search cancel

DNS lookup failures such as "Unable to resolve DNS query for [ipadress].[domain.tld]" or "Latency threshold for feature "[domain.tld]" exceeded. Feature has been suspended."

book

Article ID: 162458

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

The BMServer  log shows multiple DNS lookup failures of the type "Unable to resolve DNS query for <ipadress>.<domain.tld>", when in debug or "Latency threshold for feature "<domain.tld>" exceeded.  Feature has been suspended."

This is usually seen in conjunction with mail queues building and/or bmserver crashes.

"Unable to resolve DNS query for <ipadress>.<domain.tld>", when in debug or "Latency threshold for feature "<domain.tld>" exceeded.  Feature has been suspended."

A tcpdump on port 53 will also show a high amount of lookup failures

Cause

This is most commonly caused by an incorrect entry in Third Party Bad (or Good) Senders.

  • Check the Third Party Bad (or Good) Senders for domains that are intended to be in Local Bad (or Good) Senders lists instead of Third Party.
  • The only entries that should be in Third Party Bad (or Good) Senders are the proper URL's for Third Party DNSBL (Domain Name System Blacklist) services such as spamhaus.org or spamcop.net.
  • Even a few improper entries in this list puts high load on bmserver, since every connecting IP will be checked against every single entry causing the bmserver to crash and mail to queue as the domains can't be checked against domains who are not DNS blacklist providers.

Resolution

The resolution is to transfer the domains incorrectly listed in Third Party Bad (or Good) Senders to Local Bad (or Good) Senders and make sure Third Party Bad (and Good) Senders only contains actual realtime DNSBL providers.