Re: strange smtp blockings (MS DNS zone and bind 8 issue?)
interesting....
a) I get the same behavior
b) same
c) same
d) same
e) from what I gather from a small discovery session, MTA running on a
micro$oft os have a problem with my MTAs or accepting a 'telnet 25'. now
notice that this is happening only on 2 of the 3 woody boxes (identically
configured). my initial thought was that we were not revese dns-ing
properly. after spending some time and proving to myself that the reverse
worked fine, I dug into bind to see if the zone transfers were taking place
as expected. this is when I read about the MS DNS - bind9 zone transfer
problem (found in bind docs).
My quick fix was to use the box that was ok telnet-ing as a smart host until
I figure out what the heck is going on.
I was thinking this is a bind9 issue but if you are using bind8, something
else is going on... will keep you posted if I find anything.
----- Original Message -----
From: "Jaume Teixi" <teixi@6tems.com>
To: <debian-isp@lists.debian.org>
Sent: Friday, July 13, 2001 9:43 PM
Subject: Re: strange smtp blockings (MS DNS zone and bind 8 issue?)
> On Sat, 14 Jul 2001 00:44:25 -0400 (EDT)
> Richard A Nelson <cowboy@debian.org> wrote:
>
> > On Fri, 13 Jul 2001, Roland Krocin wrote:
> >
> > > potato or woody?
> > > I'm getting the same problems on 2 out of 3 woody boxes (sendmail).
the
> > > third works 70% of the time. reverse dns works perfectly to all other
hosts.
> > > other interesting thing is that this seems to be an issue mostly with
> > > Microsoft-OS MTAs. There is a known problem with bind 9.x and MS DNS
zone
> > > transfers, that may have something to do with it...
> >
> > If you're having problems w/MTA -> M$ MTA (the original poster said
> > telnet 25 had the same problem, so its not MTA->MTA) - and you're on
> > 8.12, you may want to disable TLS negotiation (either on a host basis,
> > or altogether).
>
> hello again,
>
> now what I can say:
>
> a) sure is not a MTA issue because telneting from this host to the other
at port 25 also is blocked.
> b) rblcheck doesnt show any blocks for my host.
> c) no problem with dns config neither disk space or bandwich out of
limits.
> d) only some hosts blocks me to send email at them.
> the remote email servers that blocks mine are using different systems:
>
> 220 X1 NT-ESMTP Server correo.servidoresdns.net (IMail 6.06 13762-1)
> 220 mail1.telefonica.es ESMTP Service (Lotus Domino Release 5.0.5)
ready at Sat, 14 Jul 2001 15:22:13 +0200
>
> e) the only coincidence is that the remote hosts that blocks mine probably
are using M$ dns server.
>
> f) i-m running potato with kernel 2.4.4 and with bind 8.2.3-0 on that
server and I-ve been moving dns zones for more than 200 domains recently
from an old primary dns server with bind to this one.
>
> g) remote admins tell me that they are not blocking my hosts and dns
config are ok.
>
> what should I do ?
>
> Jaume Teixi
> CTO
> 6TEMS - Ducform, SA
> http://www.6tems.com
>
>
> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>
Reply to: