Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error connecting to DNS Server after network migration during sleep #90

Closed
laertes-github opened this issue Jun 29, 2017 · 2 comments
Closed
Milestone

Comments

@laertes-github
Copy link

I've got Thunderbird 52.2.1 on OSX, and I've seen something odd, but apparently consistent, with the way the DKIM Verifier contacts DNS after a laptop sleep.

The problem seems to arise when I have TB open on one network, then sleep the laptop, and then wake up on a different network such that resolv.conf is reset by DHCP, all the while having TB still running.

Whilst other TB functions work Ok - I can still reconnect to the IMAP servers post wakeup - the DKIM Verifier seems to end up in a condition where it claims that that no DNS Servers are alive.

A restart of Thunderbird fixes everything of course.

I've sniffed the network traffic as the Verifier attempts to perform its DMARC lookups, and as far as I can see it doesn't make any attempt to contact any DNS Server - not even the one that was previously set in resolv.conf.

The TB Error Console with debugging enabled shows items similar to below for each DKIM Verification attempt:

2017-06-28 10:06:14 DKIM_Verifier.JSDNS DEBUG no DNS Server alive
2017-06-28 10:06:14 DKIM_Verifier.DNSWrapper DEBUG result: ({data:null, rcode:2, secure:false, bogus:false})
2017-06-28 10:06:14 DKIM_Verifier.DMARC ERROR DKIM_DNSERROR_SERVER_ERROR: DKIM verifier internal error: Error connecting to the DNS server (resource://dkim_verifier/helper.jsm:10:32) JS Stack trace: getDMARCRecord/promise<@dkimDMARC.jsm:282:10
Log.jsm:753
2017-06-28 10:06:14 DKIM_Verifier.Policy DEBUG shouldBeSigned: false; sdid: ; hideFail: false; foundRule: false
2017-06-28 10:06:14 DKIM_Verifier.AuthVerifier DEBUG authResult: ({version:"2.1", dkim:[{version:"2.0", result:"none", res_num:40, result_str:"No Signature"}]})

@lieser
Copy link
Owner

lieser commented Jun 29, 2017

Currently this is expected behavior (see below for details). Changing the DNS settings instead of restarting Thunderbird completely should also help.

I will leave this open as a feature request, as the current behavior could certainly be improved.

Note that the behavior described below only applies to the default JSDNS resolver. You could try if libunbound works better for you. Unfortunately I don't know of any easy way of installing it for OSX (you would probably have to compile it yourself).

Updating DNS servers from OS

Currently the add-on is only getting the DNS servers from the OS at the following times:

  • at the first query
  • if the setting for getting the DNS servers from OS changes from disabled to enabled
  • the list of specified DNS servers is modified

resetting the no DNS Servers are alive status

There exist an advances setting to automatically reset the status of all DNS servers. See https://github.com/lieser/dkim_verifier/wiki/DNS#extensionsdkim_verifierdnsjsdnsautoresetserveralive-boolean for more information.
Changing the used DNS servers should also reset the status.

@lieser
Copy link
Owner

lieser commented Jun 5, 2023

Not only has the default for re-setting the alive status changed (#269), it will now also re-read the DNS servers from the OS in case they have changed because of e.g. a network change.

This hopefully means the network migration during sleep use case is handled a lot better. With this I will closing this issue, as I don't see an obvious way to further improve this for the JSDNS resolver.

@lieser lieser closed this as completed Jun 5, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants