mx record ?
Kevin Darcy
kcd at daimlerchrysler.com
Wed Sep 15 00:06:38 UTC 2004
Stephen Reese wrote:
>When recieving mail from a source suchas paypal i've noticed the following:
>
>Received: from smtp1.nix.paypal.com (smtp1.nix.paypal.com
>[::ffff:64.4.240.74])
> by prcdigital.com with esmtp; Mon, 13 Sep 2004 20:37:10 -0400
>
>but when someone recieves an email from us:
>
>Received: from prcdigital.com (mail.prcdigital.com [::ffff:66.35.133.90])
> (TLS: TLSv1/SSLv3,168bits,DES-CBC3-SHA)
> by ns.neocipher.net with esmtp; Tue, 14 Sep 2004 16:01:46 -0400
>
>or
>
>Received: from mail.prcdigital.com (localhost [::ffff:127.0.0.1])
> by prcdigital.com with esmtp; Tue, 14 Sep 2004 16:58:15 -0400
>
>The only difference is one was sent out using outlook and the other using
>webmail. The issue that is really bothering me is the ns.neocipher.net and
>then in the second one the localhost part. Am I even correct that this is
>a dns issue?
>
No, it's almost certainly not a DNS issue. Part of your mail
infrastructure appears to be configured to forward mail messages over
the loopback connection while at the same time claiming to be
"mail.prcdigital.com". The Received: header shows both the claimed name
and the actual client source (loopback, i.e. 127.0.0.1) of that
particular mail hop, as an aid to spoof detection. The extent of DNS'es
involvement here would be the *reverse* (address to name) mapping of
127.0.0.1 to "localhost" (although, depending on what OS you use, and/or
how it is configured, the loopback address may have been translated into
the name "localhost" without being looked up in DNS at all). None of the
*forward* (name to address) mappings in the prcdigital.com zone that you
showed in your original message should have had any bearing on any of this.
- Kevin
More information about the bind-users
mailing list