close

Privacy guaranteed - Your email is not shared with anyone.

Bounced emails and DNS

Discussion in 'Tech Talk' started by gwalchmai, Feb 10, 2005.

  1. gwalchmai

    gwalchmai Lucky Member

    Messages:
    27,205
    Likes Received:
    5,635
    Joined:
    Jan 9, 2002
    Location:
    Outside the perimeter
    I am running a 550VPN firewall at an external IP address of x.x.x.2 (internal 192.168.2.1).
    My company's domain name is mycompany.com, with an MX record x.x.x.113. Reverse DNS points back to mail.mycompany.com.

    I then route ports 110 and 25 from x.x.x.113 to our mail server running on 192.168.2.123

    This works fine in most cases, but we seem to be having mail rejected from mail.bellsouth.net and mail.aol.com, and I suspect it may be a DNS issue. The bounces from mail.bellsouth.net send a 452 error "Message rejected", which usually indicates a lack of storage, but I've checked and that's not the case. The AOL bounces send a 554 error. So I suspect these errors are bogus.

    Now, my question to you. If you examine the header on this message it says something like " Received: from pdsvr5 ([x.x.x.2])", which is the 550VPN. pdsvr5 is the netbios name of our mail server setting at 192.168.2.123.

    Would it make more sense to change the MX record to x.x.x.2?

    Do you think this could have anything to do with the AOL and BS bounces?
     
  2. grantglock

    grantglock /dev/null

    Messages:
    219
    Likes Received:
    0
    Joined:
    Feb 20, 2004
    Location:
    Iowa
    what machine is x.x.x.113
     

  3. gwalchmai

    gwalchmai Lucky Member

    Messages:
    27,205
    Likes Received:
    5,635
    Joined:
    Jan 9, 2002
    Location:
    Outside the perimeter
    113 isn't anything. I was just routing it to 123. I fixed the problem by changing the firewall's WAN IP to x.x.x.113. It mad BellSouth and AOL happy.

    Sidenote - troubleshooting this kind of thing by contacting BellSouth's India based residential tech support is not a very satisfying experience. ;Q (The bouncing address was residential)

    I talked to our BS bidness T1 support and told them about it and they just laughed. They don't have much faith in Indian techs, either.

    Anyway, the firewall techs at Multi-Tech once again came through and solved the problem. They're good folks.
     
  4. HerrGlock

    HerrGlock Scouts Out CLM

    Messages:
    23,802
    Likes Received:
    255
    Joined:
    Dec 28, 2000
    Your MX record has nothing to do with this. I have a standard email to send to places that get this error from my side and it explains what is going on. Lemme see if I can dig it up.

    Boiled down, the machine connects to AOL to give it mail (assumption mail.gwalch.com) gives AOL the mail.

    AOL sees mail.gwalch.com with an ip address of x.x.x.25 giving it mail (the NATd address) and does a reverse lookup on x.x.x.25.

    x.x.x.25 comes back with internet.gwalch.com

    These hostnames do not agree so it bounces the mail.

    make sure the ip address of the external email box the rest of the world sees and the reverse lookup match.

    DanH
     
  5. gwalchmai

    gwalchmai Lucky Member

    Messages:
    27,205
    Likes Received:
    5,635
    Joined:
    Jan 9, 2002
    Location:
    Outside the perimeter
    Yep, I think I blundered into it. mail.gwalch.com points to x.x.x.113. Now firewall's address is x.x.x.113, so they match.

    A while ago I was running Exchange Server 5.5 on a machine with (internal) 192.168.2.113, (external) x.x.x.113, so my firewall just passed ports 110 and 25 to the internal machine. Exchange 5.5 got overwhelmed by open relay attacks and M$ stopped suporting/patching it so I had to replace it with another mail server program, which I installed on 192.168.2.123. Rather than updating my DNS I just changed the firewall. I gotta redo the whole thing in a couple months anyway because we're moving and getting all new IPs.
     
  6. G30Jack

    G30Jack .88 Magnum

    Messages:
    2,272
    Likes Received:
    16
    Joined:
    Apr 17, 2002
    Location:
    Shoots through schools
    This sounds eerily familiar...