North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: "User Unknown" errors related to DNS issues?
On Monday, 2004-12-13 at 17:38 EST, Jim Popovitch <[email protected]> wrote: > I see a periodic problem with some email servers that report "User > Unknown" for valid users. The most recognizable problematic host is > hotmail.com, but there usually are others mixed in (today's additional > problematic hosts included msn.com, verizon.net, and incentre.net). > > I found this post on Neohapsis that suggests the problem is DNS/firewall > related: > > http://archives.neohapsis.com/archives/postfix/2004-03/1774.html > > What I can't understand is why this would be periodic and what, if > anything, I can do to validate the authenticity of the errors? I'm not sure why a dns problem would result in "user unknown". But the discussion on the postfix list could still be pertinent. Hotmail.com and msn.com both produce incomplete responses to udp dns queries for their MX records. That will trigger your nameserver to send a second query using tcp. If there is a firewall (likely at your own site) that blocks this tcp query or the response, you won't get any response at all - the domain lookup will fail. Here's a test for you. On the nameserver used by your mail server (or you can do it on the mail server itself), issue the following command (or equivalent); the "-vc" option is critical - it means "use tcp". If you don't get any response, that could be the problem - fix your firewall. If you do get a good response, I don't know what the problem is (nor do I know what it is for verizon.net, and incentre.net, which don't look like they would produce this issue). nslookup -qt=any -vc hotmail.com. > Do others see this same issue? Not I. Tony Rall