As somebody else mentioned today there seems to be something fishy with the bluewin mailservers, I guess the culprit is the "Load balances" which seem to act as NS's. But as these are really nice Load Balancers are future proof, the real hurdle they are hitting is quite simple: that bloody IPv6...
Lets dig the loadbalancers [1] for the answer: 8<--------------------------------------------------------------------- $ dig @ns.bwlbmsg1zhh.bluewin.ch. mxbw.bluewin.ch. aaaa ; <<>> DiG 9.4.1-P1 <<>> @ns.bwlbmsg1zhh.bluewin.ch. mxbw.bluewin.ch. aaaa ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 22394 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION: ;mxbw.bluewin.ch. IN AAAA
;; Query time: 16 msec ;; SERVER: 195.186.19.8#53(195.186.19.8) ;; WHEN: Wed Oct 31 19:12:42 2007 ;; MSG SIZE rcvd: 33
--------------------------------------------------------------------->8
And tada, my sweet postfix/bind/powerdns combo will give up on it as there is clearly no answer to be gotten for that hostlabel.
As such I would *love* to mail postmaster@bluewin.ch (assuming that somebody is at home there), but without taking out AAAA requesting out the whole chain of software I really can't mail them :(
Not falling over the folks from Bluewin, but it is the only way to contact them AND to show how things can break in mysterious ways :(
The BBC had a similar problem a few years back. I do hope that you folks can fix this up, I noticed this actually because a @bluewin.ch user couldn't signup to SixXS as she was getting rejected.
Hmmmm, now that we are trying to query those boxes some more I can't get this answer out of this setup....
Please folks @ Bluewin, check this out and fix it ;)
Greets, Jeroen
--
[1] dig +trace mxbw.bluewin.ch (sometimes apparently) reveals:
<snip> bluewin.ch. 43200 IN NS dns2.bluewin.ch. bluewin.ch. 43200 IN NS dns4.bluewin.ch. bluewin.ch. 43200 IN NS dns1.bluewin.ch. bluewin.ch. 43200 IN NS dns3.bluewin.ch. ;; Received 173 bytes from 2001:dc0:1:0:4777::140#53(sec3.apnic.net) in 482 ms
mxbw.bluewin.ch. 86400 IN NS ns.bwlbmsg1zhh.bluewin.ch. mxbw.bluewin.ch. 86400 IN NS ns.bwlbmsg1zhb.bluewin.ch. ;; Received 123 bytes from 195.186.1.111#53(dns2.bluewin.ch) in 16 ms
On Wednesday 31 October 2007 19:25, Jeroen Massar wrote:
As somebody else mentioned today there seems to be something fishy with the bluewin mailservers, I guess the culprit is the "Load balances" which seem to act as NS's. But as these are really nice Load Balancers are future proof, the real hurdle they are hitting is quite simple: that bloody IPv6...
This sounds very familiar to me. The problem with IPv6 and the load balacers @bluewin occured one or two years ago. We had to add the bluewin MX hostname to /etc/hosts to get email through. Bluewin somewhen removed the load balancers because they caused too much problems with DNS. Maybe they forgot they caused problem and put them back now?
-Benoit-
Maybe they forgot they caused problem and put them back now?
We didn't remove them (and we didn't change anything in the last few months..) but we added 42 mxzhh.bluewin.ch 42 mxzhb.bluewin.ch
to our MX records and it solved the problem for freebsd+sendmail ;-)
Hi Jeroen
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 22394 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
We are aware that ns.bwlbmsg1zhh.bluewin.ch. doesn't play well with IPv6 (and we also know that some lb-vendors are not able to fix such simple bugs).
And tada, my sweet postfix/bind/powerdns combo will give up on it as there is clearly no answer to be gotten for that hostlabel.
ulrich@fuzzy:~$ dnsmx bluewin.ch 10 mxbw.bluewin.ch <-- ns.bwlbmsg1zh[hb].bluewin.ch 42 mxzhh.bluewin.ch <-- dns[1234].bluewin.ch 42 mxzhb.bluewin.ch <-- dns[1234].bluewin.ch 66 mx49.bluewin.ch <-- dns[1234].bluewin.ch
Why doesn't your postfix/bind/powerdns combo use mxzhb/mxzhh ?
Regards, Adrian
Adrian Ulrich wrote:
Hi Jeroen
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 22394 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
We are aware that ns.bwlbmsg1zhh.bluewin.ch. doesn't play well with IPv6 (and we also know that some lb-vendors are not able to fix such simple bugs).
And tada, my sweet postfix/bind/powerdns combo will give up on it as there is clearly no answer to be gotten for that hostlabel.
ulrich@fuzzy:~$ dnsmx bluewin.ch 10 mxbw.bluewin.ch <-- ns.bwlbmsg1zh[hb].bluewin.ch 42 mxzhh.bluewin.ch <-- dns[1234].bluewin.ch 42 mxzhb.bluewin.ch <-- dns[1234].bluewin.ch 66 mx49.bluewin.ch <-- dns[1234].bluewin.ch
Why doesn't your postfix/bind/powerdns combo use mxzhb/mxzhh ?
It does, but it does give up on the mxbw one.
The reason that I noticed is that for signup we do an MX check, to check if they are setup correctly, bluewin.ch failed the test with flying smudged colors... It is on the whitelist now though, but before that it was nicely rejecting any signup attempt from people using that as an email address. It also doesn't leave a good impression on customers I guess that the ISP can't even have a proper email setup.
Nevertheless, I would gently try and suggest to fix it for real instead of letting it run like this. Of course that is easier said than done, especially with a magic blackbox which is broken which resides in your network...
Greets, Jeroen
It does, but it does give up on the mxbw one.
Your MX-Test or Postfix?
It also doesn't leave a good impression on customers I guess that the ISP can't even have a proper email setup.
thanks for letting me know that i am a moron. ;-)
Nevertheless, I would gently try and suggest to fix it for real instead of letting it run like this.
I wouldn't mind removing GSLB/mxbw (= ditch ns.bwlbmsg) but first i'd like to understand why Postfix doesn't switch to mxzhb/mxzhh.
...Just had a look at the postfix 2.4.6 source (smtp_addr.c) and i don't see why postfix would fail in such a situation.
Could you send me (offlist.. it's getting off-topic) the error message from your maillog?
Regards, Adrian
-
Adrian Ulrich -
Benoit Panizzon -
Jeroen Massar