Sendmail DNS Timeout – How to Reduce the Sendmail DNS Timeout Period

domain-name-systememailredhatsendmail

I have a problem with the sendmail DNS timeout period when trying to sent to a email address which has a DNS issue. Let's say the problematic email address is test@example.com

I can see there is a DNS issue with this domain using:

>host -t mx example.com
;; connection timed out; no servers could be reached

I can test and time the sendmail call to the problematic email address using:

> time echo "This is a test message" | /usr/lib/sendmail -ftest@test.com test@example.com
real 2m36.252s
user 0m0.004s
sys  0m0.005s

Currently, it takes 2m36s for sendmail to timeout! This causes our PHP webpages that try to send to this email address to hang and eventually return an error to the browser.

My question is: How do I reduce this timeout?

I have seen a few sendmail related timeout configurations:

> grep resolver /etc/mail/sendmail.cf
Timeout.resolver.retrans=5s
Timeout.resolver.retry=4

Sendmail seems to be set to retry 4 times, with a 5s delay each re-transmission.

But I haven't found the actual DNS timeout period?

For reference: This is occurring on Red Hat Enterprise Linux Server release 5.2, sendmail 8.13.8, Linux Kernel: 2.6.18, Apache version: 2.2.3, PHP version: 5.3.0. Note: This question is a follow up from Sendmail delays on some email addresses

Best Answer

As a quick work-around you can fiddle with your /etc/resolv.conf. Of course this changes how the system resolver works, this is not at all sendmail-specific issue.

timeout: n
    sets the amount of time the resolver will wait for a response from a remote name server before retrying the query via a different name server. Measured in seconds, the default is RES_TIMEOUT (see <resolv.h> ). 
attempts: n
    sets the number of times the resolver will send a query to its name servers before giving up and returning an error to the calling application. The default is RES_DFLRETRY (see <resolv.h> ).

In the long run, the above is not so good solution. Your DNS server setup is broken and it needs to be fixed. If there is a query about non-existing MX/domain the server should QUICKLY respond with NXDOMAIN. It should not wait such long time, as it generally causes all sorts of problems with many programs (sendmail for starters, but typically also sshd and NFS).

Related Topic