On Tue, Apr 25, 2023 at 12:24:04PM -0400, Alex via Postfix-users wrote:
> Hi, I realize this is probably one of the most frequently asked questions,
> but I really can't figure out why this was rejected.
>
> Apr 25 12:06:01 petra postfix-226/smtpd[592344]: NOQUEUE: reject: RCPT from
> mail.email.eurobank.rs[195.242.76.237]: 450 4.1.8 <u...@eurobank-direktna.rs>:
> Sender address rejected: Domain not found; from=<
> obaveste...@eurobank-direktna.rs> to=<mi...@example.com> proto=ESMTP helo=<
> mail.email.eurobank-direktna.rs>
>
> What am I missing? eurobank-direktna.rs and mail.email.eurobank-direktna.rs
> both have forward and reverse DNS entries.
>
> I thought maybe it just didn't resolve properly at the time the email was
> received, but it's been happening for hours.
See:
https://dnsviz.net/d/eurobank-direktna.rs/ZEgBpw/dnssec/
The most obvious problem is that the delegation NS (parent zone) records
for the domain don't agree with the authoritative NS (child zone) records.
; Delegation NS
eurobank-direktna.rs. IN NS ns1.eurobank.rs. ; AD=0
eurobank-direktna.rs. IN NS ns2.eurobank.rs. ; AD=0
eurobank-direktna.rs. IN NS ns3.eurobank.rs. ; AD=0
; Authoritative NS
eurobank-direktna.rs. IN NS bgdit01edns01.eurobank.rs.
The latter host does not exist:
; <<>> DiG 9.18.7 <<>> -t a bgdit01edns01.eurobank.rs.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19772
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1400
;; QUESTION SECTION:
;bgdit01edns01.eurobank.rs. IN A
Once BIND learns the authoritative NS, the domain is bricked until that
data times out.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
