All, Sending this out (to multiple lists -- apologies for the potential duplicates) in the hopes to proactively resolve any mail flow issues to / from Proofpoint customers. Earlier this evening, we had some DNS issues with our domain (proofpoint.com). We've resolved the main problem, however, due to old cached DNS information, the fall out now is that *many* (i.e. hundreds at this point) customers are are seeing major email delays. For any DNS operators, it would be much appreciated if you could flush your DNS servers for proofpoint.com. Among other providers, we are still seeing delays with mail flow to ATT Wireless and Verizon Wireless. Thanks in advance for your assistance on this. Jaren Angerbauer Deliverability & ISP Relations Manager Proofpoint
Wouldn't it make sense if we created a specific mail alias for requesting DNS flushes? This seems to happen statistically often enough it might be a valuable service to bundle under the NANOG umbrella. Todd On 4/16/2014 2:27 AM, Jaren Angerbauer wrote:
All,
Sending this out (to multiple lists -- apologies for the potential duplicates) in the hopes to proactively resolve any mail flow issues to / from Proofpoint customers.
Earlier this evening, we had some DNS issues with our domain (proofpoint.com). We've resolved the main problem, however, due to old cached DNS information, the fall out now is that *many* (i.e. hundreds at this point) customers are are seeing major email delays.
For any DNS operators, it would be much appreciated if you could flush your DNS servers for proofpoint.com.
Among other providers, we are still seeing delays with mail flow to ATT Wireless and Verizon Wireless.
Thanks in advance for your assistance on this.
Jaren Angerbauer Deliverability & ISP Relations Manager Proofpoint
-- ------------- Personal Email - Disclaimers Apply
On Wed, Apr 16, 2014 at 10:45 AM, TGLASSEY <tglassey@earthlink.net> wrote:
Wouldn't it make sense if we created a specific mail alias for requesting DNS flushes? This seems to happen statistically often enough it might be a valuable service to bundle under the NANOG umbrella.
What would make sense is some sort of attribute on the DNS record which instructed servers not to cache it for so long that mistakes have a lasting impact. PEBKAC, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
On Wed, Apr 16, 2014 at 10:49:24AM -0400, William Herrin wrote:
On Wed, Apr 16, 2014 at 10:45 AM, TGLASSEY <tglassey@earthlink.net> wrote:
Wouldn't it make sense if we created a specific mail alias for requesting DNS flushes? This seems to happen statistically often enough it might be a valuable service to bundle under the NANOG umbrella.
What would make sense is some sort of attribute on the DNS record which instructed servers not to cache it for so long that mistakes have a lasting impact.
PEBKAC, Bill Herrin
-- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
per RFC 1035: example.com. IN SOA ns.example.com. hostmaster.example.com. ( 2003080800 ; sn = serial number 172800 ; ref = refresh = 2d 900 ; ret = update retry = 15m 1209600 ; ex = expiry = 2w 3600 ; nx = nxdomain ttl = 1h )
On Wed, Apr 16, 2014 at 11:04 AM, <bmanning@vacation.karoshi.com> wrote:
On Wed, Apr 16, 2014 at 10:49:24AM -0400, William Herrin wrote:
On Wed, Apr 16, 2014 at 10:45 AM, TGLASSEY <tglassey@earthlink.net> wrote:
Wouldn't it make sense if we created a specific mail alias for requesting DNS flushes? This seems to happen statistically often enough it might be a valuable service to bundle under the NANOG umbrella.
What would make sense is some sort of attribute on the DNS record which instructed servers not to cache it for so long that mistakes have a lasting impact.
per RFC 1035:
You're kidding me! You mean they already make that? ;) -Bill -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
On Wed, Apr 16, 2014 at 9:49 AM, William Herrin <bill@herrin.us> wrote:
What would make sense is some sort of attribute on the DNS record which instructed servers not to cache it for so long that mistakes have a lasting impact.
Or a pub/sub method of sending an immediate invalidation request, similar to immediate CDN invalidations. Caching is nice, but mistakes happen.
In message <CADE4tYUzZdKDCnDyz7k9Pwbn7oH5_zzs6zqEnteAtifnB=f68A@mail.gmail.com>, B randon Galbraith writes:
On Wed, Apr 16, 2014 at 9:49 AM, William Herrin <bill@herrin.us> wrote:
What would make sense is some sort of attribute on the DNS record which instructed servers not to cache it for so long that mistakes have a lasting impact.
Or a pub/sub method of sending an immediate invalidation request, similar to immediate CDN invalidations.
Caching is nice, but mistakes happen.
Which is why you should choose appropriate ttls. Also for CDN you are talking to 1 company which has administative control over the caches. For DNS you have highly distributed caches which are talking to millions of servers. There are nowhere near comparible in terms of management. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
participants (6)
-
bmanning@vacation.karoshi.com
-
Brandon Galbraith
-
Jaren Angerbauer
-
Mark Andrews
-
TGLASSEY
-
William Herrin