On Sat, August 11, 2012 12:04 am, Glen Turner wrote: > 1) Verify operation by walk down the name server tree using dig > Firstly, find the nameserver. You are following the tree down so the IP > addresses come from the answers of the previous command: > dig +norecurse ns au > dig @58.65.254.73 +norecurse ns com.au > dig @202.65.12.73 +norecurse ns dom.com.au > dig a ns1.dnsimple.com 184.106.214.131 > Now ask about the mail exchanger > dig @184.106.214.131 +norecurse mx dom.com.au > dig aspmx.l.google.com
all OK > And connect to it > telnet 209.85.225.26 mail QUIT from bigpond adsl 'telnet mail' doesn't but 'telnet 587' is OK > Do that for every server for dom.com.au to ensure that the answers are > consistent. You might want to pull the SOAs to be sure the serial numbers > are identical. yes > 2) Be clear about DNS forwarding versus DNS serving. I'm not sure how that fits in..? I have mail server and three authoritative dns servers..? I don't believe I have any DNS forwarding...? > They are not the same. This sort of issue is usually the result of > confusing the two. > 3) Understand TTL and caching > Your changes do not take effect immediately and old configurations and > errored configurations can be around for some time. Glen, thanks it all checks out when I test it from here, but, verizon tells me they fail getting response from all three servers from their network AFAICT, I can't fault the setup, I was testing in a similar manner prior to your email, using 'dig dom.tld +trace' to get delegation tree -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html