[sf-lug] Mail problems (or Firefox, or systemd,...)

Ken Shaffer kenshaffer80 at gmail.com
Tue Dec 18 17:29:42 PST 2018


On Tue, Dec 18, 2018 at 12:43 AM Michael Paoli <
Michael.Paoli at cal.berkeley.edu> wrote:

> > From: "Ken Shaffer" <kenshaffer80 at gmail.com>
> > Subject: [sf-lug] Mail problems (or Firefox, or systemd,...)
> > Date: Fri, 14 Dec 2018 17:24:39 -0800
>
> > Anyone else having email problems?  Last month, systemd on my Ubuntu
> 18.04
>
> Email problem(s)?  I'm sure some other person(s) on the planet are having
> email problem(s).  Uhm, what kind of email problems?  That's not very
> specific.
>
> > stopped resolving mail.comcast.net.  No known changes on my part, not
> even
>
> That sounds like a DNS problem, not an email problem.  What led you to
> concluded it stopped resolving mail.comcast.net?  Did you use
> delv(1), or dig(1), or nslookup(1), or ... what, what command exactly
> did you run to conclude that, and exactly what output, including any
> standard error output, did you get?  I find no difficulty resolving it,
> e.g.:
>
The big orange banner in evolution saying "Cannot resolve mail.comcast.net"
nslookup saying (with both the explicit or default 127.0.0.53 nameserver)
** server can't find muil.comcast.net: NXDOMAIN
(Now nslookup is working making me doubt my memory but
ping still fails with:
$ ping mail.comcast.net
ping: mail.comcast.net: Name or service not known

Substitute pop3.mail.comcast and you get the same errors.



> $ delv mail.comcast.net. CNAME +nottl
> ; fully validated
> mail.comcast.net.       IN      CNAME   imap.ge.xfinity.com.
> mail.comcast.net.       IN      RRSIG   CNAME 5 3 300 20181218174145
> 20181211143645 26550 comcast.net.
> O4XeIAvfzWYjhBJFcTlIrF/mU6oTYOssV2TmHOYEnCOUmzIY/ziUbf0J
> rkwpuykdCybKx60AT2OugriGW+O3vpg8M+HQ81eW8prTcsPic5KCi4tv
> UGzbpUQz9glGQh9N1nJ/3DarONjo6VzSxG2nj3Jqzm2GsZp5Pt+8yYJp K/g=
> $ delv imap.ge.xfinity.com. MX +nottl
> ;; resolution failed: ncache nxrrset
> ; negative response, unsigned answer
> ; imap.ge.xfinity.com.  IN      \-MX    ;-$NXRRSET
> ; ge.xfinity.com. SOA gtd03-d.northlake.il.ndcchgo.comcast.net.
> hostmaster.gslb03-d.northlake.il.ndcchgo.comcast.net. 8225 10800 3600
> 604800 60
> $ delv imap.ge.xfinity.com. A +nottl
> ; unsigned answer
> imap.ge.xfinity.com.    IN      A       96.116.224.161
> imap.ge.xfinity.com.    IN      A       96.116.224.173
> imap.ge.xfinity.com.    IN      A       96.116.224.178
> imap.ge.xfinity.com.    IN      A       96.116.224.179
> imap.ge.xfinity.com.    IN      A       96.118.18.230
> imap.ge.xfinity.com.    IN      A       96.118.18.240
> imap.ge.xfinity.com.    IN      A       96.118.18.249
> imap.ge.xfinity.com.    IN      A       96.118.18.255
> imap.ge.xfinity.com.    IN      A       96.118.19.2
> imap.ge.xfinity.com.    IN      A       96.118.19.3
> imap.ge.xfinity.com.    IN      A       96.118.19.5
> imap.ge.xfinity.com.    IN      A       96.118.19.7
> imap.ge.xfinity.com.    IN      A       96.118.19.8
> imap.ge.xfinity.com.    IN      A       96.118.19.10
> imap.ge.xfinity.com.    IN      A       96.118.19.13
> imap.ge.xfinity.com.    IN      A       96.118.19.14
> $ delv imap.ge.xfinity.com. AAAA +nottl
> ; unsigned answer
> imap.ge.xfinity.com.    IN      AAAA
> 2001:558:fc18:2:f816:3eff:fe02:e030
> imap.ge.xfinity.com.    IN      AAAA
> 2001:558:fc18:2:f816:3eff:fe24:267a
> imap.ge.xfinity.com.    IN      AAAA    2001:558:fc18:2:f816:3eff:fe2c:404
> imap.ge.xfinity.com.    IN      AAAA
> 2001:558:fc18:2:f816:3eff:fe30:bdb7
> imap.ge.xfinity.com.    IN      AAAA
> 2001:558:fc18:2:f816:3eff:fe4d:14e8
> imap.ge.xfinity.com.    IN      AAAA
> 2001:558:fc18:2:f816:3eff:fe5f:cb4a
> imap.ge.xfinity.com.    IN      AAAA
> 2001:558:fc18:2:f816:3eff:fe86:181a
> imap.ge.xfinity.com.    IN      AAAA
> 2001:558:fc18:2:f816:3eff:fe8e:f723
> imap.ge.xfinity.com.    IN      AAAA
> 2001:558:fc18:2:f816:3eff:fe9d:38f3
> imap.ge.xfinity.com.    IN      AAAA
> 2001:558:fc18:2:f816:3eff:fea1:611f
> imap.ge.xfinity.com.    IN      AAAA
> 2001:558:fc18:2:f816:3eff:febb:780e
> imap.ge.xfinity.com.    IN      AAAA
> 2001:558:fc18:2:f816:3eff:fec7:c9b7
> imap.ge.xfinity.com.    IN      AAAA
> 2001:558:fc18:2:f816:3eff:fed0:efaa
> imap.ge.xfinity.com.    IN      AAAA
> 2001:558:fc18:2:f816:3eff:fefa:a7da
> imap.ge.xfinity.com.    IN      AAAA
> 2001:558:fee2:1000:f816:3eff:fe11:9a89
> imap.ge.xfinity.com.    IN      AAAA
> 2001:558:fee2:1000:f816:3eff:fea1:c548
> $
>
> > an update, it just stopped working, but none of the other sites I visit
> had
> > a problem.  Seems some longstanding issues with DNS on systemd, oh well,
>
> With only and exactly the one domain?  That sounds quite odd.
>
Odd indeed. See launchpad bug 1804487.  Looks like
a combination of an NXDOMAIN error resulting in a reduced function set UDP
trigger, and mail.comcast.net 's big (greater than 512 bytes) causing
a problem. (It's time dependent too, with the UDP fallback getting reset
after a grace period.)



> With systemd?  Really, how exactly did you isolate it to systemd having
> issue with the domain in DNS, and nothing else having such DNS issues?
>
> > not wanting to get too dirty under the hood (on an otherwise untouched
> > system), I just took the suggestion to redirect /etc/resolv.conf to the
>
> Suggestion?  What official documentation suggests that?
> If not official documentation, what authoritative source "suggests" such?
>
> > /run/systemd/resolve/resolv.conf file instead of the
> .../stub-resolv.conf.
> > (pointing the nameserver to my router instead of 127.0.0.53). That  fixed
>
> And why would you point your nameserver to your router?  A router doesn't
> typically do DNS, ... unless maybe you're talking some "home router"
> that does somethin' like router/NAT/SNAT/DHCP server/web browser/
> {cable|DSL} "modem"/...
>
Well, yeah , I am a home user, so my linksys router is my gateway
192.168.1.1,
and my default network setup simply sets my nameserver to 192.168.1.1.
For a real yuck, look at the output of systemd-resolve --status
That the nameserver systemd-resolvd is using too!


> Hey, you can run a nameserver on whatever IP address(es) one has access to,
> but 127.0.0.53?  Sounds like someone's playin' cutesie to do that.
>
Port 53 address 127.0.0.53, definitely cutesie ;^O

>
> > things, until my gmail through Firefox stopped working (on my 18.04, FF
>
> gmail through Firefox?  Wait a minute, that's a browser.  Unless you've
> got Firefox (or some other Mozilla bits) doing SMTP, POP, or IMAP or the
> like, you're not talkin' email problem, you're talkin' somebody's web
> thingy not doing quite what you want/expect, and your client isn't even
> doing email, just a browser talkin' data to/from some webserver ... maybe
> that's to some back-end email stuff, but sounds like that's not on your
> host, and if there's email issue, that's elsewhere.  Is Google gmail web
> server runnin' Ubuntu 18.04?  I kind'a doubt it.
>
Right, web based mail.  After my evolution mail failed, I checked
it, and got the most unhelpful, "That didn't work, try again"
Instead of something like "We need you to allow us to run scripts on your
machine for this function."
Bit by the Poission distribution. Two random errors at once, confusing me a
bit.
The Google problem was pretty quickly determined to be having google.com
untrusted
in noscript.  How value got reset I have no idea.  The more disturbing to
me is that
allowing trackers to run got around that noscript untrust (once). Probably
a bug to file.
Anyway, the trackers a disallowed again, google.com is trusted, and all's
OK.

>
> What's an FF phone?  Is that as in 0xFF?  Or Firefox (but it's not
> FireFox),
> or is that some Fortran compiler?  Firefox on a phone?  Naw, phones don't
> run Firefox.

Oh, you must be an iphone user ;^O


> Maybe you mean some small portable computing device that
> can also make and/or receive phone calls?

Almost right, a small, portable computing device that can make VOIP calls,
and gets texts and
call transcripts from my google phone number.  It  used to be a phone, but
now has
no phone number, and was left locked to a previous phone vendor.



> Or is your "phone" running
> some Firefox or Mozilla based operating system? ... But I thought you
> said Ubuntu?  But works on your FF phone?  Still don't know what you
> mean by FF phone ... for all I know that could be Freaky Friday phone, ...
> what day of the week did you have the problem?
>
> > phone and FF 16.04, & Chrome were still OK).  Most unhelpful error
> message,
>
> Chrome OK, but Firefox not?  That doesn't sound like an email or systemd
> problem.  And do you really mean Chrome, or do you mean Chromium?  Which
> is it that you're actually using?  On Linux?  This is a Linux user group
> list, so would tend to presume Linux ... which would tend to imply
> Chromium ... unless perhaps you're doing it on Chrome OS or Android - which
> are flavors of / based upon Linux ... but you stated Ubuntu, which
> neither Chrome OS nor Android are.
>
Chrome browser, not Chromium.  Used to only watch Netflix since they were
the first to make it easy.  I guess Firefox now
works too, but I'd have to dig up a video speed control, like I have on
Chrome, and haven't bothered.

>
> > "Sorry that didn't work try again".  Cleaned caches, history, etc.  No
> > fix.  Finally found a suggestion to turn off the blocking of trackers
> (was
> > only using the default baasic stuff anyway) -- That did it, Google
> insists
>
> Sounds like a browser client issue.  Turn off blocking of trackers ... that
> could be hazardous.  Found "a suggestion"?  Oh, again, what official
> documentation, or, notwitstanding that, how 'bout authoritative source?
>
> > now that my Firefox not block any trackers.  I'll look around to see if
> > there's any granularity on this, but I just saw a few checkboxes.  Sigh.
> > Ken
>
> Sounds more like you're dealing with a web site that does things in an
> improper and/or insecure way, and to "fix" your issue, you decided to go
> along with doing things in an insecure way.  :-/
>
As previously mentioned, that only lasted until I checked mail
and suspended the machine.  Since it didn't work after that, blocking
got turned back on.

>
> Yeah, I know, much 'o this has been more-or-less mentioned and commented
> upon downthread, ... but I thought I'd reemphasize some points (and in
> perhaps a slightly different manner).
>
> You might want to also have a good look at:
> http://www.catb.org/esr/faqs/smart-questions.html
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://linuxmafia.com/pipermail/sf-lug/attachments/20181218/cd6a1af6/attachment-0001.html>


More information about the sf-lug mailing list