocking other mail servers from connecting to deliver mail.

I don't think it's a dnsmasq problem. Maybe sorbs is just too slow for
that rate of query.

> Any advice is more than welcome!

30,000 spams a day? Get a new email address? ;-)



More information about the Dnsmasq-discuss mailing list