amrad email problems

Howard Cunningham howardc at
Sun Oct 14 23:02:25 CDT 2007


See my comments preceded by HC:

Howard Cunningham, MCP
Microsoft Small Business Specialist
Macro Systems, LLC
howardc at - personal
service at - service

-----Original Message-----
From: Robert E. Seastrom [mailto:rs at] 
Sent: Sunday, October 14, 2007 11:54 PM
To: Howard Cunningham
Cc: Tacos; Maitland Bottoms
Subject: Re: amrad email problems

"Howard Cunningham" <howardc at> writes:

> Hi 
> At Tacos today there was a discussion about why some
> are not delivered.  I looked at the email that Mike posted
> tonight and found that there are multiple problems with
> zone file setting for the domain and email..
> Emails:
> The mx record specifies
> Emails are coming from: received: from
> ([])
> That mismatch will cause more and more mail servers to not
> accept and/or reject emails.

Not well-configured nameservers unless there's SPF stuff
that says
only receive from mx ("v=spf1 mx -all").  If you are aware
of any mail
servers that come configured out of the box to refuse
everything that
doesn't come from the proper mx, I'd appreciate a pointer.

 [HC:] I have not seen this behavior out of the box, but I
am seeing more and more mail servers either reject or not
accept emails when the IP address of the sending server does
not match the MX record.  I am not saying that this practice
is correct or even good, we just keep running into it.  

> DNS Issue #1:
> is as an amrad name server but it is
> not listed with the registrar

This shouldn't cause a problem with resolving (if
reverse were true, i.e. the authoritative servers were a
subset rather
than a superset of the registrar's records) it might cause

It is an inconsistency that ought to be fixed.  It is
probably not the
source of mail slowness.

> DNS Issue #2:
> will do recursive lookups.  I
> that recursion be disabled
> reports that it will do recursive lookups

This presents a DNS cache poisoning issue.  It shouldn't be
getting in
the way of resolution.  Agree with Howard that there should
be no
recursive nameservers should also be authoritative
nameservers, but
cavalierly disabling recursion on antanasoff without
ascertaining that
nothing is depending on it for resolution might result in
the IT
equivalent of having golf cleat marks on your tender bits.

So, I suspect that log analysis will help you divine what's
if anything.


More information about the Tacos mailing list