• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1270
  • Last Modified:

Google Apps DNS errors from dnsstuff

We were unable to resolve any of the MX records to IP addresses.  Either the address records for the mailservers are missing, or they may be CNAMEs which is illegal (CNAMEs are prohibited in MX record
0
Jack Murphy
Asked:
Jack Murphy
  • 9
  • 4
  • 3
  • +1
1 Solution
 
the_b1ackfoxCIOCommented:
Soooo  whats your question exactly?
0
 
Jack MurphyOwnerAuthor Commented:
I have emails on google apps that are going out but not being received.  They also are not bouncing back.  this was a response or error from a dnsstuff report.  I am wondering if it is related to my email issues?

http://apps.dnsstuff.com/dnsdashboard/task/editDashboardSettings/target/10154/reqid/128826841/section/4 
0
 
the_b1ackfoxCIOCommented:
If your app is not resolving DNS, then you are probably building up a lot of emails waiting to go out.

Either way you should address it from the perspective of the sending application.

Email will go into the proverbial bit bucket when:

1) no resolution of names
2) no reverse lookup information

Fox
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
Jack MurphyOwnerAuthor Commented:
google apps is my email application.  Do you have any suggestions?
0
 
Jack MurphyOwnerAuthor Commented:
The domain is hosted through register.com if that helps
0
 
the_b1ackfoxCIOCommented:
Where is the email application running?  Off of the hosted website?
0
 
Jack MurphyOwnerAuthor Commented:
when you say application do you mean something like an exchange server?

All of the email is sent through a web-browser via google applications and google servers.
0
 
Martino Dell'AmbrogioSecurity ArchitectCommented:
Since the question was asked twice, I'll copy the answer here too:
It seems to me that the problem was temporary or is related to dnsstuff, because now those records resolve correctly.
They also are the correct records for Google Mail, as stated here : http://support.google.com/a/bin/answer.py?hl=en&answer=174125
0
 
Jack MurphyOwnerAuthor Commented:
Still having issues with mail not being delivered with no spam or undeliverable message being returned?  Any thoughts?
0
 
Martino Dell'AmbrogioSecurity ArchitectCommented:
$ dig -t mx bridgescincinnati.org
; <<>> DiG 9.7.3 <<>> -t mx bridgescincinnati.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9661
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 4

;; QUESTION SECTION:
;bridgescincinnati.org.         IN      MX

;; ANSWER SECTION:
bridgescincinnati.org.  14396   IN      MX      5 aspmx.l.google.com.
bridgescincinnati.org.  14396   IN      MX      10 aspmx2.googlemail.com.
bridgescincinnati.org.  14396   IN      MX      10 aspmx3.googlemail.com.
bridgescincinnati.org.  14396   IN      MX      10 alt1.aspmx.l.google.com.
bridgescincinnati.org.  14396   IN      MX      10 alt2.aspmx.l.google.com.

;; ADDITIONAL SECTION:
aspmx.l.google.com.     293     IN      A       173.194.66.26
aspmx2.googlemail.com.  456     IN      A       74.125.43.27
aspmx3.googlemail.com.  453     IN      A       74.125.127.27
alt2.aspmx.l.google.com. 289    IN      A       74.125.127.27

;; Query time: 33 msec
;; SERVER: x.x.x.x#53(x.x.x.x)
;; WHEN: Mon Dec 19 15:48:44 2011
;; MSG SIZE  rcvd: 236

Open in new window


There are even glue records, DNS is working correctly.

http://mxtoolbox.com/SuperTool.aspx?action=mx%3aaspmx.l.google.com
220 mx.google.com ESMTP c17si8036885ann.162

 OK - 74.125.65.27 resolves to gx-in-f27.1e100.net
 Warning - Reverse DNS does not match SMTP Banner
 0 seconds - Good on Connection time
Not an open relay.
 3.370 seconds - Good on Transaction time

Open in new window


The MX service is also OK at Google.

Now, the problem may come from your account within Google Apps. Is the domain name correct?

Is there any user account which I could test as a destination?
0
 
Allen FalconCEO & Pragmatic EvangelistCommented:

Is the non-delivery issue to one or a few domains to everyone?  It is possible you are being caught as spam with no NDR by the receiver.

Have you included Google in you SPF?

Are you using the embedded Postini services?

0
 
Jack MurphyOwnerAuthor Commented:
SPF record is set and we are not using postini

You can use admin@bridgescincinnati.org
0
 
Martino Dell'AmbrogioSecurity ArchitectCommented:
I sent you a message and received the reply.
What exactly isn't working?
0
 
Jack MurphyOwnerAuthor Commented:
It seems like certain domains hosted by certain isps are not letting us get email through.

@Insightbb.com
@fuse.net
@cinci.rr.com

0
 
Jack MurphyOwnerAuthor Commented:
Thank you for the help by the way!
0
 
Martino Dell'AmbrogioSecurity ArchitectCommented:
You are welcome, sorry not to be able to help more.
I suggest you contact those ISPs and ask them to extract some MTA logs.

What I can say is that it doesn't seem to be related to an antispam filter, or any kind of grey/blacklist. You would have received an error, either by the destination server or Google itself, in those cases.

It may be an antispam filter who also does blackhole, which is a very stupid thing to do if the destination doesn't receive a block notification.

Anyway, an analysis on their side will help you.
0
 
Jack MurphyOwnerAuthor Commented:
Thanks for sticking it out with me
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

  • 9
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now