dave.list at pixelhammer
Jan 12, 2010, 12:18 PM
Post #2 of 2
(818 views)
Permalink
|
Mark Johnson wrote:
> On Tue, Jan 12, 2010 at 1:11 PM, DAve <dave.list [at] pixelhammer> wrote:
>> DAve wrote:
>>> I am baffled. I have two outbound smtp servers running netqmail. All
>>> they do is outbound smtp. They have simcontrol and
>>> netqmail-1.05-tls-smtpauth-20060105.patch installed.
>>>
>>> On only one of the servers I am seeing several attempts per hour to send
>>> messages to 212.7.160.13, which are rejected.
>>>
>>> When I see this happening and I dig the mx for the recipient domain I
>>> get the correct answer. I do not understand where qmail is getting this
>>> IP and why it is trying to send *some* messages there.
>>>
>>> I have restarted qmail-send and dnscache both with no change in the
>>> behavior. Nothing has been changed in the config in several weeks.
>>>
>>> Where do I even begin looking?
>>>
>>> DAve
>> Ummm, that Ip is listed as one of the servers in
>> /etc/dnscache/root/servers/@
>>
>> What gives?
>>
>> DAve
>
> You're using the Open Root Server Network? I think 212.7.160.13 was
> an ORSN root server. I say was, because it looks like ORSN is toast:
>
> http://en.wikipedia.org/wiki/Open_Root_Server_Network
> https://lists.dns-oarc.net/pipermail/dns-operations/2008-October/003339.html
>
> Check your dnsroots.global (probably /etc/dnsroots.global) , that's
> where root/servers/@ comes from when dnscache is configured. I think
> you need to get both updated, quick (check the second URL).
>
> As to why your qmail instance is sending mail there:
>
> [me [at] somebo]$ dig A cr.yp.to @212.7.160.13
>
> ; <<>> DiG 9.4.2-P2 <<>> A cr.yp.to @212.7.160.13
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17352
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;cr.yp.to. IN A
>
> ;; ANSWER SECTION:
> cr.yp.to. 0 IN A 212.7.160.13
>
> ;; Query time: 136 msec
> ;; SERVER: 212.7.160.13#53(212.7.160.13)
> ;; WHEN: Tue Jan 12 14:01:02 2010
> ;; MSG SIZE rcvd: 42
>
> Notice anything funny, there?
>
>
I thought I had removed those, years ago? DOH! I was just up to the
point of asking "why is the server returning it's own A record for
everything, and why is a root server answering port 25?"
You got the answer faster than I did, thank you. I rebuild the @ file on
both DNS caches and everything looks good.
DAve
--
"Posterity, you will know how much it cost the present generation to
preserve your freedom. I hope you will make good use of it. If you
do not, I shall repent in heaven that ever I took half the pains to
preserve it." John Adams
http://appleseedinfo.org
|
