jefferybush
asked on
DNS Problems, mail gets through to our Exchange server from Yahoo but not Comcast, Hotmail or most
I have what I suspect is a DNS problem.
This is the situation. We have an Exchange server we host in-house. Some external mail service providers are unable to get to our mail server, the biggest problem is Comcast. I have a test machine on a Comcast network and I cannot ping the mail server by "ping mail.ourdomain.com", it comes back with Host Not Found. However, I CAN to a reverse lookup using "ping -a mail.ourdomain.com" and it returns the correct IP. I suspect that some top level DNS servers are not propagated from the provider that hosts or A and MX records, but that provider states that it's not their problem.
When I perform a nslookup from the Comcast test box and from another Internet Service Provider (Level3) with set q=mx then supply the mail.ourdomain.com, it returns a can't find, then "non-existent domain"
Any ideas on how to figure this out?
This is the situation. We have an Exchange server we host in-house. Some external mail service providers are unable to get to our mail server, the biggest problem is Comcast. I have a test machine on a Comcast network and I cannot ping the mail server by "ping mail.ourdomain.com", it comes back with Host Not Found. However, I CAN to a reverse lookup using "ping -a mail.ourdomain.com" and it returns the correct IP. I suspect that some top level DNS servers are not propagated from the provider that hosts or A and MX records, but that provider states that it's not their problem.
When I perform a nslookup from the Comcast test box and from another Internet Service Provider (Level3) with set q=mx then supply the mail.ourdomain.com, it returns a can't find, then "non-existent domain"
Any ideas on how to figure this out?
ASKER
Thanks, Malmensa. I got this as a return when I tried the MX record lookup but I'm not sure where it's broken. Obviously it can't find our mail server record, but who's issue is it?
Searching for mail.ourdomain.com MX record at d.root-servers.net [128.8.10.90]: Got referral to I.GTLD-SERVERS.NET. (zone: com.) [took 47 ms]
Searching for mail.ourdomain.com MX record at I.GTLD-SERVERS.NET. [192.43.172.30]: Got referral to ns2.webpossibilities.com. (zone: ourdomain.com.) [took 153 ms]
Searching for mail.ourdomain.com MX record at ns2.webpossibilities.com. [205.209.100.98]: Got CNAME of "OUR IP and referral to i.root-servers.net [took 107 ms]
Searching for "OUR IP" MX record at f.root-servers.net [192.5.5.241]: Reports that no MX records exist. [took 49 ms] Response: No MX records exist for "OUR IP", and "OUR IP" does not exist. [Neg TTL=86400 seconds] Details: f.root-servers.net (an authoritative nameserver for (root)) says that there are no MX records for "OUR IP", and that the hostname "OUR IP" does not exist. NOTE: One or more CNAMEs were encountered. mail.ourdomain.com is really "OUR IP".
Searching for mail.ourdomain.com MX record at d.root-servers.net [128.8.10.90]: Got referral to I.GTLD-SERVERS.NET. (zone: com.) [took 47 ms]
Searching for mail.ourdomain.com MX record at I.GTLD-SERVERS.NET. [192.43.172.30]: Got referral to ns2.webpossibilities.com. (zone: ourdomain.com.) [took 153 ms]
Searching for mail.ourdomain.com MX record at ns2.webpossibilities.com. [205.209.100.98]: Got CNAME of "OUR IP and referral to i.root-servers.net [took 107 ms]
Searching for "OUR IP" MX record at f.root-servers.net [192.5.5.241]: Reports that no MX records exist. [took 49 ms] Response: No MX records exist for "OUR IP", and "OUR IP" does not exist. [Neg TTL=86400 seconds] Details: f.root-servers.net (an authoritative nameserver for (root)) says that there are no MX records for "OUR IP", and that the hostname "OUR IP" does not exist. NOTE: One or more CNAMEs were encountered. mail.ourdomain.com is really "OUR IP".
ASKER
And furthermore, DNS Stuff reports the following errors as well:
ERROR: You have one or more MX record(s) that contain an IP address. This is not valid. A fully RFC-compliant mailserver will not be able to send you mail (although some mail servers will, due to the TCP/IP functions that they use). The problem MX records are:
"OUR IP".
and-
ERROR: I could not complete a connection to any of your mailservers!
OUR IP: Could not connect without glue or A record.<br />
If this is a timeout problem, note that the DNSreport only waits about 40 seconds for responses, so your mail *may* work fine in this case but you will need to use testing tools specifically designed for such situations to be certain.
And:
Mismatched Glue-
ERROR: Your nameservers report glue that is different from what the parent servers report. This will cause DNS servers to get confused; some may go to the IP provided by the parent servers, while others may get to the ones provided by your authoritative DNS servers. Problem record(s) are:
ns2.webpossibilities.com.:
Parent server (c.gtld-servers.net) says A record is 205.209.100.98, but
authoritative DNS server (205.209.101.104) says it is 205.209.101.104
ns1.webpossibilities.com.:
Parent server (c.gtld-servers.net) says A record is 205.209.101.104, but
authoritative DNS server (205.209.101.104) says it is 205.209.100.98
ns1.webpossibilities.com.:
Parent server (c.gtld-servers.net) says A record is 205.209.101.104, but
authoritative DNS server (205.209.100.98) says it is 205.209.100.98
ns2.webpossibilities.com.:
Parent server (c.gtld-servers.net) says A record is 205.209.100.98, but
authoritative DNS server (205.209.100.98) says it is 205.209.101.104
This is a hosting problem, right?
ERROR: You have one or more MX record(s) that contain an IP address. This is not valid. A fully RFC-compliant mailserver will not be able to send you mail (although some mail servers will, due to the TCP/IP functions that they use). The problem MX records are:
"OUR IP".
and-
ERROR: I could not complete a connection to any of your mailservers!
OUR IP: Could not connect without glue or A record.<br />
If this is a timeout problem, note that the DNSreport only waits about 40 seconds for responses, so your mail *may* work fine in this case but you will need to use testing tools specifically designed for such situations to be certain.
And:
Mismatched Glue-
ERROR: Your nameservers report glue that is different from what the parent servers report. This will cause DNS servers to get confused; some may go to the IP provided by the parent servers, while others may get to the ones provided by your authoritative DNS servers. Problem record(s) are:
ns2.webpossibilities.com.:
Parent server (c.gtld-servers.net) says A record is 205.209.100.98, but
authoritative DNS server (205.209.101.104) says it is 205.209.101.104
ns1.webpossibilities.com.:
Parent server (c.gtld-servers.net) says A record is 205.209.101.104, but
authoritative DNS server (205.209.101.104) says it is 205.209.100.98
ns1.webpossibilities.com.:
Parent server (c.gtld-servers.net) says A record is 205.209.101.104, but
authoritative DNS server (205.209.100.98) says it is 205.209.100.98
ns2.webpossibilities.com.:
Parent server (c.gtld-servers.net) says A record is 205.209.100.98, but
authoritative DNS server (205.209.100.98) says it is 205.209.101.104
This is a hosting problem, right?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sorry for the slow response. Yes, this was a hosting issue but I had to beat the heck out of the provider before they actuallyn took ownership.
Best place to start is probably browsing over the www.dnsstuff.com, then do a DNS lookup for your MX, followed by a "Full Transversal". to check where the problem is.