At 10:06 AM -0500 9/23/02, NetHead wrote: >Mark Hartman wrote: > >Yet the mail server that responds to "pecandeluxe.com" has an IP address >>(207.155.252.78) which does not match that list. > >When you say, "the mailserver that responds to 'pecandeluxe.com' has an >IP address...", what query did you use to obtain this? I know if I do a >DIG on the A-record, I get that IP along with several others. If I had to >guess, I'd say these are load-balancers for our web-hosting. I suppose I >can ask them, if I know how you are obtaining that as our "mail server"
What I did was to use telnet to open pecandeluxe.com:25. I then did a lookup of the IP address of the name of the server that responded, did a telnet to it, and got the same server - so I'm reasonably sure that the IP address that I found was the right one. And it's not in the MX list. > >I think that seeing that traceroute is going to be very helpful; it looks >>like something is messed up in your domain definition, and this may be why >>someone along the line thinks that your mail is coming from an unauthorized >>location. > >Okay, you asked for it, here it is... the infamous, "TraceRoute": > >Hop IP Address Host > 1 67.105.93.126 bigbrother.pecandeluxe.com > 2 67.105.93.113 pecandeluxe2.daf.concentric.net > 3 67.105.97.21 pdcc1.daf.concentric.net > 4 207.88.82.17 ge5-0-0.mar1.dallas-tx.us.xo.net > 5 65.106.4.141 p5-1-0-0.rar1.dallas-tx.us.xo.net > 6 64.220.0.149 ge1-0.edge1.dal-tx.us.xo.net > 7 64.3.0.130 * > 8 4.24.8.197 p8-2.crtntx1-br2.bbnplanet.net > 9 4.24.10.113 p15-0.crtntx1-br1.bbnplanet.net > 10 4.24.10.214 p9-0.iplvin1-br2.bbnplanet.net > 11 4.24.10.181 p13-0.phlapa1-br1.bbnplanet.net > 12 195.16.175.250 p7-0.london2-cr3.bbnplanet.net > 13 212.133.109.22 * > 14 195.16.160.170 p7-0.londen3-cr4.bbnplanet.net > 15 195.16.175.213 p4-0-0.mnchen1-cr1.bbnplanet.net > 16 212.133.7.6 h0.legend.bbnplanet.net > 17 212.69.228.174 boxer.core.legend.net.uk > >If you guys see something here, you've got two isp's beat! (not that that >would REALLY surprise me!) > >I think you are onto something with the DNS stuff. I'm not sure what, but >perhaps if we pursue this line, something will turn up. ...And I've confirmed that that's the SIMS machine. Doug, at this point the best thing to do IMO would be to install telnet on the SIMS machine, and try a manual POP session with the remote machine, and then send us the transcript of that session. (If you don't know how to do that, send me an e-mail offline and I'll run you through it.) We _will_ get this solved. ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
