1

Getting some random bouncebacks on e-mail processed through an IIS6 SMTP service acting as a smart host (outbound mail gateway).

Configuration example... For domain example.com we there is a Root A record set to 1.1.1.1, a www A record set to 1.1.1.1, and a single MX record set to mail.thirdpartyhostingcompany.com. Nothing else. An e-mail is sent to user@example.com...

Normal behavior would of course be looking up mail.thirdpartyhostingcompany.com and sending mail to that server, but here's the weird part... In the logs we are getting OutboundConnectionResponse log entries listing 1.1.1.1 as the mail server IP address.

This behavior is random, and re-sending the message usually causes it to be delivered to the proper place with no issue.

Does IIS6 SMTP fallback to a domain root A record in a certain scenario? Why would this behavior occur?

Brandon
  • 2,817
  • 1
  • 24
  • 28
  • Just so I understand, you're saing that `mail.thirdpartyhostingcompany.com` should resolve to 2.2.2.2, but instead it's resolving to 1.1.1.1 (which happens to be the IP of a related A record)? – Coding Gorilla Sep 22 '11 at 18:31
  • Correct, we are seeing 1.1.1.1 in the logs (pointing to example.com's website servers) instead of 2.2.2.2, `mail.thirdpartyhostingcompany.com`, almost like SMTP service is saying "hey, I'm gonna ignore this MX record and maybe just take a shot at connecting to the root A record instead!" – Brandon Sep 22 '11 at 18:33
  • Have you tried resolving the MX record multiple times (using something like NSLOOKUP or DIG) to see if you can get it to resolve to 1.1.1.1, you might need to query the authoritative DNS server to make sure you're not repeatedly hitting a cached result. No mail server should ever attempt to send email to an A record, that's not how email works, so it doesn't make much sense. – Coding Gorilla Sep 22 '11 at 18:36
  • @Coding Gorilla: Actually, that's exactly how email works. In the absence of an MX, look for an A, and send email there. – joeqwerty Sep 22 '11 at 18:59
  • The only case (that I know of) where fallback to A occurs is in the absence of an MX. In all other cases an error should be returned or the email should be queued (dependent on the exact condition encountered). – joeqwerty Sep 22 '11 at 19:01
  • @Coding Gorilla: BTW (off topic) I see you're in Sylvanio OH (don't know where that is), I'm in Cleveland so it's nice to see a fellow Ohioan here (besides Evan Anderson) ;) – joeqwerty Sep 22 '11 at 19:03
  • @joeqwerty You are correct, I guess I was thinking in terms that there is already an MX record so it shouldn't behave that way. That's why I suggesting testing to see if he could make another DNS client behave the same way. – Coding Gorilla Sep 22 '11 at 19:04
  • @joeqwerty Sylvania is a suburb or Toledo. =) – Coding Gorilla Sep 22 '11 at 19:04
  • @Coding Gorilla: Corporal Klinger and Tony Packo's then... – joeqwerty Sep 22 '11 at 19:07

1 Answers1

2

That sounds like a DNS problem to me. If an MTA is unable to find an MX record for the domain it will fallback to the A record for the domain.

This might be hard to track down if it's occurring randomly but you can try using the smtpdiag tool when it's occurring to see if it gives you any clues.

joeqwerty
  • 109,901
  • 6
  • 81
  • 172
  • It's actually supposed to fall back to an A record? Seriously? Totally didn't know that... – Brandon Sep 22 '11 at 18:39
  • @routeNpingme Yes. Described in [RFC 5321](http://tools.ietf.org/html/rfc5321#section-5.1) section 5.1 paragraph 2. – mailq Sep 22 '11 at 19:03
  • RFC 2821 decribes the fallback to A. RFC 5321 obsoletes RFC 2821 but doesn't invalidate the fallback to A (at least in my interpretion). In fact, an MX record isn't even required. An MX record is used when you want to direct email to a particular host. In the absence of an MX record, fallback to A is used. The reason MX records are used is because the A record usually points to a web server and email needs to be directed to a host other than the web server, which is the usual set up these days. Web server = 1.1.1.1 and Email server =2.2.2.2 – joeqwerty Sep 22 '11 at 19:04