viperm
Carpe Diem
Premium
join:2002-07-09
Winchester, CA
| Need some E-mail help
Ever since we switched to our new DS3 we had to change IP's on DNS servers etc and now we are getting mail back from places such as yahoo stating the following. I cant seem to figure it out. Right now we have 2 DNS servers and only one mail server.
DNS1 is a windows machine running windows DNS
DNS2 is a linux box running bind with openwebmail and SMTP
for our clients and these are the ones having the problems.
Sometimes and I cant remember where I saw it but it said something to the affect that our IP could be forged???
It has to be a config issue possibly because we are using the mail server as a DNS as well??
Transcript of session follows -----
... while talking to a.mx.mail.yahoo.com.:
>>> QUIT
--
ComTrain Certified Tower Climber. American Tower Certified approved contractor. Wireless consultants. |
|
Killler Maxxx
@rr.com | Did you move your PTR record to the new IP/ISP ? |
|
Rhaas
join:2005-12-19
Bernie, MO | reply to viperm
What is actually in the log file?
Like Killer Maxxx just suggested make sure that your forward (a) and reverse (ptr) match for your mail server. |
|
PCInformatio
join:2004-01-12
Chandler, AZ | reply to viperm
Is there any more to the error message, such as: "451 Message temporarily deferred". ? |
|
battleop
join:2005-09-28
00000
| reply to viperm
Look at your reverse DNS record for your mail server's IP address. The forward and reverse do not have to match but the reverse should not be generic. I.E. It should not be something like dyn-192-168-0-1.yourdomain.com.
Our mail server's real name is reflected in the forward and reverse, though there are hundreds of forward names that match our mail server's IP.
Also did you have an SPF record? Did you update that when you moved?
"It has to be a config issue possibly because we are using the mail server as a DNS as well??"
No, Our original setup 10+ years ago had 1 server that ran Bind4, Radius, Sendmail, and Apache all on the same 233 running Slackware. Heh that box is still running today as an internal DNS server. It did get upgraded to bind8. |
|
viperm
Carpe Diem
Premium
join:2002-07-09
Winchester, CA
| reply to viperm
Looking at the primary DNS server 208.79.110.3 which is a windows machine in the domain / zone folder where we have host files located I dont see ANY ptr records at all. Could this be the issue..
I have never worked with microsoft DNS before..
about specific erros this is what we are gettign from yahoo
421 4.7.0 [TS01] Messages from 208.79.110.13 temporarily deferred due to user complaints - 4.16.55.1; see »postmaster.yahoo.com/421-ts01.html
... while talking to g.mx.mail.yahoo.com.:
421 4.7.0 [TS01] Messages from 208.79.110.13 temporarily deferred due to user complaints - 4.16.55.1; see »postmaster.yahoo.com/421-ts01.html
... while talking to c.mx.mail.yahoo.com.:
421 4.7.0 [TS01] Messages from 208.79.110.13 temporarily deferred due to user complaints - 4.16.55.1; see »postmaster.yahoo.com/421-ts01.html
... while talking to d.mx.mail.yahoo.com.:
421 4.7.0 [TS01] Messages from 208.79.110.13 temporarily deferred due to user complaints - 4.16.55.1; see »postmaster.yahoo.com/421-ts01.html
... while talking to f.mx.mail.yahoo.com.:
421 Message from (208.79.110.13) temporarily deferred - 4.16.50. Please refer to »help.yahoo.com/help/us/mail/defe···-06.html
... while talking to e.mx.mail.yahoo.com.:
421 4.7.0 [TS01] Messages from 208.79.110.13 temporarily deferred due to user complaints - 4.16.55.1; see »postmaster.yahoo.com/421-ts01.html
... while talking to b.mx.mail.yahoo.com.:
421 4.7.0 [TS01] Messages from 208.79.110.13 temporarily deferred due to user complaints - 4.16.55.1; see »postmaster.yahoo.com/421-ts01.html
... Deferred: 421 4.7.0 [TS01]
Messages from 208.79.110.13 temporarily deferred due to user complaints - 4.16.55.1; see »postmaster.yahoo.com/421-ts01.html
Message could not be delivered for 2 seconds
Message will be deleted from queue
The original message was received at Tue, 5 Aug 2008 09:09:46 -0700
from guard.airenetworks.com [208.79.110.1]
--
ComTrain Certified Tower Climber. American Tower Certified approved contractor. Wireless consultants. |
|
viperm
Carpe Diem
Premium
join:2002-07-09
Winchester, CA
edit:
August 6th, @07:25PM
| reply to viperm
If I do a reverse ip lookup on that one 208.79.110.13 it changes each time I try the lookup and it respondes with all the domains we have hosted on that server.
I went into the windows DNS server and pulled up the dns and deleted host mail.airenetworks.com I then recreated it and this time checked the box that said to create a PTR record and it pointer in there for me now where there was none before..
now it says name 208-79-110-13 pointer mail.airenetworks.com
Should I have a reverse pointer for each doamin we host or just our main website
Now I have other host records pointing to the same IP address is this correct? These are other e-mail domains we are hosting
--
ComTrain Certified Tower Climber. American Tower Certified approved contractor. Wireless consultants. |
|
viperm
Carpe Diem
Premium
join:2002-07-09
Winchester, CA
edit:
August 6th, @08:18PM
| reply to viperm
Here is another issue we are seeing which MAY be related.
We have had 20-30 users saying that they cant get to HTTPs sites or send recieve E_mail form of all places theirr G-mail or Yahoo email accounts using thier websites>?????
Now here is the funny part if they bypass their routers which vary from D-link, Linksys, belkin and some others the problem GOES AWAY?????
I am stumped on that one as well and they are pissed becuase we end up tellign them they need a new router and that seems to cure most all of them that have done it so far...
--
ComTrain Certified Tower Climber. American Tower Certified approved contractor. Wireless consultants. |
|
battleop
join:2005-09-28
00000
edit:
August 6th, @09:03PM
| reply to viperm
"Should I have a reverse pointer for each doamin we host or just our main website"
No, just use mail.airenetworks.com. If you add your hosted domains you are giving your competition a customer list.
"Now I have other host records pointing to the same IP address is this correct? These are other e-mail domains we are hosting"
It's ok to point as many A records as you want to an IP.
If I do a reverse lookup on 208.79.110.13 I get a dozen or so answers. I don't think you are supposed to have more than one answer per IP.
"421 4.7.0 [TS01] Messages from 208.79.110.13 temporarily deferred due to user complaints - 4.16.55.1; see »postmaster.yahoo.com/421-ts01.html
... while talking to g.mx.mail.yahoo.com.:"
This means some jackass is too lazy to delete email coming from your mail server or they don't have the balls to tell their friend to stop sending them stupid jokes. I see this all the time from AOL. It's amazing what people will mark as spam which bounces a message back to us.
edit: more to add. |
|
Killler Maxxx
@rr.com
| reply to viperm
Your PTR (reverse dns) record is created by and hosted by your service provider. It is not something you do in your own DNS server. It is a security mechanism that validates the IP address as being associated with your URL name. If it was something you could do yourself then every spammer in the world would be spoofing their IP/Name associations. That is why it is and must be done through the service provider. Call the tech support of whoever sells you bandwidth and request a PTR pointer for your URL name to point to the IP of your mail server. They will know exactly what you are asking and will do it for you. |
|
Killler Maxxx
@rr.com | reply to viperm
You should also set up a Sender Policy Framework (SPF) record. That is something that you do create yourself and host on your own DNS server. |
|
Inssomniak
join:2005-04-06
Cayuga, ON | reply to viperm
I concur with all that was said here!
Until I has a properly set up PTR and SPF, My mail server was a nightmare.. Its been perfect ever since! |
|
viperm
Carpe Diem
Premium
join:2002-07-09
Winchester, CA
| reply to Killler Maxxx
If we own our own ip space dont we control this? I am able to create pointers..
said by Killler Maxxx :
Your PTR (reverse dns) record is created by and hosted by your service provider. It is not something you do in your own DNS server. It is a security mechanism that validates the IP address as being associated with your URL name. If it was something you could do yourself then every spammer in the world would be spoofing their IP/Name associations. That is why it is and must be done through the service provider. Call the tech support of whoever sells you bandwidth and request a PTR pointer for your URL name to point to the IP of your mail server. They will know exactly what you are asking and will do it for you.
|
|
Killler Maxxx
@rr.com
| said by viperm  :If we own our own ip space dont we control this? I am able to create pointers.. To whom do you address your check for bandwidth expence ? If it is infact UUNET, then I have been technically trumped. Call them for info on proper configuration of yer PTR. |
|
Killler Maxxx
@rr.com
| reply to viperm
I just Googled up a decent looking PTR lookup service. Put your URL in there and see if you get the IP of your e-mail (mx) server. You may be ahead of me on all of this. If it is only Yahoo that you are having problems with on false spam ID, you can register with them to fix the problem.
»www.kloth.net/services/nslookup.php |
|
viperm
Carpe Diem
Premium
join:2002-07-09
Winchester, CA
| reply to viperm
Now our secondary DNS is down BIND will not restart ARGHHHHH
This keeps getting better and better I think I am going to go buy simple DNS like I used ot have on my old network I never had any problems with that software and it ran on a windows machine 
--
ComTrain Certified Tower Climber. American Tower Certified approved contractor. Wireless consultants. |
|
Killler Maxxx
@rr.com
| reply to viperm
said by viperm :If I do a reverse ip lookup on that one 208.79.110.13 it changes each time I try the lookup... How can that be ? A PTR record specifies only the single IP address of the mail server that is associated with the domain name of the mail server it points to. You never did say who your carrier was. There are only 3 or 4 carriers nation wide that sell bandwidth, and I doubt you are one of them. You are just a reseller that has too many DNS servers for your own good and are confusing yourself. Snap out of it.
 |
|
Random 2
@rr.com
| reply to viperm
»www.lookupserver.com/?reverse_dn···t=Lookup
Reverse DNS points to the URL of your DNS server, not "mail.airenetworks.com" as it should.
»www.lookupserver.com/?mx_record=···t=Lookup
You don't appear to have even an MX record defined. Much less likely a PTR record. No wonder Yahoo does not like your e-mail. My own e-mail server would divert messages from your server directly to my spam server. |
|
hattmardy
Premium
join:2007-01-23
Atlanta, GA
| reply to viperm
It looks like the mx records for that domain, as well as PTR records are defined and match:
»www.intodns.com/airenetworks.com
Unless I'm missing something? 
-Matt |
|
bryandj23
join:2002-08-15
Bay City, MI | reply to viperm
From somewhere inside your LAN, what happens if you telnet to g.mx.mail.yahoo.com on port 25? Does it kill the connection instantly? |
|
