Mailing List SIMS@mail.stalker.com Message #15332
From: Christopher Bort <cbort@globalhomes.com>
Subject: Re: Why is mail being sent to my webserver...
Date: Wed, 6 Sep 2006 16:51:39 -0700
To: SIMS Discussions <SIMS@mail.stalker.com>
X-Mailer: Mailsmith 2.1.5 (Blindsider)
On 09/06/06 at 16:27, Joe Wagner wrote:

> Hi folks,
>   I confess to being a bit sleep deprived these days, but I can't
> figure out why some mail servers are trying to send email to my web
> server rather than the mail servers. I.e. they are trying to send to
> the machine with the A record for hypertouch.com which is a webserver
> rather than to hypertouch.com's mail servers which are at other IP
> addresses.  Now the web server is running a rudimentary mail server
> but it shouldn't be getting any incoming email and so rejects the
> attempts as unauthorized relays.
>
> I'd credit this to badly setup third party mailers, but Stanford
> University's mail server recently bounced a message after trying to
> send to hypertouch.com and I'd hate to think their outgoing mail
> server is broken.

Being an edu doesn't automagically innoculate against sub-optimal server
configurations. Edu's can have less than clueful network|server admins just
like you find in the rest of the world.  ;-]

> Are there any circumstances that a mail server should ever send to
> the A record of a domain when that domain has MX records pointing
> elsewhere?  We recently had a network outage so all mail servers were
> down. So if  Stanford couldn't get to the machines pointed to by the
> MX records, can it grab the A record as a legitimate destination for
> email (and cache that result).

Yes, but the TTL for hypertouch.com's A record is one day (86400 seconds),
so Stanford's servers shouldn't cache it for longer than that. However,
it's not unheard of for name servers in large networks to ignore TTLs and
cache records indefinitely (can you say 'AOL'?).

>  I've turned off the mail server functionality of the webserver in
>  the short term but I can't understand why I need to?

Do you need to have it running? If not, leave it off, it's an unnecessary
security risk. If so, I think I'd let it run and reject incoming messages
as it's been doing. Either way, any admin of a sending system who is paying
attention will see that it is not accepting mail.

> Any advise or illumination?

Your network outage could be one explanation. A variation on the same theme
would be if you've had an MX record point to the web server's address in
the past and some servers are still caching that.

--
Christopher Bort
<cbort@globalhomes.com>
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster