DNS A and MX record problem?

Kevin Darcy kcd at daimlerchrysler.com
Thu Aug 31 22:01:37 UTC 2000


Don Hunter wrote:

> I am Don Hunter, the incompetent (self flame!) Technology Manager for the
> Xerox Corporation in Hillsboro Oregon.
>
> At 10:35 yesterday all outbound mail from our server at 206.251.81.174 is
> failing and staying in the outbound queue (MS Exchange 5.5 Internet mail
> Connector). I believe the problem is related to the DNS records, and record
> order for our domain (nwdtc.com) handled by our ISP. Here is the result for
> an nslookup:
>
> NsLookup nwdtc.com
>
> -querytype=MX
>
> Default Server: ns2.transport.com
>
> Address: 206.251.95.6
>
> > [ns2.transport.com]
>
> nwdtc.com. SOA ns2.transport.com root.transport.com. (200005310 86400 900
> 1728000 86400)
>
> nwdtc.com. NS ns2.transport.com
>
> nwdtc.com. NS ns.transport.com
>
> nwdtc.com. A 206.251.81.176
>
> nwdtc.com. MX 10 mail.nwdtc.com
>
> nwdtc.com. MX 30 etrn.transport.com
>
> pcorpforms A 206.251.81.173
>
> gw A 206.251.93.1
>
> pcorp A 206.251.81.173
>
> view.pcorp A 206.251.81.131
>
> forms.pcorp A 206.251.81.177
>
> mail A 206.251.81.174
>
> www A 206.251.93.2
>
> xpls A 206.251.81.130
>
> ftp A 206.251.81.175
>
> nwdtc.com. SOA ns2.transport.com root.transport.com. (200005310 86400 900
> 1728000 86400)
>
> I'm no expert, but the documentation I'm looking at to research this problem
> indicates that the A record prior to the MX record is causing confusion, in
> that it is interpreted as the mail exchanger. Destination domains who do a
> reverse lookup appear reject my connection, in that the NT event log shows a
> new TCP/IP connection to detination.com is opened then immediately follows a
> message that the connection failed.

I think you're barking up entirely the wrong tree, maybe even the wrong forest
(to borrow some of Microsoft's terminology). For *outbound* mail, typically the
only thing a mailer would be looking up in its own zone would be the mailer's
*own* name, e.g. "mail.nwdtc.com". You have an A record for that name, so
that's all it really cares about. MX records are looked up for mail
*destinations*. And, even so, order doesn't matter, since MX records and
A records serve different, though interrelated functions.

>  I also find docs indicating that I should have my MX record recorded as
> simply nwdtc.com NOT mail.nwdtc.com

Whatever the MX points to needs a matching A record. In order for incoming mail
to work, whatever is at the address referred to by the A record needs to accept
SMTP mail. In your case, "nwdtc.com" resolves to a different address than
"mail.nwdtc.com"; is there something at that other address which will accept
SMTP mail? If not, then I wouldn't advise changing your MX record to point to
it.

Of course, what you point your *own* MX to doesn't really have anything at all
to do with *outbound* mail; it should only affect what mail comes *to* your
servers.

If you think you're having a DNS problem related to *outbound* mail, then don't
waste your time looking at the contents of your *own* zone; instead, try to do
some lookups of the domains you're trying to send mail *to*. Maybe their
DNS data is wrong, or maybe your DNS query-resolution infrastructure is broken
in such a way that you can't resolve names in their domains.


- Kevin





More information about the bind-users mailing list