Any Exchange / DNS / MX gurus out there?

[akshatp]

Our Exchange server is having an issue receiving mail from certain domains. Spoke to the email admin at one of the affected domains, and he said that our MX / A / DNS records aren't correct.

Everything was working fine until the domain expired last week, we have since regained control of the domain and set the DNS servers back to what they were prior to expiry. No changes were made to our records.

In the image, assume all of the blocked out parts are <host> and the IP address is correct.

Is everything correct? No glaring issues right?

 

[theevilsharpie]

Unless you have specific need for it, you can remove the MX record for mail.[blank].com.

Otherwise, I don't see anything functionally wrong (consider adding an SPF record). The SMTP servers in the domains having problems may still have incorrect DNS information cached. NS records in particular tend to have a high TTL.

 

[Lifted]

The SMTP servers in the domains having problems may still have incorrect DNS information cached. NS records in particular tend to have a high TTL.

Probably what happened. You should check the TTL of some mx records for other domains on the name servers which took over your records. They might be set to something like 2 days or more. NS records could be the culprit as well.

In other words, it's a waiting game at this point.

 

[akshatp]

Unless you have specific need for it, you can remove the MX record for mail.[blank].com.

Otherwise, I don't see anything functionally wrong (consider adding an SPF record). The SMTP servers in the domains having problems may still have incorrect DNS information cached. NS records in particular tend to have a high TTL.

Thought about the cached info, but its been 4 days now. Cache should have refreshed by now.

 

[linuxboy]

Ask the sending domain mail admin for what their NS is, so you can query it and check the records it has. Or have the admin do it and provide some diagnostic info. 4 days might not be enough. Also, you forgot to black out the domain if you want to protect your privacy for *.com

 

[akshatp]

Ask the sending domain mail admin for what their NS is, so you can query it and check the records it has. Or have the admin do it and provide some diagnostic info. 4 days might not be enough. Also, you forgot to black out the domain if you want to protect your privacy for l____y.com

D'oh! Thanks.

I already emailed the sending domain admin for his NS... waiting on a response.

Thanks fellas. Looks like everything is set up correctly, and it may just be the cache.

One other thing I thought about, the reverse DNS points to "70-xx-xx-62-BusName-pa.hfc.comcastbusiness.net" instead of l______y.com

Is that an issue?

 

[theevilsharpie]

You'll want to contact Comcast and get them to update their PTR record for your IP(s) with the correct FQDNs.

LOL acronyms

 

[Lifted]

One other thing I thought about, the reverse DNS points to "70-xx-xx-62-BusName-pa.hfc.comcastbusiness.net" instead of l______y.com

Is that an issue?

SMTP doesn't care.

Only retarded postmasters do.

 

[linuxboy]

rDNS is an issue for some blackhole list providers. I have had issues in the past with large orgs using spamhaus and misconfigured rDNSes during migrations. On the admin side of sender, that rDNS failure would be logged in Exchange if the org is using Exchange.

Check out http://mxtoolbox.com/ and check the blackhole and other features.

also http://www.anti-abuse.org/multi-rbl-check/

 

[Lifted]

rDNS is an issue for some blackhole list providers. I have had issues in the past with large orgs using spamhaus and misconfigured rDNSes during migrations. On the admin side of sender, that rDNS failure would be logged in Exchange if the org is using Exchange.
http://www.anti-abuse.org/multi-rbl-check/

retarded postmasters

Basically what I said.

 

[linuxboy]

Yep, I didn't see your post when I started writing. I had this one issue... during a migration and smart host switch... blocked from memory now. Nothing like writing a 3-page doc with a troubleshooting flowchart and evidence for exactly why the issue is not on my end, and how their end can quickly fix it, complete with KB links, only to have it come back to me with "we tried it and the issue is on your end". Yay IT!

edit: sometimes I still miss X400.

 

[akshatp]

From the SMTP Diagnostics tool at mxtoolbox.com:

220 exchange.l______y.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Fri, 14 Sep 2012 02:05:00 -0400
Status Result
OK - 70.xx.xx.62 resolves to 70-xx-xx-62-BusName-pa.hfc.comcastbusiness.net
Warning - Reverse DNS does not match SMTP Banner
Warning - Does not support TLS.
0 seconds - Good on Connection time
OK - Not an open relay.
0.593 seconds - Good on Transaction Time


And it doesnt show up on any blacklists. Leaning more towards a cached entry.