We recently added a new domain and had the MX record on an external DNS. We had three users successfully receiving e-mail on Exchange 2010 via EFA. We recently switched the domain to our local DNS and our entire company to the new domain to receive e-mails. We accidentally found that for 24 hours we had not received e-mails, but luckily EFA somehow cached the e-mails. We tested by telnet and it said domain rejected; I don't remember exactly what it said.
We fixed this by adding an MX record for new domain on our internal DNS. Before we made the change, we used mxtoolbox to ensure our public DNS MX record was correct. Which it was, it pointed to EFA. Is this a bug with Postfix or does EFA look to the internal DNS for the MX record and never look for local/public DNS for the domain?
Domain Reject DNS Bug?
-
shawniverson
- Posts: 3783
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: Domain Reject DNS Bug?
EFA should look at whichever DNS server it is configured to look at.
Currently, this is handled in dnsmasq, but that is about to change in the next update to Unbound to fix RBL lookup problems.
/etc/resolv.dnsmasq
You need [ ] in your postfix transport tables, etc. if you want to force postfix not to try to lookup a host MX record...
Currently, this is handled in dnsmasq, but that is about to change in the next update to Unbound to fix RBL lookup problems.
/etc/resolv.dnsmasq
You need [ ] in your postfix transport tables, etc. if you want to force postfix not to try to lookup a host MX record...
Code: Select all
example.com :[gateway.example.com]
.example.com :[gateway.example.com]Re: Domain Reject DNS Bug?
Postfix transport:
newdomain.com smtp:[internal IP]
It was inbound e-mail that was not working.
When we had the newdomain hosted externally, all was well.
Then, we moved newdomain to an internal DNS server and we could not receive inbound messages.
By adding the MX record to our internal DNS inbound messages came in just fine. But, the MX record pointed to the EFA box.
newdomain.com smtp:[internal IP]
It was inbound e-mail that was not working.
When we had the newdomain hosted externally, all was well.
Then, we moved newdomain to an internal DNS server and we could not receive inbound messages.
By adding the MX record to our internal DNS inbound messages came in just fine. But, the MX record pointed to the EFA box.
-
shawniverson
- Posts: 3783
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: Domain Reject DNS Bug?
If you are hosting your own DNS, even though it is internal, that makes sense actually. The rest of the world still needs to be able to locate your EFA via an MX record resolving via your DNS.
Re: Domain Reject DNS Bug?
I would agree that makes sense. However, before we made the fix, mxtoolbox detected the correct MX record which points to EFA. One would think if EFA couldn't find MX record internally, it would then search externally, instead of just giving up? Maybe not...hmm.
-
shawniverson
- Posts: 3783
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: Domain Reject DNS Bug?
Not if your internal DNS server is authoritative for your domain. It will just reply I dunno and won't recurse any further.
Without a deeper understanding of how your postfix is configured, I am not sure why EFA would even need to see the MX at all.
Without a deeper understanding of how your postfix is configured, I am not sure why EFA would even need to see the MX at all.