|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Incorrect 'relay denied' messages
From: /dev/rob0 (rob0
gmx.co.uk)
Date: Mon Nov 28 2005 - 21:20:42 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Monday 2005-November-28 13:37, Wietse Venema wrote:
> mrsfguygmail.com:
> > > > ====
> > > > <userearthlink.net>: host earthlink.net[209.86.93.201] said:
> > > > 550-EarthLink does not recognize your computer
> > > > (ww.xx.yy.zz) as connecting from an EarthLink connection. If
> > > > this is in error, please contact technical support. 550
> > > > relaying to <userearthlink.net> prohibited by administrator
> > > > (in reply to RCPT TO command) ====
> > >
> > > earthlink.net is not listed as an MX host for earthlink.net.
And the other error was mindspring.com ... the same ISP.
> > > Perhaps your resolv.conf file is pointing at the crappy DNS
> > > server in your access router. Those are perhaps OK for surfing
> > > the web but not for email.
> >
> > Ugh.
> >
> > Well, the 'crappy' DNS server in question is our own BIND 9.2.2
> > server, running on the same box as the mail server, which must be
> > used first for lookups in order to ensure proper LDAP server
> > function. I guess a trip to the BIND manual is in order to figure
> > out how to force BIND to report MX records properly?
> >
> > I assume that was the gist of your reply?
>
> Something is telling Postfix that the MX record does not exist (as
> opposed to: the lookup timed out, or the lookup produced no reply)
>
> Postfix will then deliver to the A record as required by the RFC.
>
> It is possible that your shiny BIND server is getting the data from
> a crappy intermediate DNS server.
That would be my guess.
I would use dig(1) from your Postfix/BIND server on both domains, and
compare what you get with dig from elsewhere. If you don't have shell
access elsewhere there are online DNS tools which can help. If you can
check from an Earthlink/mindspring account too, that might be
interesting.
The theory in the above is that Earthlink/mindspring NS is using views
for internal and external clients, and you have somehow been identified
as an internal client there, but the SMTP submission agent thinks you
are external.
I think you might have to call Earthlink ... good luck with that :(
You'll have a significant challenge in finding someone on the phone who
can help with a problem like this.
Another thought: don't use forwarders. Your root zone should be "type
hints;". This is generally the default in most BIND distributions.
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]