Email Issues - DNS/ reverse DNS
I recently brought an outsourced email back in-house and have had a few issues sending email only to certain domains (domains that do more "research" before accepting email).
Doing a test from testexchangeconnectivity.c
IP Address x.x.x.x does not have a PTR record in DNS
If I do a reverse dns lookup on the IP at iptools.com, it seems to be happy. Also, someone ran a report from dnsstuff.com and I got 3 errors on that report...
1. ERROR: You have one or more MX record(s) that contain an IP address. This is not valid. A fully RFC-compliant mailserver will not be able to send you mail (although some mail servers will, due to the TCP/IP functions that they use). The problem MX records are x.x.x.x
I did change the MX record so it is nowa name, and that name points to the IP of my server. I just pointed the MX to the A record which is my OWA address..
2. ERROR: None of your mail server(s) seem to have reverse DNS (PTR) entries (I didn't get any responses for them). RFC1912 2.1 says you should have a reverse DNS for all your mail servers. It is strongly urged that you have them, as many mailservers will not accept mail from mailservers with no reverse DNS entry. You can double-check using the 'Reverse DNS Lookup' tool (it contacts your servers in real time; the reverse DNS lookups in the DNS report use our local caching DNS server).
3. ERROR: I could not complete a connection to any of your mailservers!
x.x.x.x: Could not connect without glue or A record.<br />
If this is a timeout problem, note that the DNSreport only waits about 40 seconds for responses, so your mail *may* work fine inthis case but you will need to use testing tools specifically designed for such situations to be certain.
pretty sure this was a fluke, emails working fine for 90% of the domains...
Unfortunately ATT hosts my dns for this domain (requirement with their T1 I guess) - so I have limited control of what things I can add/edit, but I can email them to do changes, and they are pretty responsive.
Thanks
Doing a test from testexchangeconnectivity.c
IP Address x.x.x.x does not have a PTR record in DNS
If I do a reverse dns lookup on the IP at iptools.com, it seems to be happy. Also, someone ran a report from dnsstuff.com and I got 3 errors on that report...
1. ERROR: You have one or more MX record(s) that contain an IP address. This is not valid. A fully RFC-compliant mailserver will not be able to send you mail (although some mail servers will, due to the TCP/IP functions that they use). The problem MX records are x.x.x.x
I did change the MX record so it is nowa name, and that name points to the IP of my server. I just pointed the MX to the A record which is my OWA address..
2. ERROR: None of your mail server(s) seem to have reverse DNS (PTR) entries (I didn't get any responses for them). RFC1912 2.1 says you should have a reverse DNS for all your mail servers. It is strongly urged that you have them, as many mailservers will not accept mail from mailservers with no reverse DNS entry. You can double-check using the 'Reverse DNS Lookup' tool (it contacts your servers in real time; the reverse DNS lookups in the DNS report use our local caching DNS server).
3. ERROR: I could not complete a connection to any of your mailservers!
x.x.x.x: Could not connect without glue or A record.<br />
If this is a timeout problem, note that the DNSreport only waits about 40 seconds for responses, so your mail *may* work fine inthis case but you will need to use testing tools specifically designed for such situations to be certain.
pretty sure this was a fluke, emails working fine for 90% of the domains...
Unfortunately ATT hosts my dns for this domain (requirement with their T1 I guess) - so I have limited control of what things I can add/edit, but I can email them to do changes, and they are pretty responsive.
Thanks
What version of Exchange do you have? Exchange 2007 / 2010 will test you Receive Connector not your send connector and will report false information, so that may be part of the confusion.
ASKER
Its exchange 2003 - ahh - the duplicate rdns...you might be onto something there, I have a login to the ATT portal so can view everything I think.
If you want to post your domain name and IP address ( which I will obscure once poated ) I / We can give you more specidic advice.
I don't see old rDNS records being an issue unless you still have pointers to old IP addresses. It is your current IP address that is important.
I don't see old rDNS records being an issue unless you still have pointers to old IP addresses. It is your current IP address that is important.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ah crap - yeah I even set it as that as the olddomain had the mx.olddomain.com for whatever reason so I was just making it match, then forgot about it!
So that might have been one issue, the testexchangeconnectivity.c
So that might have been one issue, the testexchangeconnectivity.c
Test your domain on www.mxtoolbox.com/diagnostic.aspx instead. I use www.dnsstuff.com but you need a subscription. As I use it pretty much every day, it makes sense for me ; )
It looks fine on dnsstuff.
It looks fine on dnsstuff.
From dnsstuff:
OK. The IPs of all of your mail server(s) have reverse DNS (PTR) entries. RFC1912 2.1 says you should have a reverse DNS for all your mail servers. It is strongly urged that you have them, as many mailservers will not accept mail from mailservers with no reverse DNS entry. Note that this information is cached, so if you changed it recently, it will not be reflected here (see the 'Reverse DNS Tool' for the current data). The reverse DNS entries are:
68.201.xxx.xxx.in-addr.arp
OK. The IPs of all of your mail server(s) have reverse DNS (PTR) entries. RFC1912 2.1 says you should have a reverse DNS for all your mail servers. It is strongly urged that you have them, as many mailservers will not accept mail from mailservers with no reverse DNS entry. Note that this information is cached, so if you changed it recently, it will not be reflected here (see the 'Reverse DNS Tool' for the current data). The reverse DNS entries are:
68.201.xxx.xxx.in-addr.arp
Looking much better now.
Thanks for the points.
Alan
Thanks for the points.
Alan
Call AT&T, escalate up if you can, and have them send you documentation of the DNS and RDNS for your zone. Double-check every entry very carefully.
We saw the same thing. Email went out fine 90% of the time, but certain clients were having problems.
Also, contact your *old* ISP or Exchange Host company and make sure they successfully purged your RDNS records - that could be the cause of the duplicates.