Having problems with my DNS (mail specifically) - Need Help!

[Marvin Miller]

Hi Folks;

I'm having problems with my DNS setup and was wondering if someone can
review it for me to see if I'm doing anything wrong.

My DNS looks like this;

(same as parent folder) Start of Authority
ns1.askmarvin.ca., admin.askmarvin.ca
(same as parent folder) Name Server
ns1.askmarvin.ca
(same as parent folder) Alias
ns1.askmarvin.ca
ftp Alias
ns1.askmarvin.ca
ns1 Host
70.66.128.232
www Alias
ns1.askmarvin.ca

As it stands I'm having a problem adding a mail record. When I try it
doesn't like it because there is an A address already.
Microsoft KB 172953 says to add an MX record and leave the hostname blank.
They say this is the best way to get incoming
email to arrive. When I do that it coughs on the existing empty A record.

What's the best way to set this up? Previously I've tried removing the empty
A record and adding the blank hostname Mail Exchanger
record but mail still doesn't come in. I'm doing something wrong and if
anyone knows the best way to set this up I'd like to hear from them

 

[Ace Fekay [MVP]]

In

Hi Folks;

I'm having problems with my DNS setup and was wondering if someone can
review it for me to see if I'm doing anything wrong.

My DNS looks like this;

(same as parent folder) SOA ns1.askmarvin.ca., admin.askmarvin.ca
(same as parent folder) NS ns1.askmarvin.ca
(same as parent folder) Alias ns1.askmarvin.ca
ftp Alias ns1.askmarvin.ca
ns1 Host 70.66.128.232
www Alias ns1.askmarvin.ca

As it stands I'm having a problem adding a mail record. When I try it
doesn't like it because there is an A address already.
Microsoft KB 172953 says to add an MX record and leave the hostname
blank. They say this is the best way to get incoming
email to arrive. When I do that it coughs on the existing empty A
record.

What's the best way to set this up? Previously I've tried removing
the empty A record and adding the blank hostname Mail Exchanger
record but mail still doesn't come in. I'm doing something wrong and
if anyone knows the best way to set this up I'd like to hear from
them

If it 'coughs', just say yes to create it. DNS on 2000 does that. Just
ignore it and continue. Of course the mail A record will need to exist to
point the MX to it.

Also in your case, you really don't need Aliases, but rather just create
Host records for each of those. It reduces the lookup to one step. Besides,
for the www record, it negates using hostheaders in IIS.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

If this post is viewed at a non-Microsoft community website, and you were to
respond to it through that community's website, I may not see your reply
unless that website posts replies back to the original Microsoft forum.
Therefore, please direct all replies ONLY to the Microsoft public newsgroup
this thread originated in so all can benefit or ensure the web community
posts it back to the original forum.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Windows Server Directory Services
Microsoft Certified Trainer
Infinite Diversities in Infinite Combinations.
=================================

 

[Marvin Miller]

"Ace Fekay [MVP]"

In Marvin Miller <[email protected]> made this post, which I then commented
about below:

If it 'coughs', just say yes to create it. DNS on 2000 does that. Just
ignore it and continue. Of course the mail A record will need to exist to
point the MX to it.

Also in your case, you really don't need Aliases, but rather just create
Host records for each of those. It reduces the lookup to one step. Besides,
for the www record, it negates using hostheaders in IIS.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

If this post is viewed at a non-Microsoft community website, and you were to
respond to it through that community's website, I may not see your reply
unless that website posts replies back to the original Microsoft forum.
Therefore, please direct all replies ONLY to the Microsoft public newsgroup
this thread originated in so all can benefit or ensure the web community
posts it back to the original forum.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Windows Server Directory Services
Microsoft Certified Trainer
Infinite Diversities in Infinite Combinations.
=================================

Thanks Ace!

I think I'm closer because I followed your advice. Can you take a look at
the new
configuration and tell me what I'm missing? I suspect the mail is still not
coming in
and that it's related to my DNS settings? I don't know much about DNS
so your experience is appreciated

(same as parent folder) SOA ns1.askmarvin.ca.,
admin.askmarvin.ca
(same as parent folder) NS ns1.askmarvin.ca
(same as parent folder) Mail Exchanger [10] ns1.askmarvin.ca
ftp Host 70.66.128.232
ns1 Host 70.66.128.232
www Host 70.66.128.232

 

[Ace Fekay [MVP]]

In

Thanks Ace!

I think I'm closer because I followed your advice. Can you take a
look at the new
configuration and tell me what I'm missing? I suspect the mail is
still not coming in
and that it's related to my DNS settings? I don't know much about DNS
so your experience is appreciated

(same as parent folder) SOA ns1.askmarvin.ca.,
admin.askmarvin.ca
(same as parent folder) NS ns1.askmarvin.ca
(same as parent folder) Mail Exchanger [10] ns1.askmarvin.ca
ftp Host
70.66.128.232 ns1 Host
70.66.128.232
www Host 70.66.128.232

The entries appear correct.

I checked with nslookup to see if the MX entry is correct, and it appears to
be for askmarvin.ca.

set q=mx
askmarvin.ca

Server: london.nwtraders.msft
Address: 192.168.5.200

askmarvin.ca MX preference = 10, mail exchanger = ns1.askmarvin.ca
ns1.askmarvin.ca internet address = 70.66.128.232
As for not receiving mail, are you using Exchange or another email product?
If Exchange, did you set the Recipient policy for Exchange to be authorative
for receiving mail for askmarvin.ca?

It maybe that your Internet provider is cable, which most cable companies do
not allow inbound SMTP on port 25 to stop residential subscribers from
running email systems.

Ace

 

[Kevin D. Goodknecht Sr. [MVP]]

"Ace Fekay [MVP]"

In

If it 'coughs', just say yes to create it. DNS on 2000 does that.
Just ignore it and continue. Of course the mail A record will need
to exist to point the MX to it.

Also in your case, you really don't need Aliases, but rather just
create Host records for each of those. It reduces the lookup to one
step. Besides, for the www record, it negates using hostheaders in
IIS.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

If this post is viewed at a non-Microsoft community website, and you
were to respond to it through that community's website, I may not
see your reply unless that website posts replies back to the
original Microsoft forum. Therefore, please direct all replies ONLY
to the Microsoft public newsgroup this thread originated in so all
can benefit or ensure the web community posts it back to the
original forum.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Windows Server Directory Services
Microsoft Certified Trainer
Infinite Diversities in Infinite Combinations.
=================================

Thanks Ace!

I think I'm closer because I followed your advice. Can you take a
look at the new
configuration and tell me what I'm missing? I suspect the mail is
still not coming in
and that it's related to my DNS settings? I don't know much about DNS
so your experience is appreciated

(same as parent folder) SOA ns1.askmarvin.ca.,
admin.askmarvin.ca
(same as parent folder) NS ns1.askmarvin.ca
(same as parent folder) Mail Exchanger [10] ns1.askmarvin.ca
ftp Host
70.66.128.232 ns1 Host
70.66.128.232
www Host 70.66.128.232

You are missing the NS record for you other name server. which isn't
answering either. Take a look at this and fix the problems in the report.
http://www.dnsreport.com/tools/dnsreport.ch?domain=askmarvin.ca

 

[Marvin Miller]

"Ace Fekay [MVP]"

In Marvin Miller <[email protected]> made this post, which I then commented
about below:

Thanks Ace!

I think I'm closer because I followed your advice. Can you take a
look at the new
configuration and tell me what I'm missing? I suspect the mail is
still not coming in
and that it's related to my DNS settings? I don't know much about DNS
so your experience is appreciated

(same as parent folder) SOA ns1.askmarvin.ca.,
admin.askmarvin.ca
(same as parent folder) NS ns1.askmarvin.ca
(same as parent folder) Mail Exchanger [10] ns1.askmarvin.ca
ftp Host
70.66.128.232 ns1 Host
70.66.128.232
www Host 70.66.128.232

The entries appear correct.

I checked with nslookup to see if the MX entry is correct, and it appears to
be for askmarvin.ca.

set q=mx
askmarvin.ca

Server: london.nwtraders.msft
Address: 192.168.5.200

askmarvin.ca MX preference = 10, mail exchanger = ns1.askmarvin.ca
ns1.askmarvin.ca internet address = 70.66.128.232
As for not receiving mail, are you using Exchange or another email product?
If Exchange, did you set the Recipient policy for Exchange to be authorative
for receiving mail for askmarvin.ca?

It maybe that your Internet provider is cable, which most cable companies do
not allow inbound SMTP on port 25 to stop residential subscribers from
running email systems.

Ace

Hi Ace;

Thanks very much for replying and for manually checking it for me. I am
using IIS 5.0's SMTP service and my understanding is that it's supposed to
take all incoming email and drop it to a directory (Drop).
Any mail going to my domain doesn't arrive though... Outgoing mail is
fine.

On the connection side, I have a business package with my ISP and it's
intended use is for running websites, mail servers etc.

But at least I know that my DNS is OK. That alone is worth a lot to me and I
guess I'll have to concentrate on the SMTP side of IIS 5.0 - although it
seems to be pretty straightforward....

Best & Thanks;
Marvin

 

[Ace Fekay [MVP]]

In

You are missing the NS record for you other name server. which isn't
answering either. Take a look at this and fix the problems in the
report.
http://www.dnsreport.com/tools/dnsreport.ch?domain=askmarvin.ca

I never checked that Kevin. So I just tried nslookup to use 70.66.128.238
and it's not responding. That could account for why mail may not be coming
in.

But I feel it may be because it's a cable company.

For Marvin:
SMTP does receive and put it in the drop box.
Is there another nameserver at 70.66.128.238?
Does your cable company allow you to receive mail?
Your reverse record points to your cable company name. If sending out mail,
many anti-spam utilities will block cable company residential subscriber's
IP blocks for incoming mail.

Ace

 

[Marvin Miller]

"Ace Fekay [MVP]"

In Kevin D. Goodknecht Sr. [MVP] <[email protected]> made this post, which I
then commented about below:

I never checked that Kevin. So I just tried nslookup to use 70.66.128.238
and it's not responding. That could account for why mail may not be coming
in.

But I feel it may be because it's a cable company.

For Marvin:
SMTP does receive and put it in the drop box.
Is there another nameserver at 70.66.128.238?
Does your cable company allow you to receive mail?
Your reverse record points to your cable company name. If sending out mail,
many anti-spam utilities will block cable company residential subscriber's
IP blocks for incoming mail.

Ace

Wow that's a powerful tool! Thanks for the link!!!

Right now I don't have a secondary DNS server. I realize this is not the way
to fly but I do have another server coming up from the US (I just bought
one). So for right now, I'm just trying to get incoming mail working.

Update, I just got off the phone with my ISP and they confirmed that they
are not blocking any ports and that there's nothing on their end that will
stop SMTP mail from coming in. I have a fully open connection to the
Internet - no blocks whatsoever. I don't know what I can do about my reverse
record pointing to my ISP. I've been on this connection for about a week
with no problems sending mail to all sorts of domains worldwide.

I just can't seem to receive anything to the askmarvin.ca domain. Pretty odd
huh?

Thanks!
Marvin

 

[Marvin Miller]

"Ace Fekay [MVP]"
which
Wow that's a powerful tool! Thanks for the link!!!

Right now I don't have a secondary DNS server. I realize this is not the way
to fly but I do have another server coming up from the US (I just bought
one). So for right now, I'm just trying to get incoming mail working.

Update, I just got off the phone with my ISP and they confirmed that they
are not blocking any ports and that there's nothing on their end that will
stop SMTP mail from coming in. I have a fully open connection to the
Internet - no blocks whatsoever. I don't know what I can do about my reverse
record pointing to my ISP. I've been on this connection for about a week
with no problems sending mail to all sorts of domains worldwide.

I just can't seem to receive anything to the askmarvin.ca domain. Pretty odd
huh?

Thanks!
Marvin

Aha! I got it Boy do I feel dumb, I had blocked all servers from
accessing the SMTP mail server except for two IP addresses belonging to
myself. I did this thinking it would lock down my server to stop spammers -
it does, but I seem to have confused the Allow Relay options with the Block
Access options (I had them both locked down).

There's good news though - that link you posted for checking the DNS server
has enabled me to make my DNS server 100% correct (with the exception of the
secondary server - coming soon).

Thanks guys - I appreciate the help and apologize for it being a Non-DNS
issue (even though a bunch of DNS issues were corrected).

Best & Thanks;
Marvin

 

[Ace Fekay [MVP]]

In

Aha! I got it Boy do I feel dumb, I had blocked all servers from
accessing the SMTP mail server except for two IP addresses belonging
to myself. I did this thinking it would lock down my server to stop
spammers - it does, but I seem to have confused the Allow Relay
options with the Block Access options (I had them both locked down).

There's good news though - that link you posted for checking the DNS
server has enabled me to make my DNS server 100% correct (with the
exception of the secondary server - coming soon).

Thanks guys - I appreciate the help and apologize for it being a
Non-DNS issue (even though a bunch of DNS issues were corrected).

Best & Thanks;
Marvin

No prob Marvin. Good luck with everything!

Ace