I hate to tell you, but you have a LOT of learning to do.Yes Scott I allowed recursion for a short time,
If you are correct -- IMail is using a DNS server that only had recursion enabled for a short time -- then you could only send outgoing E-mail for a short period of time. It is *impossible* for IMail to send mail to domains you do not host DNS for if it is not connecting to a recursive DNS server. Impossible.
So either none of your outgoing E-mail is working, or you have IMail hooked up to a recursive DNS server.
What he reminded you is that *unrestricted* recursive DNS (the DNS equivalent of an open relay) can be dangerous.but len conrad reminded me why we implemented it -DOS attacks.
But without *any* recursive DNS, you can't send mail. So there is no option, you *must* have recursive DNS.
Therefore, if you combine my advice (having IMail hooked up to a recursive DNS server), and Len's advice (restricting that recursive DNS server so only your users can use it), you will be able to send mail, and won't have any DNS-related issues.
And this is *exactly* why I say you have a lot to learn.Here is the syslog from a test attempt:20021205 080956 127.0.0.1 SMTP (2512) Trying hotmail.com (0) 20021205 081019 127.0.0.1 SMTP (2512) MX connect fail "64.4.50.71"
This shows that IMail is connected to a recursive DNS server. Probably a broken one or one with a bad cache, but a recursive DNS server. If it was not recursive, IMail would not get any IPs.
Again, this is why you have a lot to learn.Note: before this test I flushed the dns cache, and apparently I am getting stale info.???
If you have a DNS cache, you have recursion enabled. A DNS server that does not allow recursion has no cache. If you are getting stale info, the DNS server allows recursion.
Here, you need to learn some "tricks of the trade" for mailserver admins -- in this case, you need to learn how to use telnet, and the port that SMTP uses. SMTP uses port 25, and with telnet you would typically use "open 65.54.254.129 25". If you see something (such as "220 mail.example.com..."), you've connected to a valid mailserver. If you can't connect, IMail won't be able to either. Note that this procedure *must* be done from the IMail server (doing it from another server will usually use a different IP address, which will affect the results).>From the server, tried to telnet to "open 65.54.254.129" "open 64.4.29.24" with no success.
-Scott
---
Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for IMail. http://www.declude.com
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
