Legend. Send me your address for as case of beer :)
Simon :) On 02/12/2013 15:27, Marcus Taylor wrote: > Hi, > > On 02/12/13 15:11, Simon Green wrote: > > > SMTP error from remote mail server after initial connection: host > > mx.bt.lon5.cpcloud.co.uk [65.20.0.49]: 421 > > smtpin41.bt.ext.cpcloud.co.uk Service not available - no PTR record > > for 134.0.22.242: retry timeout exceeded > > We hit a similar problem with Critical Path [cpcloud.co.uk] - it was > found that their DNS lookup would be in uppercase and a bug in a Cisco > ASA firewall in the path was dropping the request. > > Not sure if this is a similar issue. > > > > $ dig +short -x 134.0.22.242 > > > shared4.wirehive.net. > > Confirmed: > > marcus@marcus-laptop ~ $ host 134.0.22.242 > 242.22.0.134.in-addr.arpa domain name pointer shared4.wirehive.net. > > > Perhaps BT have recently changed something that they check against > > and it's a badly trapped error?! > > Snip from discussions with Critical Path: > > > Your email was forwarded to us to research and help resolve. > We (Critical Path) run the mail servers that handle the inbound traffic to > btinternet.com / btopenworld.com / talk21.com > We have also recently taken over handling mail to > [email protected] > - so if you have problems in the future you should find that email to that > address gets to us. > > When we do a reverse DNS check to find the PTR we look up like this > 4.234.66.195.IN-ADDR.ARPA this is a valid and common way of checking - > with > the domain name in uppercase. > > A while ago CISCO released an update to their IOS firmware that > introduced a > bug. As a consequence, it no longer accepted PTR lookups that used > uppercase > alphabetic characters. > They have subsequently fixed this and have issued updates (e.g. in ASA > 9.0(3) in July 2013) - but the users of their equipment might not have > implemented it yet. > > So, if you (or your partners) are using CISCO equipment then there is > a good > chance that this is the cause of the problem. > > The CISCO bug reference for the ASA 9.x dropping case sensitive DNS PTR > requests is CSCud64817: > http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fet > chBugDetails&bugId=CSCud64817&Submit=Search > (but will need a CISCO account to access that) > > Cisco list it as fixed in versions: > 9.0(3) > 9.0(2.10) > 100.9(0.19)M > 100.8(50.12)M > 100.8(34.1)M > 100.8(27.30)M > 100.8(38.4)M > 100.9(4.1)M > 100.9(9.1)M > 9.0(2.100) > > > You can see the problem by using a DNS lookup tool - e.g. using "dig" in > Linux shows: > dig 4.234.66.195.in-addr.arpa PTR +short > gold.linx.net. > but > dig 4.234.66.195.IN-ADDR.ARPA PTR > connection timed out; no servers could be reached > > > Paul Webster > Critical Path > http://www.cp.net > > Hope this helps.... > >
signature.asc
Description: OpenPGP digital signature
