• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 881
  • Last Modified:

Yahoo boucing email to our domain, claims "No MX or A records for "ourdomain.edu

Recently, some Yahoo emails to our domain have been bouncing back to users with a "No MX or A records for ourdomain.edu". This is an intermittent problem, and we haven't been able to reliably reproduce the problem. We are receiveing email from other sources.

Our MX records are on our name server, and I can verify that our full DNS records can be seen and retrieved when I check external sources like dnstools.com, mxtoolbox.com, network-tools.com. We are still waiting to hear back from yahoo tech support. Is there anything else I can do in the meanwhile?
0
eimonkey
Asked:
eimonkey
1 Solution
 
cavp76Commented:
What about PTR record for your mail server? is it configured?? check this also online... if it's not configured, ask your ISP to do it
0
 
Jamie GillespieSenior IT ConsultantCommented:
This will more than likely be due to PTR as mentioned above. Use a SMTP smarthost?

http://support.microsoft.com/kb/303734     -shows you how to set up.

If your ISP is eclipse for example use SMTP.ECLIPSE.CO.UK

Hope this helps
0
 
saastechCommented:
Check if your domain is on a blacklist? http://www.blacklistalert.org/

Also, can you provide us with the NDR email header?
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
eimonkeyAuthor Commented:
Double cheked: Yes, we have a PTR record for the mail server. No, we are not on any blacklists.
I'll see if I can get a hold of the NDR header - so far they've just been forwarding me the text of the message.

We did get a hold of someone at AT&T last week, and they have a known problem with people sending messages to external addresses.
0
 
JohnnyITCommented:
I wonder if there is a network reliability issue to your DNS servers.  Is it possible that rarely, a DNS lookup is failing, or your server is not consisently providing the DNS info?  As a start, you could ping your DNS servers (from an outside network at an alternate location, from an alternate ISP obviously) for an extended period of time.  See if you get any packet loss, and what the latency is like.

Also, have you double checked your DNS using services like: http://www.intodns.com/ & http://www.mxtoolbox.com/SuperTool.aspx  & http://dnscog.com/  ??  They may help you find the problem.  You never know, maybe your TTL values are set extremely low, and the DNS servers are polling your server more frequently than it can handle.
0
 
eimonkeyAuthor Commented:
I'll setup the ping for DNS servers. Seems fine so far, but we'll keep an eye on it.

We're getting green checkmarks on everything when checking the outside sites like intodns.com, mxtoolbox.com, and dnscog.com except SOA Expire was over suggested limits and we dont' currently have SPF record, which I will add.
0
 
JohnnyITCommented:
The SPF record is becoming more and more important, and while I'm not sure it's causing your exact problem, it definitely needs to be there.

Check this site for help in properly creating the SPF record: http://www.openspf.org/

What was your SOA expire set to??
0
 
eimonkeyAuthor Commented:
SOA EXPIRE time is : 2592000 seconds, which was flagged as being too high.  We submitted the change request to our ISP.

We've been running the ping test and periodically running the DNS reports for our domain dnscog.com and dnsstuff reports throughout the day. Although we get a pretty consistent ping reply, one of our three nameservers occassionally is not reponding. The other two have been up consistently. We've contacted our ISP to investigate.

If a sender was attempting to get our MX record and one namesserver was down, wouldn't it go to one of the other two to get the record (if it didn't have it?)
0
 
eimonkeyAuthor Commented:
SOA Expire change seemed to resolve issues.
0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now