Bob Brennan wrote:
On 4/6/06, Paul Howarth <paul@xxxxxxxxxxxx> wrote:
Bob Brennan wrote:
On 4/6/06, Paul Howarth <paul@xxxxxxxxxxxx> wrote:
Bob Brennan wrote:
On 4/6/06, Paul Howarth <paul@xxxxxxxxxxxx> wrote:
Somebody has probably changed a DNS entry for theFamily.net so that
instead of or as well as A/MX records, there's a:
theFamily.net. CNAME wc.funnel.revenuedirect.com.akadns.net.
record. Sendmail properly rewrites addresses for @theFamily.net to
@wc.funnel.revenuedirect.com.akadns.net during the address
canonicalisation stage in this case.
Paul.
All of my DNS entries for all of my domains are managed at
mydomain.com (literally) and I have checked that everything on their
DNS server is correct and there are no canonical entries. The refused
email is being delivered correctly to my own server, so their DNS
records must be correct.
However it is within my own server that things are going wrong. I do
not have an active DNS server but use the "hosts" file instead. The
hosts file is accurate and unchanged.
As I said earlier I searched all files in /etc/ for any entries that
might rewrite anything to or even contain the words
wc.funnel.revenuedirect.com.akadns.net and found nothing.
Is there any other information I can give or look for that might help
narrow this down? Or tests I can do? Or clever magical incantation
command lines I can try?
Try DNS lookups for your domain on your machine:
$ dig domain.xxx mx
$ dig theFamily.net mx
If you gave the real domain name(s) it might help too as we can see what
DNS lookups from outside your network are like.
Paul.
You are correct Paul - the dig command gives:
;; ANSWER SECTION
thebrennan.net 56879 IN CNAME wc.traffic.puredns.com.
wc.traffic.puredns.com 23661 IN CNAME
wc.funnel.revenuedirect.com.akadns.net.
wc.funnel.revenuedirect.com.akadns.net. 2 IN A 69.25.47.165
wc.funnel.revenuedirect.com.akadns.net. 2 IN A 66.150.161.58
with similar results for other domains on my server such as
mi-server.net. Any ideas as to how to correct this and how it
happened?
This is curious because I don't see these results myself.
Try doing the "dig" commands with the trace option set:
$ dig thebrennan.net mx +trace
Which nameservers are you using? Your ISP's? What are their IP addresses?
$ cat /etc/resolv.conf
Paul.
[bob@mi-server ~]$ dig thebrennan.net mx +trace
; <<>> DiG 9.2.5 <<>> thebrennan.net mx +trace
;; global options: printcmd
. 180987 IN NS C.ROOT-SERVERS.NET.
. 180987 IN NS D.ROOT-SERVERS.NET.
. 180987 IN NS E.ROOT-SERVERS.NET.
. 180987 IN NS F.ROOT-SERVERS.NET.
. 180987 IN NS G.ROOT-SERVERS.NET.
. 180987 IN NS H.ROOT-SERVERS.NET.
. 180987 IN NS I.ROOT-SERVERS.NET.
. 180987 IN NS J.ROOT-SERVERS.NET.
. 180987 IN NS K.ROOT-SERVERS.NET.
. 180987 IN NS L.ROOT-SERVERS.NET.
. 180987 IN NS M.ROOT-SERVERS.NET.
. 180987 IN NS A.ROOT-SERVERS.NET.
. 180987 IN NS B.ROOT-SERVERS.NET.
;; Received 436 bytes from 158.152.1.58#53(158.152.1.58) in 18 ms
net. 172800 IN NS A.GTLD-SERVERS.net.
net. 172800 IN NS B.GTLD-SERVERS.net.
net. 172800 IN NS C.GTLD-SERVERS.net.
net. 172800 IN NS D.GTLD-SERVERS.net.
net. 172800 IN NS E.GTLD-SERVERS.net.
net. 172800 IN NS F.GTLD-SERVERS.net.
net. 172800 IN NS G.GTLD-SERVERS.net.
net. 172800 IN NS H.GTLD-SERVERS.net.
net. 172800 IN NS I.GTLD-SERVERS.net.
net. 172800 IN NS J.GTLD-SERVERS.net.
net. 172800 IN NS K.GTLD-SERVERS.net.
net. 172800 IN NS L.GTLD-SERVERS.net.
net. 172800 IN NS M.GTLD-SERVERS.net.
;; Received 489 bytes from 192.33.4.12#53(C.ROOT-SERVERS.NET) in 105 ms
thebrennan.net. 172800 IN NS ns1.mydomain.com.
thebrennan.net. 172800 IN NS ns2.mydomain.com.
thebrennan.net. 172800 IN NS ns3.mydomain.com.
thebrennan.net. 172800 IN NS ns4.mydomain.com.
;; Received 180 bytes from 192.5.6.30#53(A.GTLD-SERVERS.net) in 112 ms
thebrennan.net. 2400 IN MX 0 mail.mi-server.net.
thebrennan.net. 2400 IN MX 10 mx1.sitelutions.com.
thebrennan.net. 2400 IN MX 20 mx2.sitelutions.com.
thebrennan.net. 86400 IN NS ns1.mydomain.com.
thebrennan.net. 86400 IN NS ns2.mydomain.com.
thebrennan.net. 86400 IN NS ns3.mydomain.com.
thebrennan.net. 86400 IN NS ns4.mydomain.com.
;; Received 279 bytes from 64.94.117.195#53(ns1.mydomain.com) in 170 ms
This is the correct (and expected) response.
[bob@mi-server ~]$ cat /etc/resolv.conf
; generated by /sbin/dhclient-script
search com
nameserver 158.152.1.58
nameserver 158.152.1.43
[bob@mi-server ~]$
These are Demon's nameservers, and they're refusing access to me
(presumably because I'm not their customer, which is fair enough).
Try asking them directly:
$ dig @158.152.1.58 thebrennan.net mx
$ dig @158.152.1.43 thebrennan.net mx
If those servers are returning the bogus results, I would:
(a) complain to Demon, and
(b) run my own nameserver (you could use the caching-nameserver
package), and use that instead of the Demon ones
Paul.
