|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
RE: [PLUG] BIND zone oddity causing SendMail 451 Name server timeout errors?
|
--> > Recently needed to rush add another domain to host their
--> email (and DNS).
--> > Many annoying and weird things happening with email to and
--> from this new
--> > (temporarily) hosted domain, one being _some_ servers sending
--> to it get
--> > error "451 example.com: Name server timeout".
-->
--> Are the servers that are getting such errors using someone else's DNS?
--> Who's authoritative for hostedexample.com? Perhaps control has not
--> (yet?) passed to you and the previous hosts DNS server is no longer
--> available.
ns1.example.com (and ns2 and ns3) are authoritative for example.com and
hostedexample.com
Initial DNS setup 'bout 10 days prior to email. Today dropped the refresh
time way down so current and future changes might take effect faster.
--> > Question: I know many mailserver do reverse lookups on
--> incoming email to
--> > thwart spam, but do they also do it as part of the outgoing
--> mail DNS lookup?
-->
--> I can't imagine why they would.
Yeah, got the same answer for some others too, didn't think so but needed to
confirm. Noticed today that the higher MX priority host, one of the ISP's
boxes, was not there anymore - very remotely wondering if this would cause
timeouts or weirdness for the sending MTA on doing DNS lookups.
--> > Question: Is there a better way I should structure my DNS to smooth
--> > everything out?
--> >
--> > For example would I be better server to have hostedexample.com's MX be
--> > email.example.com. instead of email.hostedexample.com.? Should I just
--> > dedicate an additional IP address on the mail server for
--> > email.hostedexample.com. so it can have it's own reverse lookup and be
--> > totally separate? The reason I did it this way was to try to
--> avoid having
--> > hostedexample.com's email's headers show example.com.
-->
--> If you want to hide example.com, I would assign separate IP address(es)
--> for hostedexample.com services and run separate daemon's on those
--> interfaces. Otherwise, you're liable to reveal it as part of either
--> incoming or outgoing mail, or both.
-->
--> George
Yeah, gonna move it all over to it it's own IP on the mail server this
weekend; just got the PTR setup from the ISP. Thanks.
Still don't understand why there is at least one company (gtcr.com) who
can't send, or gets hours long delays sending to hostedexample.com - while
no domains have trouble sending to example.com. The differences as far as I
can tell is (1) DNS, and (2) internal 'relaying' from one domain to the
other within the mailserver.
- Zake
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|