Email is rejecting any email coming from yahoo account
Problem reported by Paige Galfano - January 21, 2015 at 11:22 AM
Submitted
My email is rejecting any email sent from a yahoo account.  How do I correct this problem

6 Replies

Reply to Thread
0
Bruce Barnes Replied
If you post your domain, we can run external tests.
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
0
Paige Galfano Replied
The domaine is nigroderm.com. The specific email that is having the most problem receiving yahoo emails is lortiz@nigroderm.com
0
Bruce Barnes Replied
DNSSTUFF.COM reports that NIGRODERM.COM has TWO MX SERVERS, but of them either has a CNAME, or does not have a valid IP Address.
 
Per RFC 1912, CNAMES are now PROHIBITED from being used with MX servers.  This is covered in Section 2.4, which reads:
 
 

2.4 CNAME records



A CNAME record is not allowed to coexist with any other data. 
 
In other words, if suzy.podunk.xx is an alias for sue.podunk.xx, you can't also have an MX record for suzy.podunk.edu, or an A record, or even a TXT record.   Especially do not try to combine CNAMEs and NS records like this!:


           podunk.xx.       IN      NS      ns1
                                   IN      NS      ns2
                                   IN      CNAME   mary
           mary                IN      A       1.2.3.4


This is often attempted by inexperienced administrators as an obvious way to allow your domain name to also be a host. 
 
However, DNS servers like BIND will see the CNAME and refuse to add any other resources for that name. 
 
Since no other records are allowed to coexist with a CNAME, the NS entries are ignored. 
 
Therefore all the hosts in the podunk.xx domain are ignored as well!

If you want to have your domain also be a host, do the following:

           podunk.xx.      IN      NS      ns1
                                   IN      NS      ns2
                                   IN      A       1.2.3.4
           mary                IN      A       1.2.3.4

Don't go overboard with CNAMEs.  Use them when renaming hosts, but plan to get rid of them (and inform your users). 
 
Don't forget to delete the CNAMEs associated with a host if you delete the host it is an alias for.  Such "stale CNAMEs" are a waste of resources.
 
 
 
 
The error is also indicated in the fact that one of the two listed MX servers cannot be reached:  again, in indicate of either a bad IP address or the use of a CNAME record where a HOST or A record should have been used to map the fully qualified domain name to the IP address
 
This causes a DNS failure and the sending MX server cannot contact the receiving MX server, OR, as is the more probable case in your situation, the RECEIVNG MX SERVER cannot get the rDNS, FTP, and other antispam reputation for the SENDING MX server because, as far as DNS is concerned, the sending MX server does not exist.
 
If the issue is reversed, then, in this case, the SENDING MX server has only a 50/50 chance of reaching the single working server.  Remember, "round robin" access to multiple MX servers is neither standard or guaranteed, but access is based on MX PRIORITY, with the LOWER MX PRESCIDENCE being the HIGHER PRIORITY MX server to be tried.
 
If, in this case, MAIL2.BACKUP is unavailable, as is indicated in the test result above, and there is congestion, or noise, in the path to the primary MX server, in this case, MAIL.TELEVOXSITES the chances of either sending or receiving approach NILL.
 
 
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
0
Paige Galfano Replied
OK, I don't understand any of this?  Can you tell me in laymans terms how I can fix it?  We have many emails attached to nigroderm.com but only this one seems to be having problems.  Is there someone I can call to help me fix this?  Thanks
0
Bruce Barnes Replied
Are you the domain owner?  If not, you have to send the notes I gave you to their DNS and/or DOMAIN administrator, or, if you have your own domain, hosted by them, more your domain, user's and their e-mail to another hosting company.
 
Don't mean to sound harsh with the response, but this kind of issue can be very sticky, especially when you don't completely control all ownership and aspects of the domain.
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
1
Steve Reid Replied
This is a forum for Smartermail Administrators. If you are an end user and not a Mail Administrator then you need to ask whoever is hosting your email.

Reply to Thread