[Mailman-Users] Unknown user- what am I missing?
Zain Memon
hellbender at gmail.com
Thu Dec 2 07:02:55 CET 2004
Thanks for the detailed info. I figured MXes were something like that.
I ran the same command as you did, dig speakeasy.net. mx, and I got an
output similar to yours. Still, I'm getting the same message in my
maillog... Speakeasy.net is bouncing.
If it was being bounced back by Speakeasy servers since the email
isn't right, I would expect the maillog entry to at least have a
speakeasy relay.
I know for sure that the speakeasy email address is correct. I can get
regular email on it.
Since this is a production server, I can't really have some addresses
that don't work; what can I do to get mail through to speakeasy?
On Wed, 1 Dec 2004 10:58:20 +0100, Brad Knowles
<brad at stop.mail-abuse.org> wrote:
> At 6:48 PM -0800 2004-11-30, Zain Memon wrote:
>
> > The log entry for the speakeasy one looks like this:
> > to=<....speakeasy.net>, relay=virtual, delay=0, status=bounced
> > (unknown user: "....speakeasy.net")
>
> This means that the e-mail address is not valid. Either that, or
> the speakeasy.net mail servers are screwed up and rejecting messages
> that they should be accepting. Either way, this isn't your problem.
>
> > Now I think I'm missing some critical concept here. How did my mail
> > server know what the gmail relay was? And why doesn't it know the
> > relay for speakeasy?
>
> Mail servers for a given domain are advertised in the DNS using a
> mechanism called "MX Resource Records", sometimes known as "MX RRs"
> or just plain "MXes". In theory, every server or domain that is
> supposed to accept mail should have advertised MXes in their DNS. If
> you want to go to their web pages, you look up www.gmail.com in the
> DNS (or whatever their webserver name is), if you want to send them
> mail, you look up their MXes.
>
> Here's what the mail servers look like for gmail.com:
>
> % dig gmail.com. mx
>
> ; <<>> DiG 9.2.2 <<>> gmail.com. mx
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30055
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 7
>
> ;; QUESTION SECTION:
> ;gmail.com. IN MX
>
> ;; ANSWER SECTION:
> gmail.com. 2633 IN MX 20 gsmtp57.google.com.
> gmail.com. 2633 IN MX 10 gsmtp171.google.com.
> gmail.com. 2633 IN MX 10 gsmtp185.google.com.
>
> ;; AUTHORITY SECTION:
> gmail.com. 10750 IN NS ns1.google.com.
> gmail.com. 10750 IN NS ns2.google.com.
> gmail.com. 10750 IN NS ns3.google.com.
> gmail.com. 10750 IN NS ns4.google.com.
>
> ;; ADDITIONAL SECTION:
> gsmtp57.google.com. 1848 IN A 216.239.57.27
> gsmtp171.google.com. 1663 IN A 64.233.171.27
> gsmtp185.google.com. 6233 IN A 64.233.185.27
> ns1.google.com. 181084 IN A 216.239.32.10
> ns2.google.com. 8284 IN A 216.239.34.10
> ns3.google.com. 181084 IN A 216.239.36.10
> ns4.google.com. 181084 IN A 216.239.38.10
>
> ;; Query time: 228 msec
> ;; WHEN: Wed Dec 1 10:45:35 2004
> ;; MSG SIZE rcvd: 292
>
> This says that gmail.com has two advertised primary MXes
> (gsmtp171.google.com and gsmtp185.google.com, each with a "cost" of
> 10), one secondary MX (gsmtp57.google.com with a cost of 20), four
> advertised nameservers, and then for convenience they also go ahead
> and give you the IP addresses for each of the machines.
>
> If you were to try to send e-mail to gmail.com, your server
> should do the same type of DNS query, and assuming it got back the
> same answer, then it should try to contact either gsmtp171 or
> gsmtp185, and it should randomly choose which one to try first. If
> it failed to contact either of the primary MXes, then it should fall
> back to the secondary.
>
> The integer numbers between the host/domain name and "IN" is the
> "Time To Live", a.k.a., the TTL. This basically says how long the
> nameserver should cache this information before it re-queries from
> the appropriate nameservers for gmail.com/google.com. Note that the
> MX records shown have a low TTL of 2633 seconds (43 minutes and 53
> seconds), while the NS records have a higher TTL of 10750 seconds (2
> hours, 59 minutes, 10 seconds), and there are a wide range of TTLs
> for the various IP addresses. Some domains choose to have low TTLs
> for their advertised MXes as a crude way of "load balancing" across a
> large number of machines.
>
> Now, here's the MX records for speakeasy.net:
>
> % dig speakeasy.net. mx
>
> ; <<>> DiG 9.2.2 <<>> speakeasy.net. mx
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10978
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 3
>
> ;; QUESTION SECTION:
> ;speakeasy.net. IN MX
>
> ;; ANSWER SECTION:
> speakeasy.net. 3600 IN MX 5 mx01.speakeasy.net.
> speakeasy.net. 3600 IN MX 5 mx02.speakeasy.net.
>
> ;; AUTHORITY SECTION:
> speakeasy.net. 1344 IN NS ns-noc.speakeasy.net.
> speakeasy.net. 1344 IN NS ns-sea.speakeasy.net.
>
> ;; ADDITIONAL SECTION:
> mx01.speakeasy.net. 1344 IN A 216.254.0.195
> ns-noc.speakeasy.net. 7922 IN A 216.254.0.173
> ns-sea.speakeasy.net. 7922 IN A 66.93.87.8
>
> ;; Query time: 212 msec
> ;; WHEN: Wed Dec 1 10:56:38 2004
> ;; MSG SIZE rcvd: 176
>
> Summary: two mail servers of equal cost (mx01 and mx02), two
> nameservers (ns-noc and ns-sea), but the system currently only knows
> the IP addresses of three of these machines. If it wanted to talk to
> the fourth one, it would have to do another DNS query to get that
> information.
>
> --
> Brad Knowles, <brad at stop.mail-abuse.org>
>
> "Those who would give up essential Liberty, to purchase a little
> temporary Safety, deserve neither Liberty nor Safety."
>
> -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
> Assembly to the Governor, November 11, 1755
>
> SAGE member since 1995. See <http://www.sage.org/> for more info.
>
More information about the Mailman-Users
mailing list