Problem Hacking
Nov 6, 2006
I'm a little late on updates because I've been tracking down a mail problem.
Sometime on Oct 31, around 7pm EST, near as I can tell, my server
stopped being able to send outbound mail. This meant that any of the
"forward this article to a friend" emails, and validator emails that
check the validity of an applicant's email address started bouncing.
Now, for security reasons, I'm not going to tell you what O/S HBI uses,
or what mail server, but suffice it to say, *I* hadn't changed a damn
thing. I contacted the senior admin at my ISP and he assured me that
nothing had changed. I did all kinds of tests to validate that DNS was
working from the server. I checked forums related to my mail server. I
rebooted, stopped and started services, checked log files. You name it, I did it.
I struggled with the issue off and on for days (I have a
real day job which is taking up much of my time) and finally decided to
tackle it yesterday (Sunday) in earnest. I figured out how to put the mail server
in debug mode, wrote some test scripts and ascertained that it was a DNS
error. To you non-geeks, this will all be "BLAH BLAH BLAH Ginger" stuff
(as per The Far Side cartoons on what dogs really understand when we
talk to them). It turned out that the DNS server from my ISP was not recursively resolving DNS for mail server records properly.
Mail sent to youraccount@yahoo.com really needs to go to one of yahoo's mail servers, and they don't live @yahoo.com - they actually live somewhere else.
The Domain Name Server (DNS) is supposed to look up those addresses and present them to the mail server in a way it can understand.
It was failing that task miserably.
I had previously purchased a recursive DNS service from dyndns, when the ISP that served my home account was doing a crappy job with DNS caching.
So I temporarily changed the parameters in my dyndns account so that HBI could use the service.
After some reboots and some tweaking of config files, I got the damn mail server working.
For you geeks out there, NSLOOKUP was working, sort of, for MX records, but it wasn't recursing them, which is what the mail server needed. After the dyndns service setup for HBI's DNS, it
started working properly. (and yes, I have PTR records set up).
So outbound mail from the server is now working again. Finally.
I sent the Senior admin at the ISP my discovery and solution, and he
finally admitted today that there was in fact a problem, and thanked me
for pointing it out. He didn't tell me why or how it got changed, but at
least he acknowledged that the problem was, in fact, theirs, and that they had now fixed it. I think I'll be keeping my DNS with DynDNS anyway.
The thing is, I have an issue with computers getting the better of me.
It may take me days or hours or weeks, but I WILL solve it, or work my way around
it. Sometimes I probably spend too long sorting things out, but with
issues like this latest mail problem, my dogged determination pays off. It's a metaphor for other things in my life.
If I am certain that something isn't right - I won't take NO for an answer, and I generally won't wait around for someone else to solve it if I know it's within my skillset.
DynDNS also has (free) cool services to
give you a static domain name for your home systems when you are getting
a continuously updated (dynamic) IP address from your ISP. This means
you can always find your home system by name for remote administration,
or to serve up a photo site or other content from a web server on your
home network. I'm not getting any money from promoting them. I just like
how reliable, flexible and reasonably priced their services are. I'm
going to give them a plug, because it is thanks to their services that I
was able to get HBI's email going when my ISP screwed up and didn't even
realize it.
To their credit, my ISP did eventually figure out the problem - but only
after I pointed it out AND showed them wher the problem was.
The senior admin then said the three little words a woman likes to hear most
of all, "You were right". Not only was I right. I was right about a very technical issue on their network and had to tell them exactly what it was and where to look for it.
Yes, I am SUCH a geek.
heartlessly,
-Natalie
