Solved

What needs to change

Posted on 2010-09-23
10
681 Views
Last Modified: 2012-05-10
This is my first mac mail server setup. Mail is working but I have questions ...
Here is the header information...

Received: from thehighlands.us ([68.70.65.100] RDNS failed) by mail.workdomain.com with Microsoft SMTPSVC(6.0.3790.4675);
       Thu, 23 Sep 2010 09:13:59 -0500
Received: from localhost (localhost [127.0.0.1])
      by thehighlands.us (Postfix) with ESMTP id 548D66CDD1
      for <user@workdomain.com>; Thu, 23 Sep 2010 09:13:41 -0500 (CDT)
X-Virus-Scanned: amavisd-new at thehighlands.us
Received: from thehighlands.us ([127.0.0.1])
      by localhost (mailserver.thehighlands.us [127.0.0.1]) (amavisd-new, port 10024)
      with ESMTP id ukzgNYsPy+-8 for <user@workdomain.com>;
      Thu, 23 Sep 2010 09:13:32 -0500 (CDT)
Received: from mailserver.thehighlands.us (localhost [127.0.0.1])
      by thehighlands.us (Postfix) with ESMTP id 2E2B56CDC0
      for < user@workdomain.com >; Thu, 23 Sep 2010 09:13:32 -0500 (CDT)
Received: from 192.168.9.9
        (SquirrelMail authenticated user bwayne)
        by mailserver.thehighlands.us with HTTP;
        Thu, 23 Sep 2010 09:13:32 -0500
Message-ID: <b5359e4f7efab4c9a4e60ead94d5cdd4.squirrel@mailserver.thehighlands.us>
Date: Thu, 23 Sep 2010 09:13:32 -0500
Subject: test
From: "Bruce Wayne" <bwayne@thehighlands.us>
To: user@workdomain.com
User-Agent: SquirrelMail/1.4.20
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Return-Path: bwayne@thehighlands.us
X-OriginalArrivalTime: 23 Sep 2010 14:13:59.0230 (UTC) FILETIME=[90DBC5E0:01CB5B29]

The rDNS failed because the ISP has yet to put the ptr record in place.
But should the mailserver's name (mailserver.thehighlands.us) be shown, or should it be the mail.thehighlands.us as the A record has been set (externally)?
The IP's of 127.0.0.1 & 192.168.9.9, should private IP's be showing up as well, or should it be their outside DNS IP?

What changes need to be made?

Thx.
0
Comment
Question by:ultreya
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 8

Expert Comment

by:Mac2010
ID: 33747199
I don't exactly understand your question. Are you looking for a way to edit hostnames, IP addresses and other private info from your email headers?

Usually email headers show host names, including the one from your mail server. "Mail" (-.example.com) can be a host name or alias, depending on your network setup.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 33747582
The PTR should always match the A record.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 33747591
Gerneally speaking it is a good idea to have the mail server name match the PTR
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 12

Expert Comment

by:nxnw
ID: 33749643
If you sent the mail from a machine on the same LAN as the thehighlands.us mailserver, it is correct for the header to show the private IP. The same mailserver generating references to itself in the header will refer to itself by its localhost address.

Now, your ISP should be setting up your DNS as follows:
• an A record for mail.thehighlands.us
• a reverse pointer matching the A record
• an MX record thehighlands.us pointing to mail.thehighlands.us

There is also the issue of internal DNS.
• If you don't have it, and you are talking about a handful of machines, it might be easier to use the server's IP address on your client machines on the LAN. If the machine is named "mailserver", mailserver.local will also work. Otherwise, you will be resolving to the external address.
 • If you do have an internal DNS server, you can use the thehighlands.us domain, in which case you should set up the same records as your ISP, and be sure that the internal clients are using only your internal DNS.

"rDNS failed" means that they don't match, not that there was no response. That entry was put there by the SMTP server at mail.workdomain.com. FYI, rDNS failure is an indication of a rogue mailserver, although there are likely many legitimate servers that do not have matching reverse DNS entries.Some mailservers block connections where rDNS has failed, as a spam fighting strategy.
0
 
LVL 12

Expert Comment

by:nxnw
ID: 33749713
BTW, your A record isn't mail.thehighlands.us. It is something else. mail.thehighlands.us is an alias.

Unless you have a really good reason to have multiple names, you should keep it simple. You are just getting your feet wet and having one internal name and two different external names for the same machine is bound to mess you up at some point. Issues with setting up a SSL certificate comes to mind.
0
 

Author Comment

by:ultreya
ID: 33795558
Thx for the help.

I know why the rdns failure occurs, and once the ISP gets the ptr record in place that should stop. My concerns are with the internal IP's showing in the header information rather than the external hops. I am unsure if this is normal with Mac or not. I have set up several Exchange servers and have never seen an internal IP in the header, unless it was from inside to inside mail.

You are correct in the a record though. It's a reseller of a reseller of a registrar. I worked with them for over an hour just getting the records created, was difficult to get cooperation from them... the A record is webmail.thehighlands.us. with an alias  of mail. pointing to the a record.

Will be working on this (these) issues over the next few days, so will chime back in.

I apologize for the delay, was occupied with other projects.
0
 
LVL 12

Expert Comment

by:nxnw
ID: 33795569
"If you sent the mail from a machine on the same LAN as the thehighlands.us mailserver, it is correct for the header to show the private IP. The same mailserver generating references to itself in the header will refer to itself by its localhost address."
0
 

Author Comment

by:ultreya
ID: 33862443
The header information from above is from inside to an outside message
This is where i saw the 127 address, understanding this is loopback that just points to the mail server...
"by localhost (mailserver.thehighlands.us [127.0.0.1]) "
But the actual internal IP was displayed as well
"Received: from 192.168.9.9"
So I wanted to make sure the setup/configuration was correct, in that I did not believe these addresses should be shown, but if they are then they are...

Good note.
The ISP finally put in the ptr record, so the rdns failure is no longer an issue.

To re-itterate though.
Is it normal for the private IP addresses to be shown in the headers?
0
 
LVL 12

Accepted Solution

by:
nxnw earned 500 total points
ID: 33863259
I thought I was very clear, but I will try a different way. Follow each of the 5 steps from sender to mail.workdomain.com.

1. SquirrelMail reports that it received email from 192.168.9.9, a machine on the same LAN. This is the only IP address the server could possibly have for that local machine on the LANs private 192.168.9.x range.

Received: from 192.168.9.9
        (SquirrelMail authenticated user bwayne)
        by mailserver.thehighlands.us with HTTP;
        Thu, 23 Sep 2010 09:13:32 -0500

2. Postfix reports that it received the email from SquirrelMail. Both are on the same server, correctly identified as localhost:

Received: from mailserver.thehighlands.us (localhost [127.0.0.1])
      by thehighlands.us (Postfix) with ESMTP id 2E2B56CDC0
      for < user@workdomain.com >; Thu, 23 Sep 2010 09:13:32 -0500 (CDT)

3. AMaViS reports that it received the email from Postfix. Both are on the same server, correctly identified as localhost:

Received: from thehighlands.us ([127.0.0.1])
      by localhost (mailserver.thehighlands.us [127.0.0.1]) (amavisd-new, port 10024)
      with ESMTP id ukzgNYsPy+-8 for <user@workdomain.com>;
      Thu, 23 Sep 2010 09:13:32 -0500 (CDT)

4. Postfix reports that it received the email back from AMaViS. Both are on the same server, correctly identified as localhost:

Received: from localhost (localhost [127.0.0.1])
      by thehighlands.us (Postfix) with ESMTP id 548D66CDD1
      for <user@workdomain.com>; Thu, 23 Sep 2010 09:13:41 -0500 (CDT)

5. Now the email is out in the wild. Accordingly, mail.workdomain.com knows the thehighlands.us server by its public IP address.

Received: from thehighlands.us ([68.70.65.100] RDNS failed) by mail.workdomain.com with Microsoft SMTPSVC(6.0.3790.4675);
       Thu, 23 Sep 2010 09:13:59 -0500
0
 

Author Closing Comment

by:ultreya
ID: 33863647
Excellent description, thanks.
Could have done without the "I thought I was very clear, but I will try a different way" dig, but i have to assume you are who you are.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we discuss how to recover the missing Outlook 2011 for Mac data like Emails and Contacts manually.
Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question