SMTP Servers and Reverse DNS Lookup
I was having problems sending mail to an organisation and eventually worked out that the host name and reverse dns entry did not match and therefore mail transfer was refused: ------- 220 mail.xxxbar.co.nz ESMTP NetIQ MailMarshal (v5.5.5.8) Ready ehlo hellmouth.oaxxxsystems.co.nz 554 No SMTP service here ------- As soon as I corrected my server to use the correct host name to match the reverse (vampire.oaxxxsystems.co.nz) then mail was allowed to go through. I would assume this was a recent change by the receiving organisation as I have not had problems sending them emails before. Is this sort of configuration becoming standard for organistions? I would expect that may create problems for smaller organisations sending email directly from their in-house hosted mail server for which they have no control over reverse-dns entries. -- Regards, Regan
The RFC's say you cannot reject on the HELO/EHLO so their mail server is Quite Broken. Thanks Craig
-----Original Message----- From: Regan Murphy [mailto:regan.murphy(a)oasystems.co.nz] Sent: Tuesday, June 15, 2004 2:02 PM To: nznog Subject: [nznog] SMTP Servers and Reverse DNS Lookup
I was having problems sending mail to an organisation and eventually worked out that the host name and reverse dns entry did not match and therefore mail transfer was refused:
------- 220 mail.xxxbar.co.nz ESMTP NetIQ MailMarshal (v5.5.5.8) Ready ehlo hellmouth.oaxxxsystems.co.nz 554 No SMTP service here -------
As soon as I corrected my server to use the correct host name to match the reverse (vampire.oaxxxsystems.co.nz) then mail was allowed to go through. I would assume this was a recent change by the receiving organisation as I have not had problems sending them emails before. Is this sort of configuration becoming standard for organistions? I would expect that may create problems for smaller organisations sending email directly from their in-house hosted mail server for which they have no control over reverse-dns entries.
-- Regards, Regan
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
Being on helpdesk, I have noticed this quite a bit lately, a number of ISP's reject mail if you have multiple PTR records for your IP and they resolve incorrectly. Barry -----Original Message----- From: Craig Whitmore [mailto:lennon(a)orcon.net.nz] Sent: Tuesday, 15 June 2004 2:04 p.m. To: 'Regan Murphy'; 'nznog' Subject: RE: [nznog] SMTP Servers and Reverse DNS Lookup The RFC's say you cannot reject on the HELO/EHLO so their mail server is Quite Broken. Thanks Craig
-----Original Message----- From: Regan Murphy [mailto:regan.murphy(a)oasystems.co.nz] Sent: Tuesday, June 15, 2004 2:02 PM To: nznog Subject: [nznog] SMTP Servers and Reverse DNS Lookup
I was having problems sending mail to an organisation and eventually worked out that the host name and reverse dns entry did not match and therefore mail transfer was refused:
------- 220 mail.xxxbar.co.nz ESMTP NetIQ MailMarshal (v5.5.5.8) Ready ehlo hellmouth.oaxxxsystems.co.nz 554 No SMTP service here -------
As soon as I corrected my server to use the correct host name to match
the reverse (vampire.oaxxxsystems.co.nz) then mail was allowed to go through. I would assume this was a recent change by the receiving organisation as I have not had problems sending them emails before. Is this sort of configuration becoming standard for organistions? I would expect that may create problems for smaller organisations sending email directly from their in-house hosted mail server for which they have no control over reverse-dns entries.
-- Regards, Regan
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
Telstra Big Pond will reject your mail if your reverse and forward do not match. I found about 6 months ago that turning on this feature cut about 10% more spam, but it also cut a large number of NZ companies as well, like, Westpac, Computerland and several other big ones. -----Original Message----- From: Regan Murphy [mailto:regan.murphy(a)oasystems.co.nz] Sent: Tuesday, 15 June 2004 2:02 p.m. To: nznog Subject: [nznog] SMTP Servers and Reverse DNS Lookup I was having problems sending mail to an organisation and eventually worked out that the host name and reverse dns entry did not match and therefore mail transfer was refused: ------- 220 mail.xxxbar.co.nz ESMTP NetIQ MailMarshal (v5.5.5.8) Ready ehlo hellmouth.oaxxxsystems.co.nz 554 No SMTP service here ------- As soon as I corrected my server to use the correct host name to match the reverse (vampire.oaxxxsystems.co.nz) then mail was allowed to go through. I would assume this was a recent change by the receiving organisation as I have not had problems sending them emails before. Is this sort of configuration becoming standard for organistions? I would expect that may create problems for smaller organisations sending email directly from their in-house hosted mail server for which they have no control over reverse-dns entries. -- Regards, Regan _______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
Regan Murphy wrote:
Is this sort of configuration becoming standard for organistions?
Some admins think it's BOFH to do stuff like that, in the mistaken belief that it's RFC-compliant. It's a bit like fundamentalists interpreting various religious scriptures, but if they want to drop legitimate email, their choice I say. -- Juha
Here is an example for a company that **should** know better - [root(a)storm root]# dig computerland.co.nz mx ; <<>> DiG 9.2.1 <<>> computerland.co.nz mx ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15150 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;computerland.co.nz. IN MX ;; ANSWER SECTION: computerland.co.nz. 86400 IN MX 5 smtp.computerland.co.nz. computerland.co.nz. 86400 IN MX 10 mta.xtra.co.nz. ;; AUTHORITY SECTION: computerland.co.nz. 86400 IN NS alien.xtra.co.nz. computerland.co.nz. 86400 IN NS terminator.xtra.co.nz. ;; ADDITIONAL SECTION: smtp.computerland.co.nz. 86400 IN A 203.167.229.7 ;; Query time: 297 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Jun 15 15:00:23 2004 ;; MSG SIZE rcvd: 143 [root(a)storm root]# dig -x 203.167.229.7 ; <<>> DiG 9.2.1 <<>> -x 203.167.229.7 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61325 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;7.229.167.203.in-addr.arpa. IN PTR ;; AUTHORITY SECTION: 229.167.203.in-addr.arpa. 1800 IN SOA dns1.clear.net.nz. hostmaster.clear.net.nz. 2004051709 10800 3600 604800 1800 ;; Query time: 30 msec ;; SERVER: 203.98.6.51#53(203.98.6.51) ;; WHEN: Tue Jun 15 15:00:38 2004 ;; MSG SIZE rcvd: 108 [root(a)storm root]# -----Original Message----- From: Juha Saarinen [mailto:juha(a)saarinen.org] Sent: Tuesday, 15 June 2004 2:56 p.m. To: Regan Murphy Cc: nznog Subject: Re: [nznog] SMTP Servers and Reverse DNS Lookup Regan Murphy wrote:
Is this sort of configuration becoming standard for organistions?
Some admins think it's BOFH to do stuff like that, in the mistaken belief that it's RFC-compliant. It's a bit like fundamentalists interpreting various religious scriptures, but if they want to drop legitimate email, their choice I say. -- Juha _______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
participants (5)
-
Barry Murphy -
Craig Whitmore -
Juha Saarinen -
Regan Murphy -
Tony Wicks