FW: Problem with mail delivery

Barry Margolin barmar at bbnplanet.com
Tue Aug 31 19:51:08 UTC 1999 

In article <c=US%a=_%p=Predict-DLI%l=VALIANT-990831173446Z-110 at valiant.predict-dli.com>,
Thomas J. Rude <tjrude at predict-dli.com> wrote:
>Barry, 
>Thanks for the information.  However, as I mentioned, I really have no
>idea how this all works!  But, to respond to some of your notes:
>
>** We used to own the man-gill.com domain when we were man gill chemical
>(before my time at the firm).  When the last network admin left, he
>informed internic that we no longer were that and did not want the
>domain name.  Hence, why the name is currently available........which
>leads me to a question:  how can our DNS server still work with this
>setup is we do not own that domain name? I mean, with the querying that
>occurs, I don't understand why it works or why it doesn't give other
>servers incorrect information.  

It works for you because no one ever took the information out of the
server.  So all your local users can still see that information.  However,
because it has been removed from the registry, no one else on the Internet
can look up this domain -- they have no way of knowing that they should go
to your server (an unregistered domain is like an unlisted phone number).

>				 Perhaps because the domain name is
>currently available?      IAGNET.NET was our old ISP who has merged and
>merged,etc.  In our old setup, IAGNET servers as  a secondary DNS
>server.  Again, I don't understand why this works.  OR, would this
>explain the message in Event Viewer...."syslog:  Secondary zone
>(iagnet.net) expired"  that appears every so often (usually in
>>multiples)?

This is unrelated.  That message means that you configured your server as a
secondary server for the IAGNET.NET domain.  There's no reason why you
needed to do that; I suspect your old network admin was confused.

>>>mx1.predict-dli.com      IN     A   207.206.8.55
>>>valiant.predict-dli.com   IN     A   172.16.3.201
>>What are these records doing in the man-gill.com.db file?  This file should
>>only have records for names in the man-gill.com domain.
>
>**Again, I really don't know!  This is how it was (is) set up when I
>came aboard.  Are you saying that these two records should appear in the
>predict-dli.com.db file?  

Yes.  All the names being defined in a zone file must have the same
suffix.  The man-gill.com.db file should only define names ending with
man-gill.com, and the predict-dli.com.db file should only define names
ending with predict-dli.com.

>**So, I need to add a MX record for predict-dli.com such as:
>	mx1                IN MX     10       predict-dli.com

No, it's the other way around:

predict-dli.com.  IN MX 10 mx1

An MX record of the form:

xxx IN MX 10 yyy

means "in order to send mail to user at xxx, deliver it to the machine named
yyy".

>instead of having the (mx1      IN     MX   10   mx1.predict-dli.com.)
>record?   OR, could I keep this () record and add the A record such as:
>	mx1                IN A      207.206.8.55

You need this in addition to the MX record, so that senders can make sense
of the above MX record.

>I have a question about the NS record (@      IN     NS
>ns1.predict-dli.com.):  what does the '@' sign stand for? When I compare
>the new to the old I notice the old (man-gill.com.db) has (man-gill.com.

@ stands for the name of the domain being defined in that file.

>When you say I need to create an A record that points to 207.206.8.34
>(legal, visible IP of DNS/firewall) so that the NS record can point to
>the same, why doesn't the following work?
>	ns1          IN     A    172.16.2.111          <where this IP is the
>internal address>

Because machines on the Internet can't connect to the private address
172.16.2.111.  You have to advertise your *public* addresses in your DNS
entries.

>Do I need this and the following both?
>	ns1          IN     A    207.206.8.34
>
>And lastly (I know you hope so!), could I just remove the CNAME record:
>	ns1     IN   CNAME  mgntfw
>in order to clean this mess up?  

Yes, you must remove the CNAME record.  A CNAME record is an alias, and a
name can't be both an 

>
>>Since the old configuration works, why don't you just set up the new domain
>>the same way?
>**Two reasons!  One, I wanted to use the domain name we own
>(predict-dli.com) instead of the one we used to own.  Two, because the

I know you want to use the new domain.  I meant just make every record the
same but replace "man-gill" with "predict-dli".

>>No, this is not how mail is delivered.  If the MX record points to valiant,
>>mail from the Internet will be sent directly there, it won't go through any
>>of Verio's servers.
>**See, this is part of my confusion!  Because the techs at VERIO told me
>that they needed the legal IP of our e-mail server because they need to
>forward e-mail from their servers to it.  This is not the case?  OR, did
>they need the IP so that they could set their DNS servers to reflect
>that fact that any mail for predict-dli.com should be sent to
>207.206.8.5 if someone queries their DNS servers?

They probably meant the latter, since they're currently hosting your DNS,
according to the InterNIC registration.

-- 
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

More information about the bind-users mailing list