Error connecting to DNS Server after network migration during sleep

[laertes-github]

I've got Thunderbird 52.2.1 on OSX, and I've seen something odd, but apparently consistent, with the way the DKIM Verifier contacts DNS after a laptop sleep.

The problem seems to arise when I have TB open on one network, then sleep the laptop, and then wake up on a different network such that resolv.conf is reset by DHCP, all the while having TB still running.

Whilst other TB functions work Ok - I can still reconnect to the IMAP servers post wakeup - the DKIM Verifier seems to end up in a condition where it claims that that no DNS Servers are alive.

A restart of Thunderbird fixes everything of course.

I've sniffed the network traffic as the Verifier attempts to perform its DMARC lookups, and as far as I can see it doesn't make any attempt to contact any DNS Server - not even the one that was previously set in resolv.conf.

The TB Error Console with debugging enabled shows items similar to below for each DKIM Verification attempt:

2017-06-28 10:06:14 DKIM_Verifier.JSDNS DEBUG no DNS Server alive 2017-06-28 10:06:14 DKIM_Verifier.DNSWrapper DEBUG result: ({data:null, rcode:2, secure:false, bogus:false}) 2017-06-28 10:06:14 DKIM_Verifier.DMARC ERROR DKIM_DNSERROR_SERVER_ERROR: DKIM verifier internal error: Error connecting to the DNS server (resource://dkim_verifier/helper.jsm:10:32) JS Stack trace: getDMARCRecord/promise<@dkimDMARC.jsm:282:10 Log.jsm:753 2017-06-28 10:06:14 DKIM_Verifier.Policy DEBUG shouldBeSigned: false; sdid: ; hideFail: false; foundRule: false 2017-06-28 10:06:14 DKIM_Verifier.AuthVerifier DEBUG authResult: ({version:"2.1", dkim:[{version:"2.0", result:"none", res_num:40, result_str:"No Signature"}]})

[lieser]

Currently this is expected behavior (see below for details). Changing the DNS settings instead of restarting Thunderbird completely should also help.

I will leave this open as a feature request, as the current behavior could certainly be improved.

Note that the behavior described below only applies to the default JSDNS resolver. You could try if libunbound works better for you. Unfortunately I don't know of any easy way of installing it for OSX (you would probably have to compile it yourself).

Updating DNS servers from OS

Currently the add-on is only getting the DNS servers from the OS at the following times:

• at the first query
• if the setting for getting the DNS servers from OS changes from disabled to enabled
• the list of specified DNS servers is modified

resetting the no DNS Servers are alive status

There exist an advances setting to automatically reset the status of all DNS servers. See https://github.com/lieser/dkim_verifier/wiki/DNS#extensionsdkim_verifierdnsjsdnsautoresetserveralive-boolean for more information.
Changing the used DNS servers should also reset the status.

[lieser]

Not only has the default for re-setting the alive status changed (#269), it will now also re-read the DNS servers from the OS in case they have changed because of e.g. a network change.

This hopefully means the network migration during sleep use case is handled a lot better. With this I will closing this issue, as I don't see an obvious way to further improve this for the JSDNS resolver.