On 3/24/06, Lisa C. Boyd <[EMAIL PROTECTED]> wrote: > Rick DeNatale wrote: > > Try connecting to port 25 with telnet and see what the initial prompt > > says it should be something like > > 220 spunkymail-a5.dreamhost.com ESMTP >
Lisa, Not sure what host this is. It appears to be an internal server. [EMAIL PROTECTED]:~$ dig spunkymail-a5.dreamhost.com .... ;; QUESTION SECTION: ;spunkymail-a5.dreamhost.com. IN A ;; ANSWER SECTION: spunkymail-a5.dreamhost.com. 13946 IN A 10.3.41.85 It looks like your dns is publishing internal 10. addresses to the internet. Note that I'm removing lines from the dig output for brevity. So, assuming that we are talking about the dreamhost.com domain here, let's see what your mx servers are: [EMAIL PROTECTED]:~$ dig -tMX dreamhost.com ,,, ;; QUESTION SECTION: ;dreamhost.com. IN MX ;; ANSWER SECTION: dreamhost.com. 13571 IN MX 0 mx1.looney.mail.dreamhost.net. dreamhost.com. 13571 IN MX 0 mx2.looney.mail.dreamhost.net. So those are the two mail servers that the dns checker is looking at. Let's see what they say: [EMAIL PROTECTED]:~$ telnet mx1.looney.mail.dreamhost.net 25 Trying 66.33.208.143... Connected to mx1.looney.mail.dreamhost.net. Escape character is '^]'. 220 legolas.dreamhost.com ESMTP quit 221 Bye Okay now let's see what legolas.dreamhost.com resolves to: [EMAIL PROTECTED]:~$ dig legolas.dreamhost.com ... ;; QUESTION SECTION: ;legolas.dreamhost.com. IN A ;; ANSWER SECTION: legolas.dreamhost.com. 13706 IN A 66.33.212.10 But telnet said that it was connecting to 66.33.208.143!!! [EMAIL PROTECTED]:~$ dig mx1.looney.mail.dreamhost.net ;; QUESTION SECTION: ;mx1.looney.mail.dreamhost.net. IN A ;; ANSWER SECTION: mx1.looney.mail.dreamhost.net. 5109 IN A 66.33.208.143 Yep, that's what DNS says too. So the server on mx1.looney.mail.dreamhost.net is misconfigured to report that it is legolas.dreamhost.com perhaps it was once but moved. You've got a similar problem with mx2.looney.mail.dreamhost.net reporting that it is gollum.dreamhost.com BAD Smeagol!!!! So if a suspicious client decides to verify the identity of your server, he's going to be confused at best, and wary to talk to you at worst. It's a mail server misconfiguration problem not a DNS problem. -- Rick DeNatale Visit the Project Mercury Wiki Site http://www.mercuryspacecraft.com/ -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
