Unable to send mail to some mail servers due smtp greetings malformed

atotomex · 12-15-2005, 11:06 PM

Hi,

I don't know if this kind of problem can be addressed here?, if you should suggest some other forum I'll appreciate it.

I had a Proliant server ML110 running fedora core 4 with the following linux configuration.

FC4 version: 2.6.14-1.1644_FC4 i686
Sendmail: sendmail-8.13.4-2
DNS: bind-chroot-9.3.1-14_FC4

I'am able to send mail to YAHOO but the mail is stored in the junk folder.
HOTMAIL and TERRA refused it.

The report from DNSreport shows problems with the smtp greeting test, text included.

WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). This probably won't cause any harm, but is a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server.

mail.giidec.com.mx claims to be invalid hostname '********************************************************************************** ':
220 **********************************************************************************

This the report from the /var/log/messages when DNSreport tried the test.

Dec 14 15:06:10 urraza named[6635]: client 66.36.241.109#16326: query 'version.bind/TXT/CH' denied

Dec 14 15:06:14 urraza named[6635]: lame server resolving '109.241.36.66.ipwhois.rfc-ignorant.org' (in 'ipwhois.rfc-ignorant.org'?): 127.0.0.1#53

Those are the error messages from the /var/log/maillog

Dec 14 14:55:27 urraza sendmail[20833]: jBCNoIea020732: to=<acorrales@iidec.com.mx>, delay=1+21:05:09, xdelay=00:00:00, mailer=esmtp, pri=3160701, relay=mailex1.dp.terra.com.mx., dsn=4.0.0, stat=Deferred: Connection refused by mailex1.dp.terra.com.mx.

Dec 14 14:55:27 urraza sendmail[20833]: jBCI08Ui014547: to=<info@blackbox.com.mx>,<soporte@blackbox.com.mx>, delay=2+02:55:16, xdelay=00:00:00, mailer=esmtp, pri=3670318, relay=blackbox.com.mx. [130.94.227.109], dsn=4.0.0, stat=Deferred: Connection refused by blackbox.com.mx.

If I try a telnet test within the local net I had the right greeting, here it is

$ telnet mail.giidec.com.mx 25
Connected to mail.giidec.com.mx (192.168.1.10).
Escape character is '^]'.
220 urraza.giidec.com.mx ESMTP Sendmail 8.13.4/8.13.4; Thu, 15 Dec 2005 22:53:30 -0600

I was checking in the sendmail documentation and doing google searching to find out how the SMTP greeting is formed or stored and verify it if it has the right access, but it seems to me that it is formed at the time it is requested. I was not able to find the file version.bind which is the file that shows access denied.

I'll appreciate any comments or suggestion to help me to solve this problem.

Best regards,

Alberto

carlmarshall · 12-16-2005, 07:28 AM

Alberto,

I guess this is down to an IP lookup failure between your forward name to IP (A record) translation and your reverse IP to name (PTR record) translation.

I don't seem to be able to resolve an MX record for either of the stated domains:

iidec.com.mx
giidec.com.mx

Are these the actual domains in use?

Carl.

atotomex · 12-16-2005, 10:38 AM

Hi Carl,

Thanks for your time to help me out.

Yes, those are FQDN and their ip address are

iidec.com.max 200.53.64.240
giidec.com.max 200.77.175.23

Also, with DNSreport i was able to check it today.

this is what dig shows me:

# dig +trace geodic.com.mx

; <<>> DiG 9.3.1 <<>> +trace giidec.com.mx
;; global options: printcmd
. 317289 IN NS H.ROOT-SERVERS.NET.
. 317289 IN NS I.ROOT-SERVERS.NET.
. 317289 IN NS J.ROOT-SERVERS.NET.
. 317289 IN NS K.ROOT-SERVERS.NET.
. 317289 IN NS L.ROOT-SERVERS.NET.
. 317289 IN NS M.ROOT-SERVERS.NET.
. 317289 IN NS A.ROOT-SERVERS.NET.
. 317289 IN NS B.ROOT-SERVERS.NET.
. 317289 IN NS C.ROOT-SERVERS.NET.
. 317289 IN NS D.ROOT-SERVERS.NET.
. 317289 IN NS E.ROOT-SERVERS.NET.
. 317289 IN NS F.ROOT-SERVERS.NET.
. 317289 IN NS G.ROOT-SERVERS.NET.
;; Received 436 bytes from 172.16.1.10#53(172.16.1.10) in 1 ms

mx. 172800 IN NS A.NS.mx.
mx. 172800 IN NS B.NS.mx.
mx. 172800 IN NS C.NS.mx.
mx. 172800 IN NS D.NS.mx.
;; Received 162 bytes from 128.63.2.53#53(H.ROOT-SERVERS.NET) in 97 ms

giidec.com.mx. 86400 IN NS ns1.giidec.com.mx.
;; Received 65 bytes from 200.23.1.1#53(A.NS.mx) in 99 ms

giidec.com.mx. 259200 IN A 200.77.175.23
giidec.com.mx. 259200 IN NS ns1.giidec.com.mx.
;; Received 81 bytes from 200.77.175.23#53(ns1.giidec.com.mx) in 71 ms

dig +trace iidec.com.mx

; <<>> DiG 9.3.1 <<>> +trace iidec.com.mx
;; global options: printcmd
. 317255 IN NS G.ROOT-SERVERS.NET.
. 317255 IN NS H.ROOT-SERVERS.NET.
. 317255 IN NS I.ROOT-SERVERS.NET.
. 317255 IN NS J.ROOT-SERVERS.NET.
. 317255 IN NS K.ROOT-SERVERS.NET.
. 317255 IN NS L.ROOT-SERVERS.NET.
. 317255 IN NS M.ROOT-SERVERS.NET.
. 317255 IN NS A.ROOT-SERVERS.NET.
. 317255 IN NS B.ROOT-SERVERS.NET.
. 317255 IN NS C.ROOT-SERVERS.NET.
. 317255 IN NS D.ROOT-SERVERS.NET.
. 317255 IN NS E.ROOT-SERVERS.NET.
. 317255 IN NS F.ROOT-SERVERS.NET.
;; Received 436 bytes from 172.16.1.10#53(172.16.1.10) in 60 ms

mx. 172800 IN NS C.NS.mx.
mx. 172800 IN NS D.NS.mx.
mx. 172800 IN NS A.NS.mx.
mx. 172800 IN NS B.NS.mx.
;; Received 161 bytes from 192.112.36.4#53(G.ROOT-SERVERS.NET) in 260 ms

iidec.com.mx. 86400 IN NS dns1.infosel.net.mx.
iidec.com.mx. 86400 IN NS dns2.infosel.net.mx.
iidec.com.mx. 86400 IN NS dns3.infosel.net.mx.
;; Received 99 bytes from 192.100.224.1#53(C.NS.mx) in 209 ms

iidec.com.mx. 10800 IN A 200.53.64.240
iidec.com.mx. 10800 IN NS dns1.infosel.net.mx.
iidec.com.mx. 10800 IN NS dns2.infosel.net.mx.
iidec.com.mx. 10800 IN NS dns3.infosel.net.mx.
;; Received 163 bytes from 148.246.247.124#53(dns1.infosel.net.mx) in 142 ms

Thanks,

Alberto

carlmarshall · 12-19-2005, 07:50 AM

Alberto,

OK, a little further checking shows:

giidec.com.mx mail is handled by 10 mail.giidec.com.mx

mail.giidec.com.mx. 258972 IN A 200.77.175.23

Yet there is NO reverse lookup for 200.77.175.23!!

You're getting bounced because the receiving mail server can't verify that your mail server is who it claims to be.

Carl.

atotomex · 12-19-2005, 12:07 PM

Hi Carl,

Thanks for you help.

There is a reverse definition in my server, this is what I had.

$TTL 3D
175.77.200.in-addr.arpa. IN SOA giidec.com.mx. root.giidec.com.mx. (
2005102905 ;Serial number
10800 ;Refresh 3H
3600 ;Retry 1H
604800 ;Expire 1W
86400) ;Minimum TTL 1D
IN NS ns1.giidec.com.mx.
23 IN PTR ns1.giidec.com.mx.
23 IN PTR mail.giidec.com.mx.
23 IN PTR www.giidec.com.mx.

But, according to your comments and also in the DNSreport is showing that the reverse for 200.77.175.23 is:

host-200-77-175-23.cablevision.net.mx.

And not ns1.giidec.com.mx or mail.giidec.com.mx as it's supposed to be.

So, in order to overcome this what would you suggest?.

Is there something that I had to request to my cable ISP provider?, I don't know what I should request.

Looking forward for your response.

Regards,

Alberto

carlmarshall · 12-20-2005, 03:01 AM

Alberto,

You've answered your own question. Sorry I couldn't get a PTR from here (I think that it timed out). Having your own in-addr.arpa zone is no use unless the root servers know where to get it from, so you'll need your ISP to create the PTR record correctly.

Carl.

atotomex · 12-20-2005, 04:38 PM

Hi Carl,

Thanks a lot for your time and interest in helping me.

I couldn't figured it out if you haven't shared me your suggestions.

I already talked to mi cable provider and they provided me their SMTP server name to relay my mails, now I'am able to send mail without problem and also I'm requesting them a permanent solution when a reverse lookup is done to the IP I had assigned it'll show my server information.

Best regards.

Alberto