> First, DNS reports they two mail servers - They are pps1.tyson.com > and pps2.tyson.com and both have the same priority - 10. One should > have a priority of 10 and the other another priority level.
Nonsense. It's perfectly acceptable to have two MXs of the same priority. Are you going after GMail next? > Both mail servers have the proper REVERSE DNS entries setup: The MXs' Reverse DNS has nothing to do with delivery to the MXs. > There also appears to be a DNS server issue here. While they have > four DNS servers listed, it appears that at least two of them point > to the same physical DNS server. [a] you don't know that for sure (DNSReport is uncertain), and [b] it doesn't matter. It is perfectly acceptable to have two physical DNS boxes, each of which is on two different networks for fault tolerance, rather than wasting your money and time on having four physical boxes. Having 2 NS x 2 ISP is more resilient than 4 NS x 1 ISP. But either way, their theoretical resilience doesn't matter. Their MX records resolve just fine. > This is not an uncommon problem and recently happened > when the State of Illinois changed circuit providers and had to re-do their > IP addressing - they pointed all four of their DNS addresses at the same > server, it went down, and no one could send or receive e-mail for two days. Yeah, well, that's all four at the same physical server. This is, at worst, 2 x 2. Off-topic. [Though any DNS admin who can't bring up a new DNS with a few crucial records -- even if someone else was stupid enough to not keep a full zone backup -- in less than two days is an idiot. Sounds like a personnel issue.] > Even though they have four DNS servers, older versions of Microsoft > server DNS software frequently have problems querying beyond the > primary DNS servers. FUD. And off-topic. > Additionally, when queried in DNSREPORT.COM, the mail servers names > don't match what's in the DNS records, but appear as: > intlpp01.tyson.dmz and intlpp02.tyson.dmz. These are minor configuration errors. They use the .DMZ TLD for internal addresses and they haven't thought to put a valid TLD in the 220 banner. That's not going to cause any problems delivering to these servers (while it will cause problems if these servers use the private TLD in their HELOs when sending outbound mail -- the opposite direction). > Both of those names are non-existant in the host record names and, > therefore, cannot receive mail for tyson.com. You're way outside of your expertise. The 220 hostname cannot predict the MX's serviced domains. > The network admins at tyson.com have several issues they need to > clean up before they can expect messages to be properly received > from other mail servers. You missed the point. The point is across multiple runs, DNSReport finds sporadic timeouts connecting to their mail servers. This suggests maybe misconfiguration of local routing/load-balancing hardware, maybe ISP-side route flapping/outages. That corresponds with the OP's logs. --Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/ http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
