Hi Shaun, Thank you for a helpful response. I am CC'ing the list with this so I can get your response posted there.
Thanks, Ben -----Original Message----- From: Shaun Sturby Sent: Wednesday, November 21, 2012 9:01 AM To: imailad...@bcwebhost.net Subject: RE: [Declude.JunkMail] MX, DNS and other weird stuff Hello Ben, (I get Declude mailing list messages but can't reply for some reason) I used the DNSStuff ISP Cached DNS records tester for mail.bcwebhost.net and all the records came back with the 173.164.65.200 IP EXCEPT for Comcast (NJ) which came back with "mail.bcwebhost.net. 0 IN A 68.87.92.78". Note that this is a very short TTL If you connect to that IP address you will see that the URL changes to 'http://selfinstall1.comcast.com/captiveportal/index.html'. Yet a DNS Cache Check using http://dns.comcast.net/ shows the correct .200 IP address. They did change DNS recently as this announcement shows. Comcast recursive resolver IPs (68.87.64.146, 68.87.64.150, and 68.87.64.196) will no longer be supported after October 12, 2012. If you manually configured any of these IPs on your device, please allow DHCP to update your DNS resolver IP addresses or update manually with 75.75.75.75 and 75.75.76.76. It looks like they intercept all A records to allow them to re-direct people to their management portal. I have seen this done before with ISP's like Telus when you need to register the MAC address of your router with your account but typically this uses a RFC 1918 private IP space and not live IP addresses. This is not the solution to your problem but is additional information to help you when you deal with ComCast. Shaun Sturby Technical Services Manager sh...@optrics.com Optrics Engineering | www.Optrics.com Canada: 6810 - 104 Street, Edmonton, AB, T6H 2L6 TF: 877-463-7638 Fax: 780-432-5630 USA: 1740 S 300 West #10, Clearfield, UT, 84015 TF: 877-386-3763 Fax: 801-705-3150 This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. From: Imail Admin [mailto:imailad...@bcwebhost.net] Sent: Tuesday, November 20, 2012 5:05 PM To: Declude.JunkMail@declude.com Subject: [Declude.JunkMail] MX, DNS and other weird stuff Hi, This is a question about DNS records and MX records and how I'm getting some weird behavior. It's not strictly speaking Declude issue, but I have a lot of respect for the people that used to hang out here and I'm hoping there's someone around who can give me some insights. Original problem: We use Comcast for our upstream provider. A few years ago, when we switched to them from our telecom provider, they told us that their DNS servers would sometimes intercept DNS calls even though we have our own DNS server. This was supposedly because we only rent a small IP subnet from them. At the time, they had us send copies of our zone records to them so that their DNS servers would have the same information as our DNS server. This worked fine until this fall, when we installed a new mail server on a new IP address. Our DNS server, of course, was updated to reflect this change. However, mail sometimes shows up at the old mail server anyway, in a more or less random pattern. It apprears to me that most of the time when people send mail to us, their mail servers correctly getting the IP address resolved by our DNS server. However, about 25% of the time, it appears that the DNS request from those sending mail servers receives an outdated response from some unidentified Comcast DNS server, resulting in the wrong IP address and the mail ends up going to our old mail server. Suppose, for example, that you send a message to imailad...@bcwebhost.net (the address I'm using here, which is a misnomer since our new mail server is running SmarterMail). The MX records for bcwebhost.net points to mail.bcwebhost.net and the A record mail.bcwebhost.net points to our new server IP (ending in .200). So your email should arrive at our new mail server. However, sometimes it will arrive at the old mail server named mail2.bcwebhost.net (IP ending in .193). The old DNS records had the bcwebhost.net MX record pointing to mail2.bcwebhost.net, for which the A record pointed to .193 (the old server). I've been going in circles for about a month with Comcast on this and they don't recall that they're the ones who told me three years ago that they sometimes intercept DNS calls. I was wondering if anyone has any ideas or suggestions on how to track down the errant DNS calls? Second problem: In our new DNS records, I have it set up something like this: two MX records: bcwebhost.net MX mail.bcwebhost.net mail.bcwebhost.net MX mail.bcwebhost.net one A record: mail.bcwebhost.net A (IP.200) Is there any reason I can't have the same name for both an MX and an A record (in this case, mail.bcwebhost.net)? The Comcast people claimed this was wrong and that the MX record should point to an IP address directly instead of a host name (which I'm sure is wrong). They tried to claim that this is the cause of my original problem but even if they're right about this, then it still doesn't explain the original problem. Thanks, Ben --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.