|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Weird DNS issues for domains
Peter wrote: Crist Clark <[email protected]> wrote: [...]The problem I've seen is when an SMTP server does not accept emails which have non-resolvable MAIL FROM domain. When the sender is a dumb SMTP client, not an MTA, this can cause problems.Well, that "dumb SMTP client" should stop pretending to be a MTA then. If it can't queue and retry, it shouldn't even *think* about looking for MX records. Sorry, I guess I was not clear. The dumb client is not pretending to be an MTA. The dumb client is sending to its "smart host." The MTA, the smart server for the dumb clients, does a "reality check" on the envelope sender. (This is not unusual.) A dumb client tries to send, MAIL FROM:<[email protected]> Via the MTA, but the MTA rejects this because it cannot resolve the domain. Now even if our MTA does the right thing and rejects with a 4xx error, a dumb client may not be equipped to handle this well. Besides, what sort of "dumb SMTP client" did you have in mind? Formmail scripts? Worms? Outlook Express? I can't say I'd miss mail from any of those. Well, the reality check on the sender domain is meant to stop a lot of traffic from some of those sources, so I won't miss that either. However, due to the nature of our business, we have lots of people with very, uh, "interesting" SMTP clients. I know of a few who have integrated PPP/IP/TCP/SMTP stacks for custom hardware, i.e. they wrote network code for a device with less CPU and RAM horsepower than your modern wrist watch to only send email. They tend not to handle exceptional conditions well (and sometimes have cool features like the sender address is hardcoded, hardcoded in NVRAM, or hardcode the IP address of the smart host which is fun when we move those or bring one down for maintenance). (I noticed this happen to a high traffic customer who had both of their DNS servers in the same /24 located in Slidell, LA. Needless to say, they were down for more than a few hours when Katrina rolled through.)Having reachable DNS isn't going to help anyway if the MX host is also unreachable for an extended period. Mail is still going to bounce after a few days if somebody doesn't fiddle with DNS. But even if the destination MTA is reachable, the mail was not going through since the MAIL FROM domain was unresolvable. The mail would have been delivered promptly had the sender's DNS been available. The sender's MX MTA never enters into the picture. -- Crist J. Clark [email protected] Globalstar Communications (408) 933-4387
|