Print Page | Close Window

DNS question

Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
URL: https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=5550
Printed Date: 12 December 2025 at 9:32pm


Topic: DNS question
Posted By: Marco
Subject: DNS question
Date Posted: 16 March 2006 at 8:09am

This isnt really related to SPF, i apoliogise for that.

Since this is a forum with mega expertise in the area of mail servers and their setup, i post my question here.

One of our customers is giving me a lot of grief since none of our users seem to be able to send them emails.

Our mail system cannot connect to their exchanger for some reason (host unavailable error), but when i do an mx-record lookup it seems all allright to me, except maybe their entry for their 2nd nameserver. (i've never seen such entry before, but i'm no expert)

mx quesry on their domain:

 

Header:

ID=24159, QR=Response, Opcode=QUERY, RCODE=NO ERROR

Authoritative Answer=No, Truncation=No

Recursion Desired=Yes, Recursion Available=Yes

QDCOUNT=1, ANCOUNT=2, NSCOUNT=3, ARCOUNT=4

Question:

Name=*their domain name*, QTYPE=MX, QCLASS=1

Answer Section:

- Name=*their domain name*

Type=MX, Class=1, TTL=15674 (4 Hours 21 Minutes 14 Seconds), RDLENGTH=20

Preference=10, Mail Exchange=mxa.mail.*their ISP domain*

- Name=*their domain name*

Type=MX, Class=1, TTL=15674 (4 Hours 21 Minutes 14 Seconds), RDLENGTH=8

Preference=10, Mail Exchange=mxb.mail.*their ISP domain*

Authority Records Section:

- Name=*their domain name*

Type=NS, Class=1, TTL=15674 (4 Hours 21 Minutes 14 Seconds), RDLENGTH=16

Name Server=ns2.*their ISP domain*.net

- Name=*their domain name*

Type=NS, Class=1, TTL=15674 (4 Hours 21 Minutes 14 Seconds), RDLENGTH=6

Name Server=ns3.*their ISP domain*

- Name=*their domain name*

Type=NS, Class=1, TTL=15674 (4 Hours 21 Minutes 14 Seconds), RDLENGTH=6

Name Server=ns1.*their ISP domain*

Additional Records Section:

- Name=mxa.mail.*their ISP domain*

Type=A, Class=1, TTL=33 (33 Seconds), RDLENGTH=4

IP Address=xxx.xxx.xxx.xxx

- Name=mxb.mail.*their ISP domain*

Type=A, Class=1, TTL=18 (18 Seconds), RDLENGTH=4

IP Address=xxx.xxx.xxx.xxx

- Name=ns2.*their ISP domain*

Type=A, Class=1, TTL=2607 (43 Minutes 27 Seconds), RDLENGTH=4

IP Address=xxx.xxx.xxx.xxx

- Name=ns2.*their ISP domain*

Type=AAAA, Class=1, TTL=1861 (31 Minutes 1 Second), RDLENGTH=16

IPv6 Address=2001:898:2000:12:0:0:0:2

---

They say we are not listed in some blacklist or beeing blocked by their firewall, so i'm at a loss, our exchanger can connect fine to any adress on the net. Even though i believe this is not our problem, im still inclined to look for some solution.

Can anyone find something wrong?

 



-------------
Anyone who is capable of getting himself made president, should on no account be allowed to do the job. D.Adams


Replies:
Posted By: Marcus
Date Posted: 16 March 2006 at 10:00am

How are you running the MX query. If its not from your dns servers your probably going around the problem.

Try this:

nslookup -q=mx "their domain name"

from a machine using your dns server.  You should get a response like

Server:  your_dns_servername
Address:  your_dns_server_ip

Non-authoritative answer:
*their domain name*  MX preference = 10, mail exchanger = zzz.*their domain name*

zzz.*their domain name* internet address = aaa.bbb.ccc.ddd

If the nslookup fails try clearing your dns cache. I've seen instances where the cached lookup would be corrupted and clearing the cache would clear up a lookup problem.

Marcus

Posted By: Marco
Date Posted: 16 March 2006 at 10:52am

Im using the tool 'cyberkit' and can enter any DNS server's IP to see how that DNS server 'sees' things.

I tried 3 different DNS servers, all give the same result, so i don't think that that is the problem.

Apart from that i am not running DNS for our domain, im using the DNS server of our ISP for the lookups (like the mailserver)

 



-------------
Anyone who is capable of getting himself made president, should on no account be allowed to do the job. D.Adams

Posted By: LogSat
Date Posted: 16 March 2006 at 10:59am
Stupid question. From an MSDOS prompt on your mail server, have you tried:

telnet mxa.mail.*their ISP domain* 25

and telnet mxb.mail.*their ISP domain* 25

to see if you are getting a connection and a welcome banner from them?


-------------
Roberto Franceschetti

http://www.logsat.com" rel="nofollow - LogSat Software

http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP

Posted By: Marco
Date Posted: 16 March 2006 at 11:10am

Not a stupid question :), i tried (from the mailserver) and get this response:

220-mx1.mail.*ispdomain* ESMTP Exim 4.60 Thu, 16 Mar 2006 17:06:32 +0100
220- Sending spam or unsolicited commercial e-mail to this server is strictly
220- prohibited by our NO UBE / NO UCE policy. Abuse will be prosecuted and/or
220  charged per attempted recipient at international postal rates.

 

So it seems our mailserver DOES see this host, it's getting weirder and weirder
                                                     



-------------
Anyone who is capable of getting himself made president, should on no account be allowed to do the job. D.Adams

Posted By: LogSat
Date Posted: 16 March 2006 at 11:59am
Well, at this point then try actually sending an email using telnet so you can see the whole conversation:

telnet mxa.mail.*their ISP domain* 25

  220 mail2.netwide.net Welcome to SpamFilterISP SMTP Server v2.7.1.537
  HELO mail.mydomain.com
  250 HELO mail.mydomain.com
  MAIL FROM:<logsat@netwide.net>
  250  Address Okay
  RCPT TO:<test@logsat.com>
  250 test@logsat.com Address Okay
  DATA
  354 Start mail input; end with <CRLF>.<CRLF>
  From: logsat@netwide.net
  To: test@logsat.com
  Subject: test
 
  test email
  .
  250 OK

 

In the telnet session above, what you type is red, the server's answer is blue. Don't forget about the standalone final "dot" on the last line. If you see anything other than a 250 numeric code at the end, there will be a problem delivering the email, and the server should tell you what the reason is.


-------------
Roberto Franceschetti

http://www.logsat.com" rel="nofollow - LogSat Software

http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP

Posted By: Marco
Date Posted: 17 March 2006 at 3:36am

hmm, i sent them a testmail using telnet and everything went as you said Roberto, gonna give the old-fashioned telephone a try now :)

Thanks a lot for the help, i now know for sure its not our problem.



-------------
Anyone who is capable of getting himself made president, should on no account be allowed to do the job. D.Adams


Print Page | Close Window