DNS configuration on our domain
Steve Ingraham
singraham at okcca.net
Tue Sep 12 15:34:23 UTC 2006
I need some help troubleshooting a problem. Sorry for the lengthy
message. I thought it would be better to provide as much information as
possible. I am not sure whether our problem is a DNS problem, a qmail
problem, a spamassassin problem, an exchange 2000 problem or something
totally different. I am starting with posting to this list as I have
had previous DNS problems that have shut down my email delivery in the
past.
At the bottom of this message are the zone configurations for the three
zones that affect email in our domain. The server listed below is
serving as an external DNS server for our domain. I also have (or I
should say, had) two servers on the domain serving as internal DNS
servers. One is a new Windows 2003 server that I just set up a couple
of weeks ago. The other is an older machine running Windows Advanced
Server 2000. I have removed the older Server 2000 from serving as a DNS
server. The reason for this was that the C: drive on that machine is
full (less than 32 mb of free space available). This was causing DNS to
shut down on that server. I have added the Windows 2003 server to the
domain as a DNS server and removed the older server from acting as a DNS
server. Since removing that old server as a DNS server I have not had
any further DNS issues that I am aware of.
Prior to discovering the above mentioned internal DNS problem with the
C: drive I was attempting to troubleshoot why emails were not being
delivered. In doing so I changed the MX setting on the external DNS to
direct email to the Exchange 2000 server (204.87.111.232) instead of to
the qmailtoaster server (204.87.111.225) which is the same server as the
BIND DNS server. I also have a new Exchange 2003 server (MXI2) which
has my personal mailbox on it. Because of the above changes to my BIND
DNS zone settings I am wondering if my BIND DNS configurations below may
be causing some delivery problems for incoming and outgoing email.
Since making these changes I have had some users complain that some
emails that are sent to them from outside the network are not coming
through or that some emails they send out are not being delivered. In
one instance, I had a user who could not send an email to an outside
contact. After exploring that problem with that domain's systems
administrator it was discovered that their spam filters were blocking
email from our domain because our MX (204.87.111.232) server did not
have the same IP address as the DNS (204.87.111.225) server? Below is
the header for a message sent to that administrator after he resolved
the filtering problem and his server began accepting email from our
domain:
Microsoft Mail Internet Headers Version 2.0
Received: from mx1.okhouse.gov ([10.0.0.13]) by MAIL.ohr.lsb.state.ok.us
with Microsoft SMTPSVC(6.0.3790.1830);
Fri, 8 Sep 2006 14:19:11 -0500
Received: from dellapp02.occa.state.ok.us (ns.occa.state.ok.us
[204.87.111.225])
by mx1.okhouse.gov (BorderWare MXtreme Mail Firewall) with
ESMTP id 3276160D1F
for <davidw at okhouse.gov>; Fri, 8 Sep 2006 14:19:10 -0500
(CDT)
Received: (qmail 5259 invoked by uid 507); 8 Sep 2006 19:17:59 -0000
Received: by simscan 1.1.0 ppid: 5239, pid: 5245, t: 1.8778s
scanners: clamav: 0.86.2/m:34/d:1084 spam: 3.0.4
Received: from unknown (HELO MXI.occa.state.ok.us) (204.87.111.232)
by dellapp02.occa.state.ok.us with SMTP; 8 Sep 2006 19:17:57 -0000
Received: from mxi2.occa.state.ok.us ([172.16.254.137]) by
MXI.occa.state.ok.us with Microsoft SMTPSVC(5.0.2195.6713);
Fri, 8 Sep 2006 14:21:28 -0500
Subject: test2
Date: Fri, 8 Sep 2006 14:21:28 -0500
Message-ID: <088EFB279DB2A64688EE22B92FBEABA02933 at mxi2.occa.state.ok.us>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C6D37B.FB8A5281"
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: test2
Content-class: urn:content-classes:message
Thread-Index: AcbTe/uSwb1jKXUKSdmrljDTvRLHlQ==
X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0
From: "Steve Ingraham" <singraham at okcca.net>
To: <davidw at okhouse.gov>
X-OriginalArrivalTime: 08 Sep 2006 19:21:28.0061 (UTC)
FILETIME=[FB80FAD0:01C6D37B]
X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on
dellapp02.occa.state.ok.us
X-Spam-Level:
X-Spam-Status: No, score=-1.6 required=3.0 testsºYES_00,HTML_90_100,
HTML_MESSAGE autolearn=no version=3.0.4
X-STA-Metric: 29 (engine�2)
X-STA-NotSpam: oklahoma from:addr:okcca.net test2 steve 405
X-STA-Spam: <!-->:2**0 header:Message-ID:1 appeals content-type:text/ht
header:MIME-Version:
X-BTI-AntiSpam:
score:0,sta:29/022,dcc:passed,dnsbl:passed,sw:passed,bsn:41/passed,spf:n
one,dk:off,pbmf:accept/399,ipr:0/3,trusted:no,ts:no,ubl:passed
Received-SPF: none
Return-Path: singraham at okcca.net
In another instance, one of my users attempted to use his AOL account
from home last night to send an email to his email account here. A
rejection notice was bounced back to his AOL account with the following
information:
----- The following addresses had permanent fatal errors -----
<lblosser at okcca.net
<javascript:parent.ComposeTo(%22lblosser%40okcca.net%22,%20%22%22);> >
----- Transcript of session follows -----
... while talking to okcca.net.:
>>> DATA
<<< 554 Your email is considered spam (1.00 spam-hits)
554 <lblosser at okcca.net
<javascript:parent.ComposeTo(%22lblosser%40okcca.net%22,%20%22%22);>
>... Service unavailable
Final-Recipient: RFC822; lblosser at okcca.net
<javascript:parent.ComposeTo(%22lblosser%40okcca.net%22,%20%22%22);>
Action: failed
Status: 5.0.0
Remote-MTA: DNS; okcca.net
Diagnostic-Code: SMTP; 554 Your email is considered spam (1.00
spam-hits)
Last-Attempt-Date: Thu, 7 Sep 2006 22:36:05 -0400 (EDT)
Received: from LendellB at aol.com
<javascript:parent.ComposeTo(%22LendellB%40aol.com%22,%20%22%22);>
by imo-m24.mx.aol.com (mail_out_v38_r7.6.) id l.bfd.3d7a3e7 (33856)
for <lblosser at okcca.net
<javascript:parent.ComposeTo(%22lblosser%40okcca.net%22,%20%22%22);> >;
Thu, 7 Sep 2006 22:34:46 -0400 (EDT)
Return-path: <LendellB at aol.com
<javascript:parent.ComposeTo(%22LendellB%40aol.com%22,%20%22%22);> >
From: LendellB at aol.com
<javascript:parent.ComposeTo(%22LendellB%40aol.com%22,%20%22%22);>
Message-ID: <bfd.3d7a3e7.323230c6 at aol.com
<javascript:parent.ComposeTo(%22bfd.3d7a3e7.323230c6%40aol.com%22,%20%22
%22);> >
Date: Thu, 7 Sep 2006 22:34:46 EDT
Subject: Fwd: FW: this attached file is the packet I sent I will have a
official rule...
To: lblosser at okcca.net
<javascript:parent.ComposeTo(%22lblosser%40okcca.net%22,%20%22%22);>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="part1_bfd.3d7a3e7.323230c6_boundary"
X-Mailer: 9.0 Security Edition for Windows sub 5326
X-Spam-Flag: NO
Since changing the MX addresses to the Exchange 2000 machine our spam
has decreased but I am getting sporadic reports like the two examples
above from users that some email is not being properly delivered. Below
are three of our domain zone configurations for our External DNS server
running BIND DNS 9.2.4:
204.87.111.225 is a Dell Power Edge 1850 Server running Redhat
Enterprise Linux AS ver 3, BIND DNS 9.2.4, qmailtoaster ver 1.2,
spamassassin 3.0.4
204.87.111.232 is a Windows Advanced Server 2000 running Exchange 2000
IN occa.state.ok.us
Name Type TTL Values
occa.state.ok.us. NS Default ns
occa.state.ok.us. NS Default ns2
occa.state.ok.us. MX Default 10
204.87.111.232
occa.state.ok.us. A Default
204.87.111.225
localhost.occa.state.ok.us. A Default 127.0.0.1
ns.occa.state.ok.us. A Default 204.87.111.225
ns2.occa.state.ok.us. A Default 204.87.111.226
mxi.occa.state.ok.us. A Default 204.87.111.232
inet1.occa.state.ok.us. A Default 204.87.111.228
mail.occa.state.ok.us. A Default 204.87.111.229
vpn.occa.state.ok.us. A Default 204.87.111.233
www.occa.state.ok.us. CNAME Default inet1
dellapp02.occa.state.ok.us. A Default 204.87.111.225
mxo.occa.state.ok.us. CNAME Default dellapp02
IN mail.occa.state.ok.us
Name Type TTL
Values
mail.occa.state.ok.us. NS Default ns
mail.occa.state.ok.us. NS Default ns2
mail.occa.state.ok.us. MX Default 10
mail
mail.occa.state.ok.us. A Default
204.87.111.225
ns.okcca.net. A Default
204.87.111.225
ns2.mail.occa.state.ok.us. A Default
204.87.111.226
mxgateway.mail.occa.state.ok.us. CNAME Default ns.okcca.net.
mail.mail.occa.state.ok.us. A Default
204.87.111.232
inet1.mail.occa.state.ok.us. A Default
204.87.111.228
mymail.mail.occa.state.ok.us. A Default
204.87.111.232
www.mail.occa.state.ok.us. CNAME Default
inet1.okcca.net.
online.mail.occa.state.ok.us. CNAME Default
inet1.okcca.net.
okcca.net. A
Default 204.87.111.225
IN okcca.net
Name Type TTL
Values
okcca.net. NS Default
ns
okcca.net. NS Default
ns2
mail.occa.state.ok.us. MX Default 10
mail
mail.occa.state.ok.us. A Default
204.87.111.225
ns.okcca.net. A Default
204.87.111.225
ns2.okcca.net. A Default
204.87.111.226
mxgateway.okcca.net. CNAME Default
ns.okcca.net.
mail.okcca.net. A Default
204.87.111.232
inet1.okcca.net. A Default
204.87.111.228
mymail.okcca.net. A Default
204.87.111.232
www.okcca.net. CNAME Default
inet1.okcca.net.
online.okcca.net. CNAME Default
inet1.okcca.net.
okcca.net. A
Default 204.87.111.225
I am not sure whether our mail delivery problems are a DNS issue or not.
I do know that 99% of our mail is delivered without problems. Are there
some DNS zone configurations listed above that should be changed? If
so, I would appreciate some insight on how the IP addresses should be
set up for the various "Types" if I am directing email to the Exchange
2000 server on 204.87.111.232. I have inherited this system and am
trying to understand how DNS, email and spam filtering all work
together. Any assistance would be appreciated.
Thanks,
Steve Ingraham
More information about the bind-users
mailing list