Server/mail/naming setup theory

Derek Doucette derek at derek.homeunix.org
Tue Apr 13 22:52:01 EDT 2004 

OK, I'll see if I can give you some more info...I haven't had a chance
to try anything though as the Bruins are about to go into double
overtime...:)

On Tue, 2004-04-13 at 19:06, bscott at ntisys.com wrote:
> On Tue, 13 Apr 2004, at 2:03pm, derek at derek.homeunix.org wrote:
> > I ... found out that my mail was blocked from here and I could not hit the
> > web page. This turned out to be due to dns issues.
> 
>   Could you explain this in a little more detail, please?  What were the DNS
> issues?
>From work if I try to hit my web page by going to
http://derek.homeunix.org, it times out, the new domain that I recently
registered www.deucedaily.org, hits zoneedit, and is forwarded to
ww2.deucedaily.org:8080.  Accessing the page this way, or by IP works. 
Mailing to aol accounts bounces back with error: server refused mail
service.  By emailing from my aol account to derek at derek.homeunix.org, I
get a timeout, which is the same as not being able to hit my site, (ok,
I can't hide it anymore, I'm working for AOL).  If I email from my aol
account to derek at deucedaily.org, it gets through.  This is all leading
me to be a dns setup on the aol servers issue.


>   Assuming you do mean that domain... I see that you're using Adelphia.  

yes I am, yes I know,I am pretty limited in my options, and I think I
have the only active e-mail address on this server, so not including the
list, I probably get 5-10 e-mails a day, I've been up since January with
no issues yet.  My website also generates a very low volume of traffic,
so I know the risks, but am still taking my chances

> 
>   End of lecture.
Thank you :)

...

>   I presume this is the kind of thing where someone who goes to
> 
>  	http://www.example.org
> 
> gets sent to a server run by a third-party.  The third-party server then
> issues an HTTP redirect (or sometimes an HTML frameset) to a URL like
> 
> 	http://derek.homeunix.org:8080/
> 
> The end result being your web server running on a non-standard port is still 
> generally reachable.

yes, except its www.deucedaily.org hits ww2.deucedaily.org:8080


>   If that is the case, you should be aware that this generally *only* works
> for HTTP (web servers).  Most protocols -- notably, SMTP -- have no
> provisions for redirecting to non-standard connections.  This means that
> if/when Adelphia starts blocking TCP port 25, your email will die instantly.

I am aware of this, port 25 is not blocked as I do get most mail, its
mainly from aol I get rejected, and my grandmother is just itching to
talk to me for free :)

>   Trying to host email on a dynamic IP address will lead to problems.  The
> principles behind SMTP assume a well-connected, stationary host.  There's
> nothing that says you cannot have a dynamic MX, but things just don't work
> as well.  So some problems are to be expected.

I have had the same IP since I've been here, even though it is
considered dynamic, I'll cross that bridge when I get to it.

> 
>   In addition to the problems inherent in trying to hit a moving target, we
> have the following value-added difficulties:
> 
>   You are using DNS records with a low TTL (60 seconds) to try and work
> around the fact that you have a dynamic IP address.  Some systems ignore
> TTLs of such small values (typically, anything less then a day or an hour
> gets ignored).  This means that, when your IP address changes, some systems
> will not catch on immediately.  AOL falls into this category.

good to know, again not so relevant as the IP is pretty much static,
well I think at least.  Tell me if I'm wrong

> 
>   Some operators have configured their mail exchangers to reject mail coming
> from dynamic IP addresses.  They use blacklists of netblocks known to be
> used by dynamic providers (such as Adelphia).  You will be unable to
> exchange mail with these systems.  AOL falls into this category.

This could be, but like I said, I can get mail from aol account to
deucedaily.org account, its just the derek.homeunix.org ones that fail.

> 
>   Some operators have configured their mail exchangers to do reverse DNS
> lookups.  This means they take the address your own MX is connecting from,
> and do a reverse DNS lookup on it.  If they do not get a response, they
> refuse your mail.  Your current address (68.235.175.211 as I write this)  
> does reverse properly, but if that does not always occur, you may lose mail.

This is what the problem is I believe, so I think I want to change the
configuration of postfix to accept mail going to derek at deucedaily.org.

> 
>   Another note: You have no MX record for <derek.homeunix.org>.  Now, the
> standards very clearly state that, in the absence of an MX record, a mail
> exchanger should try looking for an A record, and connect to any address
> found, as if an MX record existed and resolved to that address.  However,
> there is some broken software in the world that only recognizes MX records.
> So you may want to add
> 
> 	derek.homeunix.org.	MX	10 derek.homeunix.org.
> 
> to your DNS zone, even though it is technically redundant.

Again, useful info, and why I'm looking to you guys for help, I think
this is the main stuff I'm looking for, that and some specifics on
postfix setup, I'm still somewhat a newbie in this area.

> 
> > I am looking into getting off of the old domain name ...
> 
>   Could you please provide the actual domain name(s) in question?  It makes
> things a lot easier if we can just run tests directly, rather then trying to
> guess.

I think you have gotten it by now, but for those who didnt:
old domain: derek.homeunix.org
new domain: deucedaily.org


> 
>   Running a private DNS zone is useful if you want all the computers on a
> private network to be able to find each other by name, and you don't want
> the hassle of keeping /etc/hosts files current on all the computers.

So since I have just a few hosts it probably doesn't matter, short of
gaining some experience.

Thanks for the help, I know the first e-mail came across crappy, but I
was using mail from the CL, and copy and pasting this from a post I made
on a web forum which turned up nothing, sorry about that.

With that hopefully I've given you some more help and now the B's will
win :)
-- 
--

Derek Doucette
www.deucedaily.org

More information about the gnhlug-discuss mailing list