Dear all, exim4-daemon-light is running on my single-user desktop with Debian Etch. It was configured using debconf, resulting in the following update-exim4.conf.conf: dc_eximconfig_configtype=''smarthost'' dc_other_hostnames=''apothekerknecht2'' dc_local_interfaces=''127.0.0.1'' dc_readhost=''staff.uni-marburg.de'' dc_relay_domains='''' dc_minimaldns=''true'' dc_relay_nets='''' dc_smarthost=''smtp.staff.uni-marburg.de'' CFILEMODE=''644'' dc_use_split_config=''false'' dc_hide_mailname=''true'' dc_mailname_in_oh=''true'' dc_localdelivery=''mail_spool'' Note that changing the appropriate line to dc_other_hostnames='''' doesn''t change the behaviour described below. Internet is accessed by a DSL connection, managed by a box with integrated DSL modem/WLAN AP/NAT functionality. This box establishes a connection whenever someone tries to access the net. Therefore, the "minimize dns lookups" question was answered with yes. Unfortunately, this doesn''t keep exim4 from doing DNS lookups every time the machine is booted. My understanding from the information given in the debconf question as well as in README.Debian.gz is that it really should keep exim4 from doing this. I know that "apothekerknecht2" (my hostname) is not a fully qualified domain name, so could this be the problem? In the meanwhile, i could solve the problem by creating /etc/exim4/exim4.conf.localmacros with a content of dns_ipv4_lookup = * as suggested in the FAQ. Still i would be interested why dc_minimaldns is not working in my case. Do you have any ideas? Best regards, Lothar
On Wed, Feb 13, 2008 at 08:48:56PM +0100, Lothar Ketterer wrote:> Internet is accessed by a DSL connection, managed by a box with > integrated DSL modem/WLAN AP/NAT functionality. This box establishes a > connection whenever someone tries to access the net. Therefore, the > "minimize dns lookups" question was answered with yes. > > Unfortunately, this doesn''t keep exim4 from doing DNS lookups every time > the machine is booted.Does exim also do these lookups when you start up a new daemon? If so, please use tcpdump or tshark to find out what exactly your exim is trying to look up. Does 1.3.7 of http://wiki.debian.org/PkgExim4UserFAQ help?> I know that "apothekerknecht2" (my hostname) is not a fully qualified > domain name, so could this be the problem?Possibly, yes.> In the meanwhile, i could solve the problem by creating > /etc/exim4/exim4.conf.localmacros with a content of > > dns_ipv4_lookup = * > > as suggested in the FAQ.That looks like your /etc/hosts is not correctly set up with regard to IPv6. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don''t trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190
Hi, thanks for your answer! On Mon, Feb 25, 2008 at 02:36:57PM +0100, Marc Haber wrote:> Does exim also do these lookups when you start up a new daemon? If so, > please use tcpdump or tshark to find out what exactly your exim is > trying to look up.It looks for an AAAA record for my hostname (apothekerknecht2).> Does 1.3.7 of http://wiki.debian.org/PkgExim4UserFAQ help?This is where i took "dns_ipv4_lookup = *". After reading your hint with regards to my /etc/hosts not being correctly set up for IPv6, i changed the line ::1 ip6-localhost ip6-loopback to ::1 ip6-localhost ip6-loopback apothekerknecht2 Looks like everything works fine now, but is this the correct way to do it? I ask because localhost has a different IPv4 address (127.0.0.1) than my hostname (127.0.1.1) which has been discussed in the (far) past, see bug #316099 and #247734 (you are mentioned in the discussion). Anyway, what is responsible for setting up /etc/hosts? The installer? Then why is an IPv6 entry for the hostname given during installation missing? Best regards, Lothar
On Thu, Feb 28, 2008 at 12:43:52AM +0100, Lothar Ketterer wrote:> On Mon, Feb 25, 2008 at 02:36:57PM +0100, Marc Haber wrote: > > Does exim also do these lookups when you start up a new daemon? If so, > > please use tcpdump or tshark to find out what exactly your exim is > > trying to look up. > > It looks for an AAAA record for my hostname (apothekerknecht2).Interesting. I have installed etch r2 in a virtual machine, and see the AAAA lookups as well. However, when I dpkg-reconfigure exim4 for minimaldns, the AAAA lookups seem to vanish on my test system.> Looks like everything works fine now, but is this the correct way to do > it? I ask because localhost has a different IPv4 address (127.0.0.1) > than my hostname (127.0.1.1) which has been discussed in the (far) > past, see bug #316099 and #247734 (you are mentioned in the discussion).I would think that there should be a different loopback address for IPv6 as well, but I don''t know enough about IPv6, and for me, setting minimaldns eliminates the lookups on exim startup> Anyway, what is responsible for setting up /etc/hosts? The installer?parts of the installer, either finish-install or netcfg.> Then why is an IPv6 entry for the hostname given during installation > missing?I guess because it hasn''t been implemented yet. Sorry that I am not a big help. I do not see the issue Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don''t trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190
Hi, On Sat, Mar 15, 2008 at 11:35:33AM +0100, Marc Haber wrote:> Interesting. I have installed etch r2 in a virtual machine, and see > the AAAA lookups as well. However, when I dpkg-reconfigure exim4 for > minimaldns, the AAAA lookups seem to vanish on my test system.If this is only a problem on my box and not etch in general, it''s ok then. I solved it for me as described in my previous posts.> I would think that there should be a different loopback address for > IPv6 as well, but I don''t know enough about IPv6, and for me, setting > minimaldns eliminates the lookups on exim startupI looked into this today. For IPv4, RFC 3330 (Special-Use IPv4 Addresses) [1] says: 127.0.0.0/8 - This block is assigned for use as the Internet host loopback address. Regarding IPv6, RFC 4291 (IP Version 6 Addressing Architecture) [2] states Address type Binary prefix IPv6 notation Section ------------ ------------- ------------- ------- ... Loopback 00...1 (128 bits) ::1/128 2.5.3 ... and in Section 2.5.3 (The Loopback Address): The unicast address 0:0:0:0:0:0:0:1 is called the loopback address. Seems like IPv6 has only one loopback address. If you agree that the solution then is to append the hostname to the line beginning with "::1" in /etc/hosts, i wanted to suggest to include this in Section 1.3.7 of the FAQ, like this: Add an IPv6 record for your hostname (listed in /etc/hostname) to /etc/hosts by creating a line that says ::1 ip6-localhost ip6-loopback <your_hostname> If there is already a line starting with "::1", append your hostname to it. You can check with "getent hosts your_hostname" whether this was successful. What do you think about it? 1. http://tools.ietf.org/html/rfc3330 2. http://tools.ietf.org/html/rfc4291> > Then why is an IPv6 entry for the hostname given during installation > > missing? > > I guess because it hasn''t been implemented yet.But /etc/hosts contains IPv6 entries after installation? Looks like it is just the hostname that is missing.> Sorry that I am not a big help. I do not see the issueNever mind and thanks for your time! Regards, Lothar
On Sat, Mar 15, 2008 at 09:51:49PM +0100, Lothar Ketterer wrote:> On Sat, Mar 15, 2008 at 11:35:33AM +0100, Marc Haber wrote: > > Interesting. I have installed etch r2 in a virtual machine, and see > > the AAAA lookups as well. However, when I dpkg-reconfigure exim4 for > > minimaldns, the AAAA lookups seem to vanish on my test system. > > If this is only a problem on my box and not etch in general, it''s ok > then.It doesn''t seem to happen on all systems for sure, but it might be a more general issue.> > I would think that there should be a different loopback address for > > IPv6 as well, but I don''t know enough about IPv6, and for me, setting > > minimaldns eliminates the lookups on exim startup > > I looked into this today. For IPv4, RFC 3330 (Special-Use IPv4 > Addresses) [1] says: > > 127.0.0.0/8 - This block is assigned for use as the Internet host > loopback address. > > Regarding IPv6, RFC 4291 (IP Version 6 Addressing Architecture) [2] > states > > Address type Binary prefix IPv6 notation Section > ------------ ------------- ------------- ------- > ... > Loopback 00...1 (128 bits) ::1/128 2.5.3 > ... > > and in Section 2.5.3 (The Loopback Address): > > The unicast address 0:0:0:0:0:0:0:1 is called the loopback address. > > Seems like IPv6 has only one loopback address.I _think_ that the concept of loopback addresses can be filled in IPv6 with link local addresses on the local interface (lo on Linux).> If you agree that the solution then is to append the hostname to the > line beginning with "::1" in /etc/hosts, i wanted to suggest to include > this in Section 1.3.7 of the FAQ, like this: > > Add an IPv6 record for your hostname (listed in /etc/hostname) > to /etc/hosts by creating a line that says > ::1 ip6-localhost ip6-loopback <your_hostname> > If there is already a line starting with "::1", append your hostname > to it. You can check with "getent hosts your_hostname" whether > this was successful. > > What do you think about it?I am not fully convinced how that needs to be solved with IPv6.> > > Then why is an IPv6 entry for the hostname given during installation > > > missing? > > > > I guess because it hasn''t been implemented yet. > > But /etc/hosts contains IPv6 entries after installation? Looks like it > is just the hostname that is missing.Yes, but the 127.0.1.1 entry was implemented later in the development cycle. Either the corresponding ipv6 entry was forgotten, or there is a reason for it not being present. I remember weird things happening while 127.0.0.1 was connected with the host name years back. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don''t trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190
Hi, On Sat, Mar 15, 2008 at 10:34:26PM +0100, Marc Haber wrote:> It doesn''t seem to happen on all systems for sure, but it might be a > more general issue.I checked a different etch box today, standard installation with desktop. Even though exim4 is configured dc_minimaldns=''true'' _and_ dc_eximconfig_configtype=''local'' (!), it does AAAA lookups.> I _think_ that the concept of loopback addresses can be filled in IPv6 > with link local addresses on the local interface (lo on Linux).Ah, this is beyond my scope.> I am not fully convinced how that needs to be solved with IPv6.Ok. I''d really like to contribute some solid solution, but i''m afraid i can only offer some testing, if you should ever need it. Regards, Lothar
On Sun, Mar 16, 2008 at 11:17:16PM +0100, Lothar Ketterer wrote:> On Sat, Mar 15, 2008 at 10:34:26PM +0100, Marc Haber wrote: > > It doesn''t seem to happen on all systems for sure, but it might be a > > more general issue. > > I checked a different etch box today, standard installation with > desktop. Even though exim4 is configured dc_minimaldns=''true'' _and_ > dc_eximconfig_configtype=''local'' (!), it does AAAA lookups.When exactly does it make these AAAA lookups? Only when booting, or when restarting exim on the running system as well? Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don''t trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190
On Tue, Mar 18, 2008 at 02:07:44PM +0100, Marc Haber wrote:> When exactly does it make these AAAA lookups? Only when booting, or > when restarting exim on the running system as well?I checked only by restarting exim, but can test at booting, if desired. It''s maybe because the box is not assigned to any domain, just like in my case. So there is no fqdn, only a hostname. For standalone desktop machines, would you recommend to set something like fancyhostname.localdomain instead of setting only a blank hostname during installation? Regards, Lothar
On Tue, Mar 18, 2008 at 06:56:52PM +0100, Lothar Ketterer wrote:> On Tue, Mar 18, 2008 at 02:07:44PM +0100, Marc Haber wrote: > > When exactly does it make these AAAA lookups? Only when booting, or > > when restarting exim on the running system as well? > > I checked only by restarting exim, but can test at booting, if desired.No, restarting exim is fine, I am also "only" testing when restarting exim and don''t see the lookups. If you see them when restarting exim, then we''ll need to find out what our systems do differently. I''d like to see your complete: /etc/hosts /etc/mailname /etc/resolv.conf for comparision. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don''t trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190
Hi, On Sun, Mar 23, 2008 at 12:27:26PM +0100, Marc Haber wrote:> I''d like to see your complete:Find below the complete content of the files you requested. Note that /etc/hosts is shown in the configuration that does AAAA lookups, if the second line starting with "::1" is active instead of the first, the lookups vanish.> /etc/hosts127.0.0.1 localhost 127.0.1.1 apothekerknecht2 # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback #::1 ip6-localhost ip6-loopback apothekerknecht2 fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts> /etc/mailnameapothekerknecht2> /etc/resolv.conf# Dynamic resolv.conf(5) file for glibc resolver(3) generated by # resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 10.0.0.1 Regards, Lothar
On Mon, Mar 24, 2008 at 09:47:25PM +0100, Lothar Ketterer wrote:> On Sun, Mar 23, 2008 at 12:27:26PM +0100, Marc Haber wrote: > > I''d like to see your complete: > > Find below the complete content of the files you requested. Note that > /etc/hosts is shown in the configuration that does AAAA lookups, if the > second line starting with "::1" is active instead of the first, the > lookups vanish.Dumb question: What does hostname --fqdn return on your box? Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don''t trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190
Hi, On Mon, Apr 14, 2008 at 10:29:11PM +0200, Marc Haber wrote:> Dumb question: What does hostname --fqdn return on your box?apothekerknecht2 Regards, Lothar
On Mon, Apr 14, 2008 at 11:01:46PM +0200, Lothar Ketterer wrote:> On Mon, Apr 14, 2008 at 10:29:11PM +0200, Marc Haber wrote: > > Dumb question: What does hostname --fqdn return on your box? > > apothekerknecht2Then we have found the culprit: update-exim4.conf doesn''t set primary_hostname (therefore invalidating the minimaldns="true") if hostname --fqdn doesn''t. I need to think about what to do in this situation. I _think_ that this is a misconfiguration on user side, but will discuss this with my fellow DDs. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don''t trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190
On Wed, Feb 13, 2008 at 08:48:56PM +0100, Lothar Ketterer wrote:> I know that "apothekerknecht2" (my hostname) is not a fully qualified > domain name, so could this be the problem?After two months of debugging, this finally turned out to be one cause, the other one being #476249, a bug in update-exim4.conf. dc_minimaldns works by virtue of hardcoding the output of "hostname --fqdn" into the primary_hostname configuration option by update-exim4.conf, thus at package configuration time. update-exim4.conf silently does not set primary_hostname if hostname --fqdn''s output does not at least contain one dot, effectively rendering dc_minimaldns invalid. I think that this is most easily solved to have update-exim4.conf print a warning if dc_minimaldns is set and hostname --fqdn does return no dots. It is then the reponsibility of the local admin to give the system an FQDN that exim can work with. Any comments? Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don''t trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190
Hi, thank you very much for investigating on this! And thanks also for mentioning me in the bug report, i didn''t realize that i was of help so much. On Tue, Apr 15, 2008 at 02:02:27PM +0200, Marc Haber wrote:> I think that this is most easily solved to have update-exim4.conf > print a warning if dc_minimaldns is set and hostname --fqdn does > return no dots. It is then the reponsibility of the local admin to > give the system an FQDN that exim can work with. > > Any comments?To me (as a normal user without too much knowledge), it would be helpful if there was a hint how to achieve a FQDN printed along with this warning. Best regards, Lothar
On Tue, Apr 15, 2008 at 03:35:42PM +0200, Lothar Ketterer wrote:> On Tue, Apr 15, 2008 at 02:02:27PM +0200, Marc Haber wrote: > > I think that this is most easily solved to have update-exim4.conf > > print a warning if dc_minimaldns is set and hostname --fqdn does > > return no dots. It is then the reponsibility of the local admin to > > give the system an FQDN that exim can work with. > > > > Any comments? > > To me (as a normal user without too much knowledge), it would be helpful > if there was a hint how to achieve a FQDN printed along with this > warning.I am very reluctant to give a "Unix administration course" in a warning printed by an arbitrary tool. This usually leads to people not reading the text because it''s longer than two lines. The correct answer would of course be "have an FQDN in the 127.0.1.1 line in /etc/hosts" for the majority of Debian systems. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don''t trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190
On Tue, Apr 15, 2008 at 03:45:26PM +0200, Marc Haber wrote:> I am very reluctant to give a "Unix administration course" in a > warning printed by an arbitrary tool. This usually leads to people not > reading the text because it''s longer than two lines.Ok, that''s reasonable. Thanks again for your work! Lothar
On Tue, Apr 15, 2008 at 11:29:41PM +0200, Lothar Ketterer wrote:> On Tue, Apr 15, 2008 at 03:45:26PM +0200, Marc Haber wrote: > > I am very reluctant to give a "Unix administration course" in a > > warning printed by an arbitrary tool. This usually leads to people not > > reading the text because it''s longer than two lines. > > Ok, that''s reasonable.This has been committed to svn: Index: debian/debconf/update-exim4.conf ==================================================================--- debian/debconf/update-exim4.conf (revision 2257) +++ debian/debconf/update-exim4.conf (revision 2258) @@ -357,6 +357,9 @@ seed_macro "DC_minimaldns" "1" if guessed_name="$(hostname --fqdn | lowerpipe | check_ascii_pipe | grep ''\.'')" ; then seed_macro "MAIN_HARDCODE_PRIMARY_HOSTNAME" "$guessed_name" + if echo $guessed_name | grep -q ''\.''; then + errormessage "hostname --fqdn did not return a fully qualified name, dc_minimaldns will not work. Please fix your /etc/hosts setup." + fi fi fi Index: debian/changelog ==================================================================--- debian/changelog (revision 2257) +++ debian/changelog (revision 2258) @@ -24,6 +24,9 @@ * remove quotes from the init script at the sake of probably less robustness. Thanks to Laurent Fousse for spotting this issue in lsb-base 3.2-9. + * update-exim4.conf: print a warning if dc_minimaldns and hostname + --fqdn does not print a fully qualified name. Thanks to Lothar + Ketterer. Closes: #476249 [ Robert Millan ] * Process acl_local_deny_exceptions ACL before rejecting a message in SPF Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don''t trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190