DNS: Domino attempts to use an A record sending mail to certain domains
Using certain DNS servers, Domino will attempt to use an A record when sending mail to certain internet domains.
Under certain circumstances, after the problem described above is encountered, Domino will cache the A record. The cached A record will then be used for subsequent attempts to route mail to the same domain rather than a new DNS query being made. This can result in delivery failures after a 24 hour period.
Resolving the problem
These two issues have been reported to Quality Engineering as SPR# BSTS838NYV and SPR# JFBM7C6GA4.
1. SPR# BSTS838NYV: With two DNS servers configured and the primary unavailable, there are five requests for an MX record made to the primary DNS server. Then there is a new request made against the secondary DNS server, but for an A record rather than an MX record. See Technote #1423917 for additional information. This SPR is fixed in Notes and Domino 8.5.1 FP4 and 8.5.2.
2. SPR# JFBM7C6GA4: When an A record is used, Domino will sometimes cache the A record for 34 years. This can be seen by enabling debugrouter=3 on your server. Once enabled, you will be able see a timeout value on the console 34 years in the future. Development has discovered that Domino can incorrectly set a TTL (TimeToLive) of 34 years when DNS returns an NXDOMAIN (non-existent domain) record. This SPR is fixed in Notes and Domino 7.0.4 FP1 and 8.0.2 FP2.
Refer to the Upgrade Central site for details on upgrading Notes/Domino.
If you have not yet upgraded, as a workaround, use a Program document to issue the parameter "tell router update config" periodically. This will flush the DNS cache and result in another DNS query for the domain.