DNS not updating, all hair pulled out

[Micah Anderson]

Ok, I've been doing DNS for a while, but this one is alluding me, I've
pulled out nearly all of my hair trying to figure this out. 

I did update my serial number and I had my TTL set to about one hour. I did
an update to my domain, but even a week+ later there are still a good 25% of
the DNS servers out there who haven't picked up my update.

dig @206.13.28.12 mail.riseup.net

(trimmed)
;; ANSWER SECTION:
mail.riseup.net.        56394   IN      CNAME   riseup.net.

This is NOT right, it should be:

(trimmed)
;; ANSWER SECTION:
mail.riseup.net.        604800  IN      CNAME   mars.riseup.net.
mars.riseup.net.        604800  IN      A       216.162.217.191

The SOAs on these other DNS servers appear to have the serial numbers of the
updated zones, so why do they keep reporting the wrong information?

Even more puzzling is if I add a +trace on the end of dig:

dig @206.13.28.12 mail.riseup.net +trace

(trimmed)

;; Received 114 bytes from 192.5.6.30#53(A.GTLD-SERVERS.net) in 91 ms

mail.riseup.net.        604800  IN      CNAME   mars.riseup.net.
mars.riseup.net.        604800  IN      A       216.162.217.191


It gets the RIGHT stuff, from the same DNS server that reported the wrong
information (without the trace).

I am at my wits end, can someone either hit me with a cluestick, or give me
a pass to go on a rampage?

Thanks
Micah