[Cialug] Hostname issue

Dave Weis djweis at sjdjweis.com
Tue Nov 25 10:32:38 CST 2014


If you made a venn diagram of people with design skills and people that
should be allowed to touch DNS, the circles would not touch.



On Tue, Nov 25, 2014 at 10:19 AM, David Champion <dchamp1337 at gmail.com>
wrote:

> Some people shouldn't be allowed to touch DNS.
>
> -dc
>
> On Tue, Nov 25, 2014 at 10:11 AM, Josh More <jmore at starmind.org> wrote:
>
> > That didn't happen when I tried a -x earlier, though it is happening
> > now.  However, this is also happening:
> >
> > $ dig mail2.gilstermarylee.com
> >
> > ;; QUESTION SECTION:
> > ;mail2.gilstermarylee.com.    IN    A
> >
> > ;; ANSWER SECTION:
> > mail2.gilstermarylee.com. 6159    IN    A    216.138.60.195
> >
> >
> > So there's that issue too.
> >
> >
> > I say to nuke the zone file from orbit.  It's the only way to be sure.
>  ;)
> >
> >
> > (Or you could fix the forward lookup for mail2.glistermarylee.com ...
> > whatever.)
> >
> >
> >
> > On Tue, Nov 25, 2014 at 10:02 AM, David Champion <dchamp1337 at gmail.com>
> > wrote:
> > > Dude, the PTR isn't the problem.
> > >
> > > $ dig -x 66.186.99.236
> > >
> > > ...
> > >
> > > ;; QUESTION SECTION:
> > > ;236.99.186.66.in-addr.arpa.    IN      PTR
> > >
> > > ;; ANSWER SECTION:
> > > 236.99.186.66.in-addr.arpa. 85405 IN    PTR
> mail2.gilstermarylee.com
> > .
> > >
> > > ;; AUTHORITY SECTION:
> > > 99.186.66.in-addr.arpa. 85405   IN      NS      ns2.clearwave.com.
> > > 99.186.66.in-addr.arpa. 85405   IN      NS      ns1.clearwave.com.
> > >
> > > ;; ADDITIONAL SECTION:
> > > ns1.clearwave.com.      171805  IN      A       199.30.61.2
> > > ns2.clearwave.com.      171805  IN      A       199.30.63.2
> > >
> > >
> > > ...
> > >
> > > -dc
> > >
> > >
> > > On Tue, Nov 25, 2014 at 9:56 AM, Josh More <jmore at starmind.org> wrote:
> > >
> > >> $ dig barracuda.gilstermarylee.com MX
> > >>
> > >> On my system, this shows no DNS entry for
> barracuda.gilstermarylee.com
> > >>
> > >> The fallback SMTP host (A record) points to 75.149.203.77
> > >>
> > >> A reverse on 75.149.203.77 points to visionitnow.com, which doesn't
> > >> match the forward.
> > >>
> > >> As Jonathan points out, a reverse on 66.186.99.236 isn't set up.
> > >>
> > >> There is also no SPF or DOMAINKEYS entry for 66.186.99.236
> > >>
> > >> So, the problem is that the receiving mail server doesn't think you're
> > >> a legitimate sender (don't blame it, I wouldn't either).
> > >>
> > >> To fix it:
> > >>
> > >> 1) Add an MX record for barracuda.gilstermarylee.com that points to
> > >> the barracuda devices's external interface, which is probably
> > >> 66.186.99.236.
> > >> 2) Add a TXT record for barracuda.gilstermarylee.com that lists the
> > >> SPF rules.  (http://www.spfwizard.net/ can be helpful here)
> > >> 3) Consider a TXT record for DOMAINKEYS. This isn't so important these
> > >> days, but you might as well look into it.  (
> > >> https://www.socketlabs.com/domainkey-dkim-generation-wizard/ may
> help)
> > >> 4) Review the A record for barracuda.gilstermarylee.com and see if
> you
> > >> really want it pointing to 75.149.203.77.  I think this is a wildcard
> > >> and probably not what you want.  Odds are, it should be set to the
> > >> same as the MX record in step 1.
> > >> 5) Recognize that SMTP sucks and it shouldn't take 15 years of
> > >> routing, SMTP and DNS experience just to set up a freaking server.
> > >> Outsource your email to someone else and wash your hands of the whole
> > >> stinking mess of it.
> > >>
> > >> -Josh
> > >>
> > >>
> > >> On Tue, Nov 25, 2014 at 9:46 AM, Jonathan A. Kollasch
> > >> <jakllsch at kollasch.net> wrote:
> > >> > On Tue, Nov 25, 2014 at 09:38:09AM -0600, L. V. Lammert wrote:
> > >> >> Trying to assist a friend in fixing an issue with their email
> > system, ..
> > >> >> they appears to be using a Barracuda appliance (per hostname), yet
> it
> > >> >> appears to not be sending a valid hostname:
> > >> >>
> > >> >> ================
> > >> >>
> > >> >> Nov 23 03:38:37 mx2 postfix/smtpd[5951]: NOQUEUE: reject: RCPT from
> > >> >> unknown[66.186.99.236]: 450 Client host rejected: cannot find your
> > >> >> hostname, [66.186.99.236]; from=<rhayden at gilstermarylee.com>
> > >> >> to=<lvl at omnitec.net> proto=ESMTP helo=<
> barracuda.gilstermarylee.com>
> > >> >>
> > >> >> ================
> > >> >>
> > >> >> I do know they are switching providers, but I do not think that
> would
> > >> >> affect the issue. Any suggestion on how to troubleshoot this
> problem?
> > >> >
> > >> > This sounds like 66.186.99.236 doesn't have reverse DNS records.
> > >> >
> > >> >         Jonathan Kollasch
> > >> > _______________________________________________
> > >> > Cialug mailing list
> > >> > Cialug at cialug.org
> > >> > http://cialug.org/mailman/listinfo/cialug
> > >> _______________________________________________
> > >> Cialug mailing list
> > >> Cialug at cialug.org
> > >> http://cialug.org/mailman/listinfo/cialug
> > >>
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > http://cialug.org/mailman/listinfo/cialug
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>


More information about the Cialug mailing list