• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 260
  • Last Modified:

DNS - Mx Record Issues

Can't send an email to one of my customers, it stays in the outbound queue trying to connect.
After 2 days it would time-out with 4.4.7 Error.
The customer recently changed their mail system to use mycustomer-com.mail.protection.outlook.com.
However, they still have the old Mx record published as well mail.mycustomer.com which doesn't even work.

Here is my main concern: When using the NsLookup (set q=mx) from my in-house DNS server (which is connected outside with my ISP dns servers) I can only see their old Mx record. When testing with a different dns public server (Google 8.8.8.8) I actually see both Mx records.

I checked my firewall (router) and DNS queries on port 53 are not getting blocked.
Other hosts seem to be resolving fine.
I also removed the old pointer in my dns cache for this specific domain, but it still comes up with old Mx record/IP address only.

I am not sure what to test and do at this point; I did ask them to remove their old MX record, not sure if that will resolve my issue. They also told me that I am not blacklisted on their new server (not blacklisted in general).

Thanks for your help, much appreciated.
0
cP6uH
Asked:
cP6uH
  • 3
  • 3
2 Solutions
 
Simon Butler (Sembee)ConsultantCommented:
If you do a query against your ISPs DNS servers directly, do they still return the old results? If so then the problem is not yours. Use the Google DNS records instead or Root Hints.

Simon.
0
 
cP6uHAuthor Commented:
I directly tested both ISPs DNS servers they resolve fine; However, for this specific domain I still get the old results.
I never used or added any other external/public DNS servers to my DNS/Firewall. Not sure what that would do to my environment. I just used Google public DNS as a test from my computer using NsLookup.
0
 
Jerry MillsCommented:
Sounds like possible stale DNS cache or DNS serving not updating.  Make sure you only have 1 dns specified on your nic while testing.

Simple test of a known Microsoft outlook customer via netgear router.

C:\Users\jerry_000>nslookup
Default Server:  UnKnown
Address:  192.168.110.1

> set q=mx
> icsxxxx.com
Server:  UnKnown
Address:  192.168.110.1

Non-authoritative answer:
icsgroup.com    MX preference = 0, mail exchanger = icsgrxxxx-com.mail.protection.outlook.com
>
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
cP6uHAuthor Commented:
DNS server seems to be updating fine, recently tested with different hosts. Got the same results for icsgroup.com.
In DNS cache I deleted the stale record but it comes back with the same old info for that domain.

Is it recommended to use a public DNS (Google) server on your network?
I have two ISPs DNS servers currently listed. How do they exactly work? The first one is always being used and the second one is just a backup? So if I added a third one, it would be just a backup as well?

Thanks.
0
 
Jerry MillsCommented:
I recommend using local DNS server as it records devices on your network besides directing inquiries to the public.  Particularly if you have shared folders.

1.  I have seen the ISP DNS servers drop out of use and ISP doesn't let you know.  So confirm with ISP correct DNS servers they want you to use.
2.  Using Google is okay.
3.  First time you go after icsgroup.com ( which I meant to obscure by the way - whoops!) it will not be in cache anywhere if you have never gone there before - therefore DNS server will fetch it.
4.  Make sure you don't have an HOSTS file configured for your customer (due diligence)
5.  Try just using google 8.8.8. as your only DNS server on the NIC then be sure and clean cache ( ipconfig /flushdns ) then try your customer using nslookup again.
6.  Do you use Wireshark?  Wireshark will show you where you are getting your mx record from and what is delivered.  Remember to keep flushing dns cache.
0
 
Jerry MillsCommented:
Wireshark example:

C:\Users\jerry_000>nslookup
Default Server:  UnKnown
Address:  192.168.110.1

> set q=mx
> icsgroup.com
Server:  UnKnown
Address:  192.168.110.1

Non-authoritative answer:
icsgroup.com    MX preference = 0, mail exchanger = icsgroup-com.mail.protection
.outlook.com
> exit

C:\Users\jerry_000>ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\Users\jerry_000>set 8.8.8.8
Environment variable 8.8.8.8 not defined

C:\Users\jerry_000>nslookup
Default Server:  UnKnown
Address:  192.168.110.1

> server 8.8.8.8
Default Server:  google-public-dns-a.google.com
Address:  8.8.8.8

> set q=mx
> icsgroup.com
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Non-authoritative answer:
icsgroup.com    MX preference = 0, mail exchanger = icsgroup-com.mail.protection
.outlook.com
>
> server 192.168.110.1
Default Server:  [192.168.110.1]
Address:  192.168.110.1

> set q=mx
> icsgroup.com
Server:  [192.168.110.1]
Address:  192.168.110.1

Non-authoritative answer:
icsgroup.com    MX preference = 0, mail exchanger = icsgroup-com.mail.protection
.outlook.com
DNS1.jpg
DNS2.jpg
0
 
cP6uHAuthor Commented:
Contacted my ISP (Rogers) and found out that my DNS servers were really old.
Set their new server as primary and Google public DNS (8.8.8.8) as secondary.

Everything seems to be working fine now, the email left the exchange outbound queue.
Thank you guys for your help.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now