"Domain of sender address does not exist" (it does

Hi

I have had my linode up for a while now (http://www.engoi.com), and mail works fine for most destinations. I use postfix, and I used pretty much the default "internet" install.

Each week though I get a few of these in my logs:

mxlibero1.libero.it[212.52.84.83] said: 553 Domain of sender address <daniel@engoi.com> does not exist. For further information contact your provider. If you are the provider, mailto:support@postmaster.libero.it?subject=Code 553 (in reply to MAIL FROM command))

But (from a completely different machine):

daniel@roomatthetop:~$ dig -t MX engoi.com

; <<>> DiG 9.4.1-P1 <<>> -t MX engoi.com

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50953

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;engoi.com. IN MX

;; ANSWER SECTION:

engoi.com. 84087 IN MX 10 mail.engoi.com.

;; Query time: 9 msec

;; SERVER: 195.238.2.21#53(195.238.2.21)

;; WHEN: Sun Dec 16 22:56:42 2007

;; MSG SIZE rcvd: 48

Does anyone here have any clue as to what the problem might be, and how I might go about fixing it?

By the way, I don't actually know even how I have an MX record. All I have done to set up DNS for this site has been to point the DNS servers where I bought the domain to ns1.linode.com and ns2.linode.com … after that, everything just seemed to work. (Yes, I agree that that might not quite be enough … :-)

Daniel

10 Replies

Hmmmm, it all comes back. I took a look at my DNS setup in the linode config panel, and setup reverse DNS for engoi.com. I just did a retry but I get the same result. Maybe rDNS takes a few hours to work, or maybe that isn't the problem.

I have tried emailing the destination support address, but who knows if or when I'll get a response.

engoi.com has an MX entry of mail.engoi.com, that's great!

However, mail.engoi.com does not resolve to anything. Perhaps you should fix that :)

thanks Aaron.

At the moment, in my DNS manager I have one MX record :

mail.engoi.com

and A/AAAA records for

engoi.com

www.engoi.com

and so on

I thought the MX was enough - does mail.engoi.com need it's own A record? Can you explain what's going on?

Many thanks!

Yes, the address you specify for the MX needs to resolve to an IP address. Also, some sites check that forward and reverse DNS match on an MX record. Assuming the forward and reverse of your IP match, you can just point the MX at that name and you should be fine.

Don't forget that the default TTL for Linode's DNS Manager is one day, so sites which have your DNS cached may take up to a day to pick up your changes.

–James

Edit:

If you need some help, hit me up on IRC.

thanks guys. I needed to read up on DNS a bit … but I think I have it covered now.

MX = mail

A = IP

duh (ice cream => forehead)

8)

@danmcb:

thanks guys. I needed to read up on DNS a bit … but I think I have it covered now.

MX = mail

A = IP

duh (ice cream => forehead)

8)

Not quite. An "MX" record means "send mail for this address to machine blah". You also need to tell people what the address is for "blah" and that's why you need an A record.

@irgeek:

Yes, the address you specify for the MX needs to resolve to an IP address. Also, some sites check that forward and reverse DNS match on an MX record. Assuming the forward and reverse of your IP match, you can just point the MX at that name and you should be fine.

Then those sites are broken. MX records can only point to A records (not CNAMEs) and so will frequently not match the relevant PTR record.

For incoming messages checking the IP address matches forwards and backwards is fine (so if I send from 1.2.3.4 and the PTR for that is blahblah.example.invalid then the A records for blahblah.example.invalid must include 1.2.3.4), but for outgoing messages? No, that's wrong.

I had a related problem, which I think may be relevant to users here.

@RFC974:

There is one other special case. If the response contains an answer

which is a CNAME RR, it indicates that REMOTE is actually an alias

for some other domain name. The query should be repeated with the

canonical domain name.

Let's say that I was trying to recieve email on user@sub.example.com.

The remote mailserver was lookup up sub.example.com, and as I had CNAMED it to example.com, the remote mailserver was eventually checking hte MX record on example.com and then trying to deliver the email to user@example.com.

Now, I have this setup, which seems to work:

A
example.com          ip
sub.example.com      ip

CNAME
imap                 example.com
smtp                 example.com

MX
10  example.com      smtp.example.com
10  sub.example.com  smtp.example.com

Have I done anything wrong here that could result in misdirected mail?

Yes, smtp.example.com should be an A record pointing to an IP address.

It may seem to work as is, but there will be people who mysteriously won't be able to send you mail, and it won't be their fault.

http://member.dnsstuff.com/pages/dnsreport.php

;)

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct