Hi, I have a curious mail-problem: One of our customers doesn't receive mail sent from certain domains. The curious thing is, that he can receive mails from other domains without a problem. Only sometimes he finds out, that some mails that have been sent to him never arrived in his mailbox. Additionally, if the same mail gets sent to another mail-address, which is not hosted on our server, the mail arrives instantly. So to sum it up: from: *@sender1.com -> to: [email protected] => no mail arrives from: *@sender1.com -> to: [email protected] => mail arrives from: *@mostOtherDomains.com -> to: [email protected] => mail arrives So the problem has to happen specifically between our mailserver, and the mailserver of certain senders. The reason why I don't know where to start debugging the problem is, that I don't find a trace of the mails in the mail-log! If I do: cat /var/log/mail.log | grep "@sender1.com" i don't get back a single line. So the mail never arrived at our server right? Or is there any way that the mail gets blocked before it even registers in the mail log? Our customer naturally thinks it's a misconfiguration on our server, because the mail arrives at his gmail address. But how can I find out where the mail gets lost, when it doesn't even show up in the mail-log? Hope somebody can help - i'm kinda at the end of my wits about this problem. Thanks!
If there is nothing about these sender domains in the mail.log, then the mails never reached your server. This means that the mails either never got send or that the sending server is misconfigured and contacted a wrong or no server at all to deliver the emails. You should check the dns records of the domain of that customer, maybe it contains a wrong MX record or 2 MX records where one is wrong. you can also try: grep sender1,com /var/log/mail.log (without the @).
Hi Till, Thanks for the answer. I also thought that the sending server is misconfigured. However, how is it possible that my customer receives mail from the same sender on his gmail.com account then? That makes it hard to tell the customer that the problem is with the sending server.. this is the result of dig any sender1.com (slightly modified for privacy reasons..) ;sender1.com. IN ANY ;; ANSWER SECTION: sender1.com. 600 IN TXT "v=spf1 include:mymxserver.com ~all" sender1.com. 600 IN A 1.2.3.4 sender1.com. 40224 IN SOA a.ns14.net. some.body.com 2014030500 39940 14400 604800 43200 sender1.com. 43200 IN NS b.ns14.net. sender1.com. 43200 IN NS d.ns14.net. sender1.com. 43200 IN NS a.ns14.net. sender1.com. 43200 IN NS c.ns14.net. sender1.com. 600 IN MX 20 nx51.mymxserver.com. sender1.com. 600 IN MX 10 mx51.mymxserver.com. grep sender1 /var/log/mail.log also didnt result in any hits.
; <<>> DiG 9.9.5-3-Ubuntu <<>> any clientdomain.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47423 ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 2 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;clientdomain.com. IN ANY ;; ANSWER SECTION: clientdomain.com. 2858 IN MX 10 mail.clientdomain.com. clientdomain.com. 3600 IN NS ns2.ourcompany.at. clientdomain.com. 3600 IN NS ns1.ourcompany.at. clientdomain.com. 3600 IN SOA ns1.ourcompany.at. hosting.ourcompany.at. 2015021702 7200 540 604800 86400 clientdomain.com. 2095 IN A 4.3.2.1 ;; ADDITIONAL SECTION: mail.clientdomain.com. 2858 IN A 1.2.3.4 ;; Query time: 6 msec ;; SERVER: 213.133.98.98#53(213.133.98.98) ;; WHEN: Thu Feb 19 15:19:03 CET 2015 ;; MSG SIZE rcvd: 192 The IP 4.3.2.1 is the ip of our webserver, and 1.2.3.4 the ip of our mailserver. It's an ISPConfig multiserver cluster. The nameserver where the domain is hosted is also part of our multiserver cluster.
This looks fine. Just to be sure, yu should try a grep sender1 /var/log/mail.log on the webserver as well, just to ensure that the sender did not try to deliver emaisl to the webserver and ignores the MX record of the domain. You should also check the dns zone of the recipient domain at intodns.com, just to be sure that there is no split brain situation where ns1 and ns2 have different values.
I checked on the webserver. No luck there either. The DNS-Record checks out just fine on intodns.com. I really can't think of a good reason why the mails don't get through. My next step will be to contact the admin of the sending mailserver - maybe he can be of some help. At least he should have some information in his maillogs. Anyway, thanks for the help so far Till. Your response time on this forum never fails to amaze me.
