Den 14.11.2018 08:21, skrev Poliman - Serwis:
2018-11-13 19:58 GMT+01:00 Wietse Venema <wie...@porcupine.org
<mailto:wie...@porcupine.org>>:
Poliman - Serwis:
> 2018-11-13 18:24 GMT+01:00 Viktor Dukhovni <postfix-us...@dukhovni.org
<mailto:postfix-us...@dukhovni.org>>:
>
> > > On Nov 13, 2018, at 11:48 AM, Wietse Venema
<wie...@porcupine.org <mailto:wie...@porcupine.org>>
> > wrote:
> > >
> > >> It's colonel.com.pl <http://colonel.com.pl>. Please check.
I don't see anywhere MX's IP as A
> > record
> > >> in dns zone.
> > >
> > > You have both A and MX records for colonel.com.pl
<http://colonel.com.pl>. Some SMTP systems
> > > may try to send email using the A record, if those SMTP
systems are
> > > borked and if their DNS resolver is borked.
> >
> > In other words, nothing to worry about. There's no need to
worry about
> > such broken systems in practice. Real MTAs don't get this
wrong (though
> > perhaps what I'm saying is that if there are some MTAs that
get this wrong,
> > they are garbage that deserves to be ignored).
> >
> > --
> > Viktor.
> >
> > [1] https://en.wikipedia.org/wiki/Infinite_monkey_theorem
<https://en.wikipedia.org/wiki/Infinite_monkey_theorem>
>
>
> Ok, thank you guys for answers and advices. Appreciate!
You man still want to turn off the SMTP listener on colonel.com.pl
<http://colonel.com.pl>,
because it will never receive legitimate email.
Wietse
Thank you for answer. I suppose I don't understand properly. How could
I do this if this domain has MX on Google?
To make sure all mail delivered to colonel.com.pl gets to google, make
sure that the host colonel.com.pl will NOT accept connections for
incoming mail from the internet.
In other words: if you want mail to end up at your MX, your A ip-address
should not accept incoming mail.
If that is already OK, you are OK. It looks OK from where I am sitting.
Viz:
# dig colonel.com.pl mx
; <<>> DiG 9.11.2-P1 <<>> colonel.com.pl mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63690
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 2, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;colonel.com.pl. IN MX
;; ANSWER SECTION:
colonel.com.pl. 3600 IN MX 5 alt1.aspmx.l.google.com.
colonel.com.pl. 3600 IN MX 5 alt2.aspmx.l.google.com.
colonel.com.pl. 3600 IN MX 10 alt4.aspmx.l.google.com.
colonel.com.pl. 3600 IN MX 10 alt3.aspmx.l.google.com.
colonel.com.pl. 3600 IN MX 1 aspmx.l.google.com.
;; AUTHORITY SECTION:
colonel.com.pl. 3576 IN NS ns6.poliman.net.
colonel.com.pl. 3576 IN NS ns7.poliman.net.
;; ADDITIONAL SECTION:
ns6.poliman.net. 3576 IN A 193.70.38.6
ns7.poliman.net. 3576 IN A 54.38.202.128
;; Query time: 42 msec
;; SERVER: 192.168.2.2#53(192.168.2.2)
;; WHEN: on. nov. 14 10:20:30 CET 2018
;; MSG SIZE rcvd: 240
0:gt ~ # nc colonel.com.pl 25
nc: unable to connect to address colonel.com.pl, service 25
