Is Hotmail in the habit of ignoring MX records?

Lou Katz lou at metron.com
Thu Jul 26 08:35:35 UTC 2012


On Thu, Jul 26, 2012 at 02:38:31AM -0500, Jimmy Hess wrote:
> On 7/26/12, Lou Katz <lou at metron.com> wrote:
> > One of my users has reported incoming mail failures, which I finally
> > tracked down. It turned out that Hotmail has seen fit to send the mail
> > to his domain's A record machine, despite the fact that he has valid MX
> > records.
> 
> You looked in the mail headers and saw hotmail's mail server do that,
> or the From address/return path just happens to be hotmail?
> I would ask for a specific example of a domain name in which that
> seems to happen, and  exact DNS zone contents.
> 
> I am sure that Hotmail does not  ignore MX in general,  unless they
> just broke something; many domains require MX processing and A record
> to properly be ignored for mail to be accepted.    But there may be
> something else going on with a specific domain or   DNS
> queries/responses from its nameservers,  that results in MX being
> ignored or unavailable,  resulting in a fallback to 'lookup A'.
> 
> An example could be some dns issue such  as slow response to MX query,
>  'MX to a CNAME',  'MX to an invalid label that looks like an IP',  MX
> DNS response packet too large,
>  ....
> 
> 
> --
> -JH

Unfortunately, all I get from my user is a snippet, and it took me a while
to realize that I had to look at the mail logs of my web server, not my
mail server, to find the transaction. The domain is cookephoto.com - and
here is my zone file:

plaid# dig cookephoto.com any

; <<>> DiG 9.3.3 <<>> cookephoto.com any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55698
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 8

;; QUESTION SECTION:
;cookephoto.com.                        IN      ANY

;; ANSWER SECTION:
cookephoto.com.         172800  IN      SOA     ns.metron.com. hostmeister.metron.com. 2012011900 21600 3600 345600 345600
cookephoto.com.         172800  IN      NS      ns2.metron.com.
cookephoto.com.         172800  IN      NS      ns1.metron.com.
cookephoto.com.         172800  IN      NS      ns3.metron.com.
cookephoto.com.         172800  IN      MX      12 mail2.metron.com.
cookephoto.com.         172800  IN      MX      15 mail.katz.com.
cookephoto.com.         172800  IN      MX      10 mail.metron.com.
cookephoto.com.         172800  IN      A       192.160.193.89

;; ADDITIONAL SECTION:
ns1.metron.com.         3600    IN      A       192.160.193.34
ns2.metron.com.         3600    IN      A       209.204.189.89
ns2.metron.com.         3600    IN      AAAA    2001:470:838d::89
ns3.metron.com.         3600    IN      A       192.160.193.55
ns3.metron.com.         3600    IN      AAAA    2001:470:838d::55
mail.metron.com.        3600    IN      A       192.160.193.14
mail2.metron.com.       3600    IN      A       209.204.189.91
mail.katz.com.          28800   IN      A       192.160.193.14


and here is the maillog for the transaction, slightly redacted:

Jul 25 13:13:07 plaid sm-mta[5121]: NOQUEUE: connect from blu0-omc2-s2.blu0.hotmail.com [65.55.111.77]
Jul 25 13:13:07 plaid sm-mta[5121]: q6PKD7bH005121: --- 220 plaid.metron.com ESMTP Sendmail 8.13.8/8.13.8; Wed, 25 Jul 2012 13:13:07 -0700 (PDT)
Jul 25 13:13:07 plaid sm-mta[5121]: q6PKD7bH005121: <-- EHLO blu0-omc2-s2.blu0.hotmail.com
Jul 25 13:13:07 plaid sm-mta[5121]: q6PKD7bH005121: --- 250-plaid.metron.com Hello blu0-omc2-s2.blu0.hotmail.com [65.55.111.77], pleased to meet you
Jul 25 13:13:07 plaid sm-mta[5121]: q6PKD7bH005121: <-- MAIL FROM:<xxxxxxxxxxxx at hotmail.com>
Jul 25 13:13:07 plaid sm-mta[5121]: q6PKD7bH005121: --- 250 2.1.0 <xxxxxxxxxxxx at hotmail.com>... Sender ok
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: <-- RCPT TO:<xxxxx at cookephoto.com>
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: --- 550 5.7.1 <xxxxx at cookephoto.com>... Relaying denied
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: ruleset=check_rcpt, arg1=<xxxxx at cookephoto.com>, relay=blu0-omc2-s2.blu0.hotmail.com [65.55.111.77], reject=550 5.7.1 <xxxxx at cookephoto.com>... Relaying denied
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: <-- RSET
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: --- 250 2.0.0 Reset state
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bH005121: from=<xxxxxxxxxxxx at hotmail.com>, size=0, class=0, nrcpts=0, proto=ESMTP, daemon=IPv4,
relay=blu0-omc2-s2.blu0.hotmail.com [65.55.111.77]
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bI005121: <-- QUIT
Jul 25 13:13:08 plaid sm-mta[5121]: q6PKD7bI005121: --- 221 2.0.0 plaid.metron.com closing connection


The 5.7.1 relaying denied is correct, since the webserver does not accept mail for the website domains.

At the time of the transaction, nothing special was happening here, and other mail was flowing quite nicely into
the mail server. Other Hotmail servers were sending to other recipients here through the regular mailserver OK.


Thanks for looking at it.

-=[L]=-




More information about the NANOG mailing list