Hello, We are having a DNS issue (of which I am no expert) that we are trying to get a good handle on but not sure what direction to start chasing first. THE issue is that mail is timing out when we try to send to 2 or 3 domains, while the rest of the email goes through cleanly. Which leads me to DNS. According to http://www.intodns.com/orlandilabs.com it looks like we have several issues specifically: Missing nameservers reported by parent FAIL: The following nameservers are listed at your nameservers as nameservers for your domain, but are not listed at the parent nameservers (see RFC2181 5.4.1). You need to make sure that these nameservers are working.If they are not working ok, you may have problems! ns2.yourhostingaccount.com ns1.yourhostingaccount.com Missing nameservers reported by your nameservers ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are: ns2.nameresolve.com ns1.nameresolve.com This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example). Will the errors being reported on introDNS keep some domains from accepting a connection from our SMTP server (Exchange) and how would we start to correct the issues raised by introDNS. Thanks in advance!
Do you have SPF records specified in your DNS? Many mail servers use that now to verify the IPs that are allowed to send email on behalf of your domain. http://en.wikipedia.org/wiki/Sender_Policy_Framework You can see the SPF records for various domains with our DNS tool. For example, Apple: https://tools.digitalpoint.com/dns?host=apple.com&type=TXT
Shawn, Thanks for the quick reply. Using the tool you linked, I couldn't find a SPF record, but I couldn't find one for the domain I posting from either (st-barnabas.com), and I am able to send emails to AT&T, and their sub-domains. While I have put this on my list of things to follow up on, I am still searching why Orlandilabs.com cannot sent emails to AT&T, and now Comcast. Thanks!
Are you routing the email through one of the specified mail servers for the domain? https://tools.digitalpoint.com/dns?host=orlandilabs.com&type=MX Some receiving mail servers are going to be more strict than others... some will allow email coming from servers not officially associated with the domain, others won't. The ones that won't typically will look at the SPF record for the domain to see if the sending server is allowed to send email on behalf of that domain.
Shawn, Thanks again for the reply. To be honest I don't know if the email is being routed through one of the psmtp servers. Would a message header from the domain in question help? "X-Vipre-Scanned: 01D29803004D6801D29950 Microsoft Mail Internet Headers Version 2.0 Received: from bolt7b.mxthunder.net ([208.53.xx.xxx]) by st-barnabas.com with Microsoft SMTPSVC(6.0.3790.4675); Tue, 23 Jul 2013 15:59:13 -0400 Received: by bolt7b.mxthunder.net (Postfix, from userid 12345) id 3c09W51kFLzQbMhW; Tue, 23 Jul 2013 12:59:00 -0700 (PDT) Received: from orlandilabs.com (host-68-169-140-219.EPSOLT2.epbfi.com [68.169.140.219]) by bolt7b.mxthunder.net (Postfix) with ESMTP id 3c09Sj0bzYzQbMMs for <>; Tue, 23 Jul 2013 12:57:06 -0700 (PDT) Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CE87DE.CE20432C" X-MimeOLE: Produced By Microsoft Exchange V6.5 Subject: test Date: Tue, 23 Jul 2013 15:57:05 -0400 Message-ID: <> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: test Thread-Index: Ac6H3s3+TRa5F49ZSTGNIFferLDbNA== From: "xxxxxx" <> To: <> X-MXTHUNDER-Identifier: <> X-MXTHUNDER-IP-Rating: 0, 68.169.140.219, Ugly c=0 p=-1 Source Normal X-MXTHUNDER-Scan-Result: 0 X-MXTHUNDER-Rules: 0-0-0-1634-c X-MXTHUNDER-Clean: Yes X-MXTHUNDER-Group: OK Return-Path: X-OriginalArrivalTime: 23 Jul 2013 19:59:13.0864 (UTC) FILETIME=[1ADF9480:01CE87DF] ------_=_NextPart_001_01CE87DE.CE20432C Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable ------_=_NextPart_001_01CE87DE.CE20432C Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable ------_=_NextPart_001_01CE87DE.CE20432C--" Thanks again for your help! JD
Nah... wouldn't be all that useful unfortunately. Do you know if their mail server accepts it for delivery and then it just disappears, or it rejects it outright?
Shawn, We are not sure. We get an Exchange message within a day telling us the email has been delayed, then about 3-4 days later we get another message that tells us either " Unable to deliver message to the following recipients, due to being unable to connect successfully to the destination mail server." (Comcast) or, " Could not deliver the message in the time limit specified. Please retry or contact your administrator." (Bellsouth). We have contacted both help desks and have been referred to a higher level support but we haven't been able to get a call back as of yet. Again, all help is appreciated and if we could get a direction to start looking (Local SBS server or Hosting provider) it would be a great help. Postini has our DNS records but their support is near non-existent since they started to roll into Google. Thanks! Jack
An unable to connect message might be that IP of the sending server on some sort of blacklist and then receiving servers just block connections from the servers on that list.
While we haven't solved the issue we think we know what is causing it. senderscore.org keeps what is kinda like an email reputation score. Between our dns issues (lack of SPF record) and a virus outbreak we recently had, the service had lowered our reputation score to a 5. Comcast likes to see 80 or above. Contacting sendscore helped us with their own private blacklist (which doesn't show up on the blacklist searches we had done) as well as giving us tips to raise the score. Putting this out there in case it helps others. Shawn, thanks a ton for taking to time to try to help us! You can close this if you wish. Jack