johnsonm at gmail
Jan 12, 2010, 12:02 PM
Post #2 of 2
On Tue, Jan 12, 2010 at 1:11 PM, DAve <dave.list [at] pixelhammer> wrote:
> DAve wrote:
>> I am baffled. I have two outbound smtp servers running netqmail. All
>> they do is outbound smtp. They have simcontrol and
>> netqmail-1.05-tls-smtpauth-20060105.patch installed.
>> On only one of the servers I am seeing several attempts per hour to send
>> messages to 220.127.116.11, which are rejected.
>> When I see this happening and I dig the mx for the recipient domain I
>> get the correct answer. I do not understand where qmail is getting this
>> IP and why it is trying to send *some* messages there.
>> I have restarted qmail-send and dnscache both with no change in the
>> behavior. Nothing has been changed in the config in several weeks.
>> Where do I even begin looking?
> Ummm, that Ip is listed as one of the servers in
> What gives?
You're using the Open Root Server Network? I think 18.104.22.168 was
an ORSN root server. I say was, because it looks like ORSN is toast:
Check your dnsroots.global (probably /etc/dnsroots.global) , that's
where root/servers/@ comes from when dnscache is configured. I think
you need to get both updated, quick (check the second URL).
As to why your qmail instance is sending mail there:
[me [at] somebo]$ dig A cr.yp.to @22.214.171.124
; <<>> DiG 9.4.2-P2 <<>> A cr.yp.to @126.96.36.199
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17352
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;cr.yp.to. IN A
;; ANSWER SECTION:
cr.yp.to. 0 IN A 188.8.131.52
;; Query time: 136 msec
;; SERVER: 184.108.40.206#53(220.127.116.11)
;; WHEN: Tue Jan 12 14:01:02 2010
;; MSG SIZE rcvd: 42
Notice anything funny, there?