At 4:29 PM -0500 8/14/01, Jeff Folk wrote:
>Hello;
>
>I recently survived an IP address change when my ISP changed upstream
>providers. This was about 10 days ago. Today, the mail servers I administer
>[all SIMS servers] quit receiving mail because of return path errors:
>
>01:14:11 3 SMTP-029(web11004.mail.yahoo.com) Failed to verify. Real address
>is [216.136.131.54:3781]
>01:15:15 3 SMTP-029([216.136.131.54]) Return-Path-A Search Error. Error
>Code=-3162
>01:15:15 3 SMTP-029([216.136.131.54]) Abort Received, reason=1558728
>01:19:01 3 SMTP-030(ancmail03.ancestry.com) Failed to verify. Real address
>is [216.10.103.201:2858]
>01:20:05 3 SMTP-030([216.10.103.201]) Return-Path-A Search Error. Error
>Code=-3162
>01:28:58 3 SMTP-031(juno.com) Failed to get IP addresses. Error Code=-3162
>01:28:58 3 SMTP [S.0000013306] dequeueing
>01:29:44 3 SMTP-032(myfamlsmtp01.myfamilysouth.com) Failed to verify. Real
>address is [63.92.89.123:2442]
>01:30:37 3 SMTP-033(ancmail03.ancestry.com) Failed to verify. Real address
>is [216.10.103.201:1567]
>01:30:48 3 SMTP-032([63.92.89.123]) Return-Path-A Search Error. Error
>Code=-3162
>01:31:41 3 SMTP-033([216.10.103.201]) Return-Path-A Search Error. Error
>Code=-3162
>01:33:15 3 SMTP-034(femail7.sdc1.sfba.home.com) Failed to verify. Real
>address is [24.0.95.87:49989]
>01:34:19 3 SMTP-034([24.0.95.87]) Return-Path-A Search Error. Error
>Code=-3162
>01:36:07 3 SMTP-035(thunderer.nxlkhost.com) Failed to verify. Real address
>is [207.155.252.51:58518]
>01:37:10 0 SYSTEM The current date is Tuesday, August 14, 2001
>01:37:10 3 SMTP-035([207.155.252.51]) Return-Path-A Search Error. Error
>Code=-3162
>
>It doesn't seem that the absence of PTR records for our new IP addresses
>should cause this. We are trying to get the reverse delegation sorted out,
>but what is really going on? In the meantime, I have turned off Verify
>Return Paths to allow mail in.
I suspect that what is REALLY going on is that you are having other
problems. What "Verify Return Paths" does is completely unrelated to
DNS records for your own machine. It simply takes the domain part of
the envelope sender address and checks DNS for an A or MX record. If
that check fails, it indicates that the message is claiming to be
from an unmailable address, so SIMS rejects it. SIMS DOES NOT do any
reverse DNS on anything.
If you know that legitimate mail was rejected, you probably want to
look closer at what happened. If, as it appears, you are only logging
at level 3, you can't tell from your logs. From your description, it
sounds possible that you had some sort of DNS failure, and that seems
to me consistent with the -3162 errors. When you lose access to DNS
service and SIMS is verifying return-paths, it will give a transient
rejection to all incoming mail because it cannot find any names.
Thankfully, SIMS only returns a permanent rejection response when it
gets an actual answer from DNS that there is no such domain.
--
Bill Cole
[EMAIL PROTECTED]
#############################################################
This message is sent to you because you are subscribed to
the mailing list <[EMAIL PROTECTED]>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
