Aug 192011
 

Recently I upgraded a bunch of ASG’s to version 8.2. While most of the upgrades went smoothly, I did have an issue with a specific box at one of my clients offices.

We had some reports that incomming e-mails were being rejected. After checking the Mail Manager, these e-mails were being rejected due to numerous RDNS failures. While most of the incomming message sources actually didn’t have a properly configured RDNS, I finally noticed in one case that a specific sender actually did have properly configured Reverse DNS…

Googling this specific issue came up with nothing, however I noticed in the DNS proxy on the ASG box, that since the upgrade numerous errors were going through on a daily basis:

mail named: Last message ‘unexpected RCODE (RE’ repeated 2 times, supressed by syslog-ng on host.name

mail named[5466]: lame server resolving ‘X’

These errors were filling the log. I went ahead and logged into WebAdmin and removed the DNS forwarders, hit apply, flushed DNS cache, then re-inserted the DNS forwarders. This resolved the issue.

  3 Responses to “Astaro Security Gateway 8.2 – E-Mails being rejected due to RDNS”

  1. Update on this… Turns out it doesn’t fix the issue. On numerous ASG’s I’ve actually had to disable RDNS checking due to issues with incoming e-mails. I have a ticket open with Astaro. I’ll post an update as news comes in…

  2. You will find that the issue is related to forward DNS, Astaro checks both reverse and forward DNS. We have the same issues since 8.2 was released and after some checking came up with this info. So Astaro is not at fault (however it annoys me how many mail servers don’t have rDNS setup).

  3. Thanks Dan,

    So it all makes sense now… ASG 8.2 checks both forward and reverse and wants them to match each other? If not it reports it as failed?

    Stephen

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)