I am cross posting this as it might be a dns issue, but it effects email
directly. And I am quite aware of the 'Great Chinese Firewall' and
realized that may be a large part of the issue.
LCR's mail filter and mail servers are all in the lcrcomputer.net domain.
Recently I moved this domain(lcrcomputer.net) to a registrar that
suports DNSSEC and inserted the DS record for this domain. I checked
DNSSEC via http://dnsviz.net and
http://dnssec-debugger.verisignlabs.com. Both show DNSSEC is working
just fine for lcrcomputer.net.
However, shortly after that one of my customers stopped receiving email
from one of their clients in China. They just brought that to my
attention and I tried to email the client in China and got this back:
For <ro...@xxxxx.com.cn> <mailto:ro...@medtecs.com.cn>, Site
(xxxxx.com.cn/<ipv4 address>) said: 559 sorry , your helo/ehlo and
domain in mail are invalid, you don't connect from there. (#5.5.9)
Because this started within 24 hours of when I published the DS record
for lcrcomputer.net, I am assuming that this is related.
Had anyone else run across this? Or do I have something misconfigured
here? I ran with DNSSEC against ISC's lookaside for a long time and
published the necessary DNSSEC records and had no problem. This started
right after I moved the domain registration and published a DS record
for the domain. I had already been publishing DNSSEC records and they
checked out against ISC's lookaside stuff for quite a while.
Lyle Giese
LCR Computer Services, Inc.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
