we're also seeing unusual DNS errors like this since latest upgrade .. 

seems intermittent, ticket logged and currently awaiting response

I checked my logs and found this error (many) but only in the last 24 hours and then after restarting sm it disappeared.

So I think that as far as I'm concerned it's not an error that recurs.

But I have to say that I find SM's behavior wrong

How can a DNS exception become a domain not found?

The correct behavior should have been to put the message in waiting to delivery and therefore for there to be a subsequent attempt.

Then if in some installations the DNS error may be repetitive it is right to investigate, but in the event of a timed out error or is a transient error you cannot consider the domain non-existent and bounce

[2024.01.14] 19:31:37.682 [22213643] Error in getting recipient A records. Message: LookupA.Exception: Query 5194 => gmail.com IN A on 208.67.222.220:53 timed out or is a transient error.

[2024.01.14] 19:31:37.682 [22213643] MXRecord count: '0' for domain 'gmail.com'

[2024.01.14] 19:31:37.682 [22213643] Delivery for info@xcxcxc.com to xcxcxcx@gmail.com has bounced. Reason: Failed to connect to the recipient's mail server.  No DNS information was found for the 'gmail.com' domain.

we were getting lots of those DNS errors too, i changed the Smartermail DNS to use the server NIC (by setting it blank) as suggested by Tony recently and its reduced these "timeout/transient DNS errors" from 1700+ an hour to just 4 in the last 5 hours! There are also no more messages with 602 errors in the Waiting to deliver queue with DNS errors about legit servers (eg. Gmail same as your getting) that i've seen.

Does that indicate a network issue with access to public DNS from our host machine perhaps?

Will continue to monitor, as these errors were not present prior to the upgrade last week.

yes, but I'm not disputing the reasons why the DNS error can be generated. There may be an error.

What shouldn't happen, however, is that in the event of a DNS error, SM considers the domain non-existent and bounces it.

You have to put the message in waiting to delivery and try again and not bounce

This way there is only a delay and not a failed delivery.

How can I justify an error like this to one of my clients?

You know my server didn't deliver your email because at that moment it thought that gmail.com didn't exist.

You understand that this is an argument that doesn't hold up.

It is legitimate that a DNS error may occur. But if a request to a DNS times out, the request must be redone, the domain should not be considered non-existent.

Totally agree Sabatino! Also when receiving the mail, we see that they are rejected because of no Reverse PTR or SPF in the lookup.

They have both so its an error and turning on DNS Caching doesnt resolve it.

Hey Sabatino, 

Thanks for reaching out to the community. The Sep 21st version has some known DNS issues. We resolved this in the latest build by upgrading the DNS Client Library that we use.

@Sabatino
"Then if in some installations the DNS error may be repetitive it is right to investigate, but in the event of a timed out error or is a transient error you cannot consider the domain non-existent and bounce"

Use the "DNS errors before bounce" in System General settings to configure this behavior.

Anyone care to explain how this can be 4 attemps and the second highlighted text???

                

How I understand it is that after 4 failed DNS resolving attempts it will give up and bounce.

With the four first retries being after 1 + 5 + 5 + 15 minutes, after 26 minutes it will give up.

If you want to disable bounces due to DNS entries, according to the example, it would need to be set to 16 attempts.

But maybe setting DNS Errors before bounce to 10000000 attempts would also disable it as it will never reach that much attempts... Well that's how I understand it, maybe wrongly.