[OT]RE: [Dshield] SMTP DNS record question

Samantha Fetter sama at snowplow.org
Mon Jan 12 19:53:57 GMT 2004


I know of other domains that have both/all MX servers listed with a
preference of 10, and they work just fine.  I would guess it would do a
round robin.

In this case, perhaps the kraken is the server for incoming, and the other
3 are normally for outbound, but are there as backups in case kraken goes
down (since I don't see the preference changing).

I'm not sure that I agree that it needs changing.

Out of curiosity I did a "dig yahoo.com mx" and they have 3 servers
currently advertised.  One with a preference of 5, the other 2 with a
preference of 1.  I don't see that one changing, either.

did the same to hotmail.com - they list 4 as currently active, and all of
them have a preference of 5.  Clearly they work.

Just some more info.

Hope it was helpful or interesting to someone :)

Cheers,
Samantha

On Mon, 12 Jan 2004, Rick Klinge wrote:

> Well they are suppose to have different preferance but they also have a hard
> preference of "0" too:
>
> vdh.state.vt.us. MX IN 86400 mx0.state.vt.us. [Preference = 10]
> vdh.state.vt.us. MX IN 86400 mx1.state.vt.us. [Preference = 10]
> vdh.state.vt.us. MX IN 86400 mx2.state.vt.us. [Preference = 10]
>
> vdh.state.vt.us. MX IN 86400 kraken.vdh.state.vt.us. [Preference = 0]
>
> state.vt.us. NS IN 86400  ns1.state.vt.us.
> state.vt.us. NS IN 86400 ns2.state.vt.us.
>
> kraken.vdh.state.vt.us. A IN 86400 159.105.134.230
> mx0.state.vt.us. A IN 86400 159.105.23.194
> mx1.state.vt.us. A IN 86400 159.105.23.130
> mx2.state.vt.us. A IN 86400 170.222.64.130
> ns1.state.vt.us. A IN 86400 159.105.23.130
> ns2.state.vt.us. A IN 86400 170.222.64.130
>
> So it would appear that all the mail would 1st answer to the
> (kraken.vdh.state.vt.us email server 1st) then the others if this one is
> down. Looks like perhaps they are trying to setup a round-robin type of
> email farms via dns.. But the preference needs changed.. Ie 0,10,20,30 etc..
>
>
> Definitely needs touched.
>
> Hth,
>
> ~Rick
>
>
> > -----Original Message-----
> > From: list-bounces at dshield.org
> > [mailto:list-bounces at dshield.org] On Behalf Of David Hart
> > Sent: Monday, January 12, 2004 11:48 AM - FamHost
> > To: General DShield Discussion List
> > Subject: RE: [Dshield] SMTP DNS record question
> >
> >
> > On Mon, 2004-01-12 at 12:07, Richard Roy wrote:
> > > That isn't the customer.  Sorry, that is the place I did the querry
> > > instead.
> > > If that was unclear I am sorry.
> > > The domain was vdh.state.vt.us
> > > Which returns:
> >
> >
> > Well I can connect to the mail server via all three mx records:
> >
> > vdh.state.vt.us.        86400   IN      MX      10 mx2.state.vt.us.
> > vdh.state.vt.us.        86400   IN      MX      10 mx0.state.vt.us.
> > vdh.state.vt.us.        86400   IN      MX      10 mx1.state.vt.us.
> > mx0.state.vt.us.        86400   IN      A       159.105.23.194
> > mx1.state.vt.us.        86400   IN      A       159.105.23.130
> > mx2.state.vt.us.        86400   IN      A       170.222.64.130
> >
> > >
> > > Domain Type Class TTL Answer vdh.state.vt.us. MX IN 86400
> > > mx1.state.vt.us. [Preference = 10] vdh.state.vt.us. MX IN 86400
> > > mx2.state.vt.us. [Preference = 10] vdh.state.vt.us. MX IN 86400
> > > kraken.vdh.state.vt.us. [Preference = 0] vdh.state.vt.us.
> > MX IN 86400
> > > mx0.state.vt.us. [Preference = 10] state.vt.us. NS IN 86400
> > > ns2.state.vt.us. state.vt.us. NS IN 86400 ns1.state.vt.us.
> > > kraken.vdh.state.vt.us. A IN 86400 159.105.134.230
> > mx0.state.vt.us. A IN
> > > 86400 159.105.23.194 mx1.state.vt.us. A IN 86400 159.105.23.130
> > > mx2.state.vt.us. A IN 86400 170.222.64.130 ns1.state.vt.us.
> > A IN 86400
> > > 159.105.23.130 ns2.state.vt.us. A IN 86400 170.222.64.130
> > >
> > >
> > > As I said, 3 separate MX records all with the same preference.  I
> > > thought it was odd and might be part of the problem, I'll
> > admit I could
> > > be way off base, but I thought that multiple MX records had to have
> > > different preferences.
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: list-bounces at dshield.org [mailto:list-bounces at dshield.org] On
> > > Behalf Of David Hart
> > > Sent: Monday, January 12, 2004 9:58 AM
> > > To: General DShield Discussion List
> > > Subject: Re: [Dshield] SMTP DNS record question
> > >
> > >
> > > On Mon, 2004-01-12 at 11:42, Richard Roy wrote:
> > > > I am working to debug why I am having difficulties sending to a
> > > > customer email.  I have implemented a new firewall, and
> > spam blocker,
> > > > and have yet to be able to point to either as the root of
> > the problem.
> > >
> > > > So for grins, I went to www.dnsstuff.com and did a querry
> > on them.
> > > > They have 3 MX records, MX0, MX1, MX2 all with different
> > hosts and IP
> > > > addresses.
> > >
> > > I show just one MX (mail.dnsstuff.com) which, in turn, is
> > handled by a
> > > spam handler, declude.com which, in turn, uses imail, which
> > in turn is
> > > one terrible MTA which, in turn, is probably the problem ;-)
> > >                                ---------
> > >             Quality Management - A Commitment to Excellence
> > >
> > > _______________________________________________
> > > list mailing list
> > > list at dshield.org
> > > To change your subscription options (or unsubscribe), see:
> > http://www.dshield.org/mailman/listinfo/list
> >
> >               ---------
> >             Quality Management - A Commitment to Excellence
> >
>
> ___________________________________________________________________
> Virus Scanned and Filtered by http://www.FamHost.com E-Mail System.
>
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
>




More information about the list mailing list