Assist in diagnosing reverse dns mismatch

Question

We seem to have an occasional issue, whereby mail is bypassing our first three MX records, and going to our 4th MX record. This is purely a backup, and we think that the reason it is skipping the first MX records is because of a reverse DNS mismatch.

We have three MX records, being mail.cory.co.uk, mail2.cory.co.uk and maildr.cory.co.uk. mail.cory.co.uk no longer exists, and mail2 is our primary mail server now, but has a DNS mismatch. However, our exchange server is set to use the name mail2.cory.co.uk. Can anyone help me diagnose what name is actually being returned, and why they do not match?

We have a prt record for 62.232.17.194 which is also set as mail2.cory.co.uk

1. If you have MX records for servers that no longer exist then you should get rid of those MX records. 2. I've never heard of a sending server doing a reverse lookup on the A/MX record for the server it's sending email to. — joeqwerty, Nov 06 '13 at 20:16
Yes we will need to remove that record at some point. Is there anything else that could cause the sending server to skip MX records, other than communications issues? The domain in question is the only one having trouble getting mail to us, and it is not always a problem. — James Edmonds, Nov 07 '13 at 11:11
I'm assuming that the MX preference for each MX record is correct? MX 4 has the highest preference? — joeqwerty, Nov 07 '13 at 15:33
When you say highest, I assume you mean the highest number and not the highest preference? mail.cory which is defunct has pref of 5, mail2 which is current is 7, maildr is 9, and a1-1.apdas is 10. I can understand if we had a connection issue with mail2, but for it to also bypass our DR server is a bit strange. — James Edmonds, Nov 08 '13 at 09:20
A higher preference number is less preferred. A lower preference number is more preferred. So they should be "ordered" with preference numbers from lowest to highest being the most preferred to the least preferred. — joeqwerty, Nov 08 '13 at 14:26

score 1 · Answer 1 · answered Nov 07 '13 at 19:49

1

In exchange check the receive connector and make sure the fqdn in your HELO response isn't blank, or incorrect.

answered Nov 07 '13 at 19:49

Robert

74
4

Thanks Robert. We have a CAS array of two servers. The receive connector on each has the FQDN of that specific server, and not the array. Should both servers have a GQDN of mail2.cory.co.uk? – James Edmonds Nov 08 '13 at 09:21
yep they need to have the FQDN Matching your MX record. – Robert Nov 08 '13 at 18:19

score 0 · Accepted Answer · answered Nov 13 '13 at 14:13

For some reason, it seemed that one specific sender could not connect to our primary mail server 100% of the time. We do not know why, as we had no other reports of problems, and our leased line had zero downtime.

The reason our DR server was skipped was because our parent company who host the server, change the public IP without telling us.

The third priority MX record which is also hosted by them, was not Natted correctly to our DR server. They have made the changes their end, and we are updating our DNS records accordingly.

Original issue not solved for certain, but workaround is to configure all DR servers correctly.

Assist in diagnosing reverse dns mismatch

2 Answers2