Solved

What needs to change

Posted on 2010-09-23
10
674 Views
Last Modified: 2012-05-10
This is my first mac mail server setup. Mail is working but I have questions ...
Here is the header information...

Received: from thehighlands.us ([68.70.65.100] RDNS failed) by mail.workdomain.com with Microsoft SMTPSVC(6.0.3790.4675);
       Thu, 23 Sep 2010 09:13:59 -0500
Received: from localhost (localhost [127.0.0.1])
      by thehighlands.us (Postfix) with ESMTP id 548D66CDD1
      for <user@workdomain.com>; Thu, 23 Sep 2010 09:13:41 -0500 (CDT)
X-Virus-Scanned: amavisd-new at thehighlands.us
Received: from thehighlands.us ([127.0.0.1])
      by localhost (mailserver.thehighlands.us [127.0.0.1]) (amavisd-new, port 10024)
      with ESMTP id ukzgNYsPy+-8 for <user@workdomain.com>;
      Thu, 23 Sep 2010 09:13:32 -0500 (CDT)
Received: from mailserver.thehighlands.us (localhost [127.0.0.1])
      by thehighlands.us (Postfix) with ESMTP id 2E2B56CDC0
      for < user@workdomain.com >; Thu, 23 Sep 2010 09:13:32 -0500 (CDT)
Received: from 192.168.9.9
        (SquirrelMail authenticated user bwayne)
        by mailserver.thehighlands.us with HTTP;
        Thu, 23 Sep 2010 09:13:32 -0500
Message-ID: <b5359e4f7efab4c9a4e60ead94d5cdd4.squirrel@mailserver.thehighlands.us>
Date: Thu, 23 Sep 2010 09:13:32 -0500
Subject: test
From: "Bruce Wayne" <bwayne@thehighlands.us>
To: user@workdomain.com
User-Agent: SquirrelMail/1.4.20
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Return-Path: bwayne@thehighlands.us
X-OriginalArrivalTime: 23 Sep 2010 14:13:59.0230 (UTC) FILETIME=[90DBC5E0:01CB5B29]

The rDNS failed because the ISP has yet to put the ptr record in place.
But should the mailserver's name (mailserver.thehighlands.us) be shown, or should it be the mail.thehighlands.us as the A record has been set (externally)?
The IP's of 127.0.0.1 & 192.168.9.9, should private IP's be showing up as well, or should it be their outside DNS IP?

What changes need to be made?

Thx.
0
Comment
Question by:ultreya
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 8

Expert Comment

by:Mac2010
Comment Utility
I don't exactly understand your question. Are you looking for a way to edit hostnames, IP addresses and other private info from your email headers?

Usually email headers show host names, including the one from your mail server. "Mail" (-.example.com) can be a host name or alias, depending on your network setup.
0
 
LVL 19

Expert Comment

by:bevhost
Comment Utility
The PTR should always match the A record.
0
 
LVL 19

Expert Comment

by:bevhost
Comment Utility
Gerneally speaking it is a good idea to have the mail server name match the PTR
0
 
LVL 12

Expert Comment

by:nxnw
Comment Utility
If you sent the mail from a machine on the same LAN as the thehighlands.us mailserver, it is correct for the header to show the private IP. The same mailserver generating references to itself in the header will refer to itself by its localhost address.

Now, your ISP should be setting up your DNS as follows:
• an A record for mail.thehighlands.us
• a reverse pointer matching the A record
• an MX record thehighlands.us pointing to mail.thehighlands.us

There is also the issue of internal DNS.
• If you don't have it, and you are talking about a handful of machines, it might be easier to use the server's IP address on your client machines on the LAN. If the machine is named "mailserver", mailserver.local will also work. Otherwise, you will be resolving to the external address.
 • If you do have an internal DNS server, you can use the thehighlands.us domain, in which case you should set up the same records as your ISP, and be sure that the internal clients are using only your internal DNS.

"rDNS failed" means that they don't match, not that there was no response. That entry was put there by the SMTP server at mail.workdomain.com. FYI, rDNS failure is an indication of a rogue mailserver, although there are likely many legitimate servers that do not have matching reverse DNS entries.Some mailservers block connections where rDNS has failed, as a spam fighting strategy.
0
 
LVL 12

Expert Comment

by:nxnw
Comment Utility
BTW, your A record isn't mail.thehighlands.us. It is something else. mail.thehighlands.us is an alias.

Unless you have a really good reason to have multiple names, you should keep it simple. You are just getting your feet wet and having one internal name and two different external names for the same machine is bound to mess you up at some point. Issues with setting up a SSL certificate comes to mind.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:ultreya
Comment Utility
Thx for the help.

I know why the rdns failure occurs, and once the ISP gets the ptr record in place that should stop. My concerns are with the internal IP's showing in the header information rather than the external hops. I am unsure if this is normal with Mac or not. I have set up several Exchange servers and have never seen an internal IP in the header, unless it was from inside to inside mail.

You are correct in the a record though. It's a reseller of a reseller of a registrar. I worked with them for over an hour just getting the records created, was difficult to get cooperation from them... the A record is webmail.thehighlands.us. with an alias  of mail. pointing to the a record.

Will be working on this (these) issues over the next few days, so will chime back in.

I apologize for the delay, was occupied with other projects.
0
 
LVL 12

Expert Comment

by:nxnw
Comment Utility
"If you sent the mail from a machine on the same LAN as the thehighlands.us mailserver, it is correct for the header to show the private IP. The same mailserver generating references to itself in the header will refer to itself by its localhost address."
0
 

Author Comment

by:ultreya
Comment Utility
The header information from above is from inside to an outside message
This is where i saw the 127 address, understanding this is loopback that just points to the mail server...
"by localhost (mailserver.thehighlands.us [127.0.0.1]) "
But the actual internal IP was displayed as well
"Received: from 192.168.9.9"
So I wanted to make sure the setup/configuration was correct, in that I did not believe these addresses should be shown, but if they are then they are...

Good note.
The ISP finally put in the ptr record, so the rdns failure is no longer an issue.

To re-itterate though.
Is it normal for the private IP addresses to be shown in the headers?
0
 
LVL 12

Accepted Solution

by:
nxnw earned 500 total points
Comment Utility
I thought I was very clear, but I will try a different way. Follow each of the 5 steps from sender to mail.workdomain.com.

1. SquirrelMail reports that it received email from 192.168.9.9, a machine on the same LAN. This is the only IP address the server could possibly have for that local machine on the LANs private 192.168.9.x range.

Received: from 192.168.9.9
        (SquirrelMail authenticated user bwayne)
        by mailserver.thehighlands.us with HTTP;
        Thu, 23 Sep 2010 09:13:32 -0500

2. Postfix reports that it received the email from SquirrelMail. Both are on the same server, correctly identified as localhost:

Received: from mailserver.thehighlands.us (localhost [127.0.0.1])
      by thehighlands.us (Postfix) with ESMTP id 2E2B56CDC0
      for < user@workdomain.com >; Thu, 23 Sep 2010 09:13:32 -0500 (CDT)

3. AMaViS reports that it received the email from Postfix. Both are on the same server, correctly identified as localhost:

Received: from thehighlands.us ([127.0.0.1])
      by localhost (mailserver.thehighlands.us [127.0.0.1]) (amavisd-new, port 10024)
      with ESMTP id ukzgNYsPy+-8 for <user@workdomain.com>;
      Thu, 23 Sep 2010 09:13:32 -0500 (CDT)

4. Postfix reports that it received the email back from AMaViS. Both are on the same server, correctly identified as localhost:

Received: from localhost (localhost [127.0.0.1])
      by thehighlands.us (Postfix) with ESMTP id 548D66CDD1
      for <user@workdomain.com>; Thu, 23 Sep 2010 09:13:41 -0500 (CDT)

5. Now the email is out in the wild. Accordingly, mail.workdomain.com knows the thehighlands.us server by its public IP address.

Received: from thehighlands.us ([68.70.65.100] RDNS failed) by mail.workdomain.com with Microsoft SMTPSVC(6.0.3790.4675);
       Thu, 23 Sep 2010 09:13:59 -0500
0
 

Author Closing Comment

by:ultreya
Comment Utility
Excellent description, thanks.
Could have done without the "I thought I was very clear, but I will try a different way" dig, but i have to assume you are who you are.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

SUMMARY Enterprise backup in a heterogeneous network is a subject full of complications and restrictions. Issues such as filename & path structure, attributes and extended metadata always tend to complicate the subject to the extent where either …
The /etc/authorization file in Mac OS X 10.x can be used to control access to the various panes of the System Preferences amongst other things. It’s used by some of us Mac Sys Admin’s to give Standard Users access to System Prefs panes that only adm…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now