Perplexing E-Mail Issue
Results 1 to 8 of 8

Thread: Perplexing E-Mail Issue

  1. #1
    Member
    Join Date
    Dec 2004
    Posts
    48

    Perplexing E-Mail Issue

    I am absolutely stumped on this one. We can send and receive email with no problems with the exception of *receiving* mail from a particular domain.

    We are running a Postfix mail server with the spamd (spamasassin daemon) running. Mail on THEIR domain is sent from an Exchange 2000 server. All I see in our logs is:

    Oct 24 15:18:57 localhost postfix/smtpd[XXXX]: connect from theirserver.theirdomain.com[theirIP]
    Oct 24 15:19:05 localhost postfix/smtpd[XXXX]: disconnect from theirserver.theirdomain.com[theirIP]

    Again, it is ONLY mail from their domain that we have a problem receiving. Likewise, our domain is the only one that they have trouble sending to. In their logs, all they have is a "message time-out" error.

    I, at first thought it might be an MX record issue because they just changed the domain naming scheme of their servers....I'm not sure this possibility has been completely ruled out. I would think, though, that if it was an MX issue, their domain would have problems sending mail to more domains than just ours.

    This leads me to believe it is something on our end, yet we don't have any other problems sending and receiving to and from any other domains.

    Again, we can send mail TO this domain, but cannot receive mail FROM this domain.

    I have whitelisted their domain name, ip and domain suffix in postfix and spam assassin.

    I am so confused. I hope someone can help.
    Blankety Blank Blank Blank!

  2. #2
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    I know that this will sound horribly stupid, but you are running a mailserver?

    Have you cold booted it since the changes?

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #3
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Run tcpdump on that connection. Something like tcpdump -X -vvv -n host myhost.com and host theirserver.theirdomain.com and port 25 should give you a lot more information.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  4. #4
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,250

    Could be DNS

    It usually is but a word of advice. Other domain admins are to be treated like users. They may be having issues with other domains also.

    Anyway check this out - hope it hlps

    http://bind8nt.meiway.com/itsaDNSmess.cfm
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  5. #5
    rebmeM roineS enilnOitnA steve.milner's Avatar
    Join Date
    Jul 2003
    Posts
    1,018
    I sugest routing issues.

    From both ends try traceroute to follow connections through & see if the stop on route.

    Steve
    IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com

  6. #6
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,250
    Originally posted here by steve.milner
    I sugest routing issues.

    From both ends try traceroute to follow connections through & see if the stop on route.

    Steve
    God I hate it when I don't start with the basics. Good point steve!
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  7. #7
    Member
    Join Date
    Dec 2004
    Posts
    48
    Thanks for all the replies. I definitely did a cold boot on our end, and suggested that the other admin do the same.

    Everything seems normal in the traceroute, but their DNS is a little funny. I will be doing a tcpdump today to see if I can pick up anything odd out of the traffic.

    Something strange about the other servers' DNS: there are no MX records for the sub-domain that mail is being sent from. For example, their mail server is subdomain.domain.com (this is also the name that connects to our mail server), but MX records only exist for domain.com. Also, the MX records are pointing to a mail2.domain.com, which I don't think even exists. I'm assuming this is the cause of the problem? Postfix is running a reverse MX lookup for subdomain.domain.com and no MX records show up?
    Blankety Blank Blank Blank!

  8. #8
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716
    Postfix is running a reverse MX lookup for subdomain.domain.com and no MX records show up?
    Most likely. Either they will have to fix their DNS, or you will have to configure to not do a
    reverse lookup. It makes you get more spam though, unless you only eliminate reverse
    lookups for that particular domain.
    I came in to the world with nothing. I still have most of it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •