On Thu, Jul 26, 2012 at 02:38:31AM -0500, Jimmy Hess wrote:
On 7/26/12, Lou Katz <lou@metron.com> wrote:
One of my users has reported incoming mail failures, which I finally tracked down. It turned out that Hotmail has seen fit to send the mail to his domain's A record machine, despite the fact that he has valid MX records.
You looked in the mail headers and saw hotmail's mail server do that, or the From address/return path just happens to be hotmail? I would ask for a specific example of a domain name in which that seems to happen, and exact DNS zone contents.
I am sure that Hotmail does not ignore MX in general, unless they just broke something; many domains require MX processing and A record to properly be ignored for mail to be accepted. But there may be something else going on with a specific domain or DNS queries/responses from its nameservers, that results in MX being ignored or unavailable, resulting in a fallback to 'lookup A'.
An example could be some dns issue such as slow response to MX query, 'MX to a CNAME', 'MX to an invalid label that looks like an IP', MX DNS response packet too large, ....
-- -JH
Unfortunately, all I get from my user is a snippet, and it took me a while to realize that I had to look at the mail logs of my web server, not my mail server, to find the transaction. The domain is cookephoto.com - and here is my zone file: plaid# dig cookephoto.com any ; <<>> DiG 9.3.3 <<>> cookephoto.com any ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55698 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 8 ;; QUESTION SECTION: ;cookephoto.com. IN ANY ;; ANSWER SECTION: cookephoto.com. 172800 IN SOA ns.metron.com. hostmeister.metron.com. 2012011900 21600 3600 345600 345600 cookephoto.com. 172800 IN NS ns2.metron.com. cookephoto.com. 172800 IN NS ns1.metron.com. cookephoto.com. 172800 IN NS ns3.metron.com. cookephoto.com. 172800 IN MX 12 mail2.metron.com. cookephoto.com. 172800 IN MX 15 mail.katz.com. cookephoto.com. 172800 IN MX 10 mail.metron.com. cookephoto.com. 172800 IN A 192.160.193.89 ;; ADDITIONAL SECTION: ns1.metron.com. 3600 IN A 192.160.193.34 ns2.metron.com. 3600 IN A 209.204.189.89 ns2.metron.com. 3600 IN AAAA 2001:470:838d::89 ns3.metron.com. 3600 IN A 192.160.193.55 ns3.metron.com. 3600 IN AAAA 2001:470:838d::55 mail.metron.com. 3600 IN A 192.160.193.14 mail2.metron.com. 3600 IN A 209.204.189.91 mail.katz.com. 28800 IN A 192.160.193.14 and here is the maillog for the transaction, slightly redacted: Jul 25 13:13:07 plaid sm-mta[5121]: NOQUEUE: connect from blu0-omc2-s2.blu0.hotmail.com [65.55.111.77] Jul 25 13:13:07 plaid sm-mta[5121]: q6PKD7bH005121: --- 220 plaid.metron.com ESMTP Sendmail 8.13.8/8.13.8; Wed, 25 Jul 2012 13:13:07 -0700 (PDT) Jul 25 13:13:07 plaid sm-mta[5121]: q6PKD7bH005121: <-- EHLO blu0-omc2-s2.blu0.hotmail.com Jul 25 13:13:07 plaid sm-mta[5121]: q6PKD7bH005121: --- 250-plaid.metron.com Hello blu0-omc2-s2.blu0.hotmail.com [65.55.111.77], pleased to meet you Jul 25 13:13:07 plaid sm-mta[5121]: q6PKD7bH005121: <-- MAIL FROM:<xxxxxxxxxxxx@hotmail.com> Jul 25 13:13:07 plaid sm-mta[5121]: q6PKD7bH005121: --- 250 2.1.0 <xxxxxxxxxxxx@hotmail.com>... Sender ok Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: <-- RCPT TO:<xxxxx@cookephoto.com> Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: --- 550 5.7.1 <xxxxx@cookephoto.com>... Relaying denied Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: ruleset=check_rcpt, arg1=<xxxxx@cookephoto.com>, relay=blu0-omc2-s2.blu0.hotmail.com [65.55.111.77], reject=550 5.7.1 <xxxxx@cookephoto.com>... Relaying denied Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: <-- RSET Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: --- 250 2.0.0 Reset state Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: from=<xxxxxxxxxxxx@hotmail.com>, size=0, class=0, nrcpts=0, proto=ESMTP, daemon=IPv4, relay=blu0-omc2-s2.blu0.hotmail.com [65.55.111.77] Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bI005121: <-- QUIT Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bI005121: --- 221 2.0.0 plaid.metron.com closing connection The 5.7.1 relaying denied is correct, since the webserver does not accept mail for the website domains. At the time of the transaction, nothing special was happening here, and other mail was flowing quite nicely into the mail server. Other Hotmail servers were sending to other recipients here through the regular mailserver OK. Thanks for looking at it. -=[L]=-