Mr. O'Driscoll,

Thanks for your thoughtful comment.  I confess that I thought that Edward
Jones or their proxies would send enough email that they would have noticed
by now if they were unable to resolve DNS names correctly.  However,
successful troubleshooting often depends on not taking too much for granted.
When I reach someone with that information, I'll ask what IP address they
were using to try to reach us.



-----Original Message-----
From: mailop [] On Behalf Of Ken O'Driscoll
Sent: Thursday, October 13, 2016 5:31 PM
Subject: Re: [mailop] Edward Jones / Alliance Data / Bigfoot Interactive

Hi Ken,

Have you verified that your secondary can actually resolve their outbound IP
properly? I only say this because your situation reminds me of a very
similar incident many years ago where a legacy firewall rule was assuming
that query ports *had* to be 53.

Just a wild hunch, I still remember the time I spent tracking that one down
so just passing it on!


Ken O'Driscoll / We Monitor Email
+353 1 254 9400 | w:

On Thu, 2016-10-13 at 15:05 -0500, Ken Johnson wrote:
> Contact at Edward Jones or Alliance Data?  A user reports email not
> received, but nothing in my exim logs to show a delivery attempt.
> Edward Jones Technical Assistance confirms the from email addresses
> (nope,
> not in the exim logs) and provided the IP addresses of the sending
> servers
> -- not in the fail2ban log, not in the permanent IP block list.  EJ TA
> says
> 'host not reachable' for 3.5 hours.  On two separate days.  The
> authoritative nameservers for the reverse lookup for the sending servers
> are
> in  (Bigfoot Interactative email services
> acquired
> by Alliance Data in 2005).
> The primary server (10) in the MX record for the destination would have
> been
> down, but the secondary server (20) was up.  If only the first one was
> tried, that would explain it.  EJ TA did not have information on this
> point.
> Ken
