Frontiernet.net claims my MX records are invalid.

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Mon Jan 5 20:09:38 UTC 2004 

Wayne Hahn <wayne at hamilton.net> wrote:
> Hi All,

> I hope someone could take a moment and look at my dns. I am unable to email
> to frontiernet.net or any of there domains. When I called and finally got a
> hold of someone in there NOC after 10 days. They told me the reason they are
> rejecting my mail is because I have invalid MX or A records. Here is a snip
> of my DNS records if someone sees what the problem is please tell me because
> I don't have a problem emailing anyone else. I know I have two a records for
> 208.6.238.6 but I don't think that should break my MX records. I also
> noticed when I ran tcpdump when trouble shooting that I would get a (admin
> prohibited filter) message after I sent a reply message to there DNS server
> for the MX request message not sure if this is related but it seemed
> strange.

> $TTL 86400
> ;
> @       IN      SOA     dns1.hamilton.net. hostmaster.hamilton.net. (
>                         2003100109
>                         7200
>                         3600
>                         604800
>                         86400 )
> ;nameservers
>                         IN      NS              dns1.hamilton.net.
>                         IN      NS              dns2.hamilton.net.
> ;
> ;mailservers
> ;
>                         IN      MX      10      smtp1.hamilton.net.
>                         IN      MX      20      smtp2.hamilton.net.
> ;
> ;machines
> ;
> localhost               IN      A               127.0.0.1
> @                       IN      A               208.6.238.5
> author                  IN      A               208.6.238.3
> mail                    IN      A               208.6.238.4
>                         IN      MX      10      smtp1.hamilton.net.
> smtp1                   IN      A               208.6.238.14
> www                     IN      A               208.6.238.5
> dns3                    IN      A               208.6.238.2
> dns1                    IN      A               208.6.238.3
> gate                    IN      A               208.6.238.4
> dns2                    IN      A               208.6.238.6
> smtp2                   IN      A               208.6.238.6

> -------------------------------------------------------------
> 20:44:57.733982 resolve02.roc.ny.frontiernet.net.32771 >
> dns1.hamilton.net.domain: [udp sum ok]  7564 [1au] MX? hamilton.net. (41)
> (DF) (ttl 39, id 0, len 69)
> 20:44:57.734102 dns1.hamilton.net.domain >
> resolve02.roc.ny.frontiernet.net.32771:  7564*- 2/2/5 hamilton.net. MX
> smtp2.hamilton.net. 20, hamilton.net. (187) (ttl 64, id 23920, len 215)
> 20:44:57.734473 i80.hamilton.net > dns1.hamilton.net: icmp: host
> resolve02.roc.ny.frontiernet.net unreachable - admin prohibited filter (ttl
> 255, id 27540, len 56)

Looks to me like your "i80" is blocking the reply. Are your 
filters correct ?





-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.

More information about the bind-users mailing list