Topic: 7.2 blocking mail when no reverse DNS??

[stdean]

I've just upgraded to 7.2 and I suspect that I may be blocking mails from domains with no reverse DNS.

We upgraded over the weekend and since then we have not received any mails from domains that we were receiving from previously. Does 7.2 block mails from domains with no reverse DNS, or is there something wrong on the sending parties side?

Here's what I get from my qpsmtpd config:

[root@mail log]# config show qpsmtpd
qpsmtpd=service
    Bcc=enabled
    BccMode=bcc
    BccUser=maillog
    DNSBL=disabled
    LogLevel=6
    MaxScannerSize=25000000
    RBLList=sbl-xbl.spamhaus.org:whois.rfc-ignorant.org:dnsbl.njabl.org
    RHSBL=disabled
    RequireResolvableFromHost=no
    SBLList=dsn.rfc-ignorant.org
    access=public
    status=enabled


I can see the RequireResolvableFromHost=no, but it still appears that mails are not coming though.

I've searched through all the logs for mentions of the domain in question but there is nothing, I'm assuming that the incoming mails are getting dropped silently and that's why I'm seeing nothing.

I've done a check on the domain in question and it does appear that they do not have reverse DNS setup, getting them to configure their DNS properly is unfortunately not an option.

Any ideas?

Conor

Forgot to mention, I have added this domain to my whitelist, should that help??

[stdean]

top.

Just hoping that someone could shed some light on this. I seem to be still having the same problem. Unable to send or receive mails from one particular domain.

Is there any way to view a list of mails that the SME has refused?

Conor

[kruhm]

"Is there any way to view a list of mails that the SME has refused?"

We've got to find where the problem is.

You can manually look at the logs in /var/log/qpsmtpd/current

or

you can search through the log with:
-cat /var/log/qpsmtpd/current |grep <domainname>

or

you can do a realtime log check with:
-tail -f /var/log/qpsmtpd/current |grep denied

If it doesn't show enough info, you may have to increase your loglevel from 6 to 8.

[stdean]

I've checked the logs over and over but found nothing in there. I've upped the log level to 8 now.

[slightly off topic]
We recently moved our server to a new IP, thus changing our DNS settings. What is the longest you have heard it taking for DNS changes to propagate? After speaking with a tech at the client company he has informed me that the problem could be our DNS changes not propagating to their servers. We are in Asia but all the clients mail goes through HQ in the USA. It's been close to 2 weeks since we made any changes. Even if this was the case it would not (completly) explain why we cannot send mails to them.
[/back to topic]

I'll have the client in question send me another test mail and monitor the logs.

Cheers,


Conor

[thomasch]

I've checked the logs over and over but found nothing in there. I've upped the log level to 8 now.

Conor,

If it is not logged in /var/log/qpsmtpd then the email is never touched your server. Check the opposite smtp server log.

[stdean]

I figured as much. Although I thought that mails might be getting silently dropped with no logging....

I have no received failure messages for some mails that we sent out to the client 1 week ago, here's what they're saying:

Subject:
failure notice
From:
MAILER-DAEMON@mydomain.co.jp
Date:
27 Nov 2007 07:46:59 -0000
To:
xxxx@mydomain.co.jp

Hi. This is the qmail-send program at mydomain.co.jp.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<client_user@client.com>:
Sorry, I wasn't able to establish an SMTP connection. (#4.4.1)
I'm not going to try again; this message has been in the queue too long.

--- Below this line is a copy of the message.

Doesn't really say much. Makes me think there's something wrong on the clients side.

Conor

[kruhm]

"I have no received failure messages for some mails that we sent out to the client 1 week ago, here's what they're saying"
That is your failure message.

"Doesn't really say much. Makes me think there's something wrong on the clients side."
It says it can't make a smtp connection with the domain you're trying to send to. It tried for a week, like it's supposed to, but it couldn't get through. If you're not having other problems with other domains, it's a good indication that there is something wrong on their side.

[stdean]

To update some more. Apparently the client has been receiving the same error messages on their side.

From the looks of things my mail server cannot create an SMTP connection to their server, and their server cannot create a connection to mine.

Any ideas on what can be done to diagnose the problem?

Cheers,

Conor