Re: Is Hotmail in the habit of ignoring MX records?

Lou Katz Thu, 26 Jul 2012 01:37:52 -0700

On Thu, Jul 26, 2012 at 02:38:31AM -0500, Jimmy Hess wrote:
> On 7/26/12, Lou Katz <l...@metron.com> wrote:
> > One of my users has reported incoming mail failures, which I finally
> > tracked down. It turned out that Hotmail has seen fit to send the mail
> > to his domain's A record machine, despite the fact that he has valid MX
> > records.
> 
> You looked in the mail headers and saw hotmail's mail server do that,
> or the From address/return path just happens to be hotmail?
> I would ask for a specific example of a domain name in which that
> seems to happen, and  exact DNS zone contents.
> 
> I am sure that Hotmail does not  ignore MX in general,  unless they
> just broke something; many domains require MX processing and A record
> to properly be ignored for mail to be accepted.    But there may be
> something else going on with a specific domain or   DNS
> queries/responses from its nameservers,  that results in MX being
> ignored or unavailable,  resulting in a fallback to 'lookup A'.
> 
> An example could be some dns issue such  as slow response to MX query,
>  'MX to a CNAME',  'MX to an invalid label that looks like an IP',  MX
> DNS response packet too large,
>  ....
> 
> 
> --
> -JH


Unfortunately, all I get from my user is a snippet, and it took me a while
to realize that I had to look at the mail logs of my web server, not my
mail server, to find the transaction. The domain is cookephoto.com - and
here is my zone file:

plaid# dig cookephoto.com any

; <<>> DiG 9.3.3 <<>> cookephoto.com any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55698
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 8

;; QUESTION SECTION:
;cookephoto.com.                        IN      ANY

;; ANSWER SECTION:
cookephoto.com.         172800  IN      SOA     ns.metron.com. 
hostmeister.metron.com. 2012011900 21600 3600 345600 345600
cookephoto.com.         172800  IN      NS      ns2.metron.com.
cookephoto.com.         172800  IN      NS      ns1.metron.com.
cookephoto.com.         172800  IN      NS      ns3.metron.com.
cookephoto.com.         172800  IN      MX      12 mail2.metron.com.
cookephoto.com.         172800  IN      MX      15 mail.katz.com.
cookephoto.com.         172800  IN      MX      10 mail.metron.com.
cookephoto.com.         172800  IN      A       192.160.193.89

;; ADDITIONAL SECTION:
ns1.metron.com.         3600    IN      A       192.160.193.34
ns2.metron.com.         3600    IN      A       209.204.189.89
ns2.metron.com.         3600    IN      AAAA    2001:470:838d::89
ns3.metron.com.         3600    IN      A       192.160.193.55
ns3.metron.com.         3600    IN      AAAA    2001:470:838d::55
mail.metron.com.        3600    IN      A       192.160.193.14
mail2.metron.com.       3600    IN      A       209.204.189.91
mail.katz.com.          28800   IN      A       192.160.193.14


and here is the maillog for the transaction, slightly redacted:

Jul 25 13:13:07 plaid sm-mta[5121]: NOQUEUE: connect from 
blu0-omc2-s2.blu0.hotmail.com [65.55.111.77]
Jul 25 13:13:07 plaid sm-mta[5121]: q6PKD7bH005121: --- 220 plaid.metron.com 
ESMTP Sendmail 8.13.8/8.13.8; Wed, 25 Jul 2012 13:13:07 -0700 (PDT)
Jul 25 13:13:07 plaid sm-mta[5121]: q6PKD7bH005121: <-- EHLO 
blu0-omc2-s2.blu0.hotmail.com
Jul 25 13:13:07 plaid sm-mta[5121]: q6PKD7bH005121: --- 250-plaid.metron.com 
Hello blu0-omc2-s2.blu0.hotmail.com [65.55.111.77], pleased to meet you
Jul 25 13:13:07 plaid sm-mta[5121]: q6PKD7bH005121: <-- MAIL 
FROM:<xxxxxxxxx...@hotmail.com>
Jul 25 13:13:07 plaid sm-mta[5121]: q6PKD7bH005121: --- 250 2.1.0 
<xxxxxxxxx...@hotmail.com>... Sender ok
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: <-- RCPT 
TO:<xx...@cookephoto.com>
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: --- 550 5.7.1 
<xx...@cookephoto.com>... Relaying denied
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: ruleset=check_rcpt, 
arg1=<xx...@cookephoto.com>, relay=blu0-omc2-s2.blu0.hotmail.com 
[65.55.111.77], reject=550 5.7.1 <xx...@cookephoto.com>... Relaying denied
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: <-- RSET
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: --- 250 2.0.0 Reset state
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: 
from=<xxxxxxxxx...@hotmail.com>, size=0, class=0, nrcpts=0, proto=ESMTP, 
daemon=IPv4,
relay=blu0-omc2-s2.blu0.hotmail.com [65.55.111.77]
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bI005121: <-- QUIT
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bI005121: --- 221 2.0.0 
plaid.metron.com closing connection


The 5.7.1 relaying denied is correct, since the webserver does not accept mail 
for the website domains.

At the time of the transaction, nothing special was happening here, and other 
mail was flowing quite nicely into
the mail server. Other Hotmail servers were sending to other recipients here 
through the regular mailserver OK.


Thanks for looking at it.

-=[L]=-

Re: Is Hotmail in the habit of ignoring MX records?

Reply via email to