dave.list at pixelhammer
Jan 12, 2010, 12:18 PM
Post #2 of 2
Mark Johnson wrote:
> On Tue, Jan 12, 2010 at 1:11 PM, DAve <dave.list [at] pixelhammer> wrote:
>> DAve wrote:
>>> I am baffled. I have two outbound smtp servers running netqmail. All
>>> they do is outbound smtp. They have simcontrol and
>>> netqmail-1.05-tls-smtpauth-20060105.patch installed.
>>> On only one of the servers I am seeing several attempts per hour to send
>>> messages to 22.214.171.124, which are rejected.
>>> When I see this happening and I dig the mx for the recipient domain I
>>> get the correct answer. I do not understand where qmail is getting this
>>> IP and why it is trying to send *some* messages there.
>>> I have restarted qmail-send and dnscache both with no change in the
>>> behavior. Nothing has been changed in the config in several weeks.
>>> Where do I even begin looking?
>> Ummm, that Ip is listed as one of the servers in
>> What gives?
> You're using the Open Root Server Network? I think 126.96.36.199 was
> an ORSN root server. I say was, because it looks like ORSN is toast:
> Check your dnsroots.global (probably /etc/dnsroots.global) , that's
> where root/servers/@ comes from when dnscache is configured. I think
> you need to get both updated, quick (check the second URL).
> As to why your qmail instance is sending mail there:
> [me [at] somebo]$ dig A cr.yp.to @188.8.131.52
> ; <<>> DiG 9.4.2-P2 <<>> A cr.yp.to @184.108.40.206
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17352
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUESTION SECTION:
> ;cr.yp.to. IN A
> ;; ANSWER SECTION:
> cr.yp.to. 0 IN A 220.127.116.11
> ;; Query time: 136 msec
> ;; SERVER: 18.104.22.168#53(22.214.171.124)
> ;; WHEN: Tue Jan 12 14:01:02 2010
> ;; MSG SIZE rcvd: 42
> Notice anything funny, there?
I thought I had removed those, years ago? DOH! I was just up to the
point of asking "why is the server returning it's own A record for
everything, and why is a root server answering port 25?"
You got the answer faster than I did, thank you. I rebuild the @ file on
both DNS caches and everything looks good.
"Posterity, you will know how much it cost the present generation to
preserve your freedom. I hope you will make good use of it. If you
do not, I shall repent in heaven that ever I took half the pains to
preserve it." John Adams