[bdNOG] Yahoo Mail can't communicate with my domain servers

Fakrul Alam fakrul at fakrul.com
Wed Dec 30 05:06:03 BDT 2015


Thanks Philip. Now I got a clue why all the subscription of yahoo.com
domain for nog mailing list has been disabled :-)

List:       nog
Member:     k*****on at yahoo.com
Action:     Subscription disabled.
Reason:     Excessive or fatal bounces.

Tons of mail. Need to clear them all.

Cheers!
Pappu

On Wed, Dec 30, 2015 at 8:29 AM, Philip Smith <philip at nsrc.org> wrote:

> Hi Jasim,
>
> Glad to hear that you managed to track the problem down.
>
> I'd love to know what Bharti's reasoning is for blocking DNS traffic.
> I'm struggling to think of one myself right now. Hopefully when they get
> back to you they might explain why...
>
> Best wishes!
>
> philip
> --
>
> Jasim Alam wrote on 27/12/2015 07:31 :
> > Dear Philip,
> >
> > That worked like magic ! We rerouted the traffc via  TATA [AS6453] and
> > everyone can resolve our DNS now.
> > https://www.whatsmydns.net/#A/btraccl.net
> >
> > Apparently Bahrati Airtel [AS 9498] was filtering our DNS traffic. We
> > are currently pursuing answer from Bharti. I will let you know if I get
> > anything. Hopefully this would be a reference point , if your DNS is
> > being resolve only in partial globe and your traffic pass via Bharti you
> > can point finger to Bharti.
> >
> > Thank you guys a lot ( Philip, Brian, Anurag, Shuman and all others) to
> > help to save our adrenaline.
> >
> > Thanks to bdNOG providing such wonderful platform.
> >
> > Regards,
> > jasim
> >
> >
> > On Saturday, December 26, 2015 4:44 PM, Philip Smith <philip at nsrc.org>
> > wrote:
> >
> >
> > Hi Jasim,
> >
> > I've seen this exact symptom before, in region.
> >
> > I've checked in a few places around the Internet. Where the paths to you
> > run through Airtel I cannot get any name resolution for btraccl.net.
> > Where the paths do not run through Airtel, DNS works just fine.
> >
> > Non-airtel path:
> >
> > 7  103-16-152-25-noc.bsccl.com (103.16.152.25)  128.800 ms  130.064 ms
> > 130.056 ms
> > 8  103-16-152-33-noc.bsccl.com (103.16.152.33)  133.250 ms  133.094 ms
> > 133.268 ms
> > 9  103-16-155-26-noc.bsccl.com (103.16.155.26)  154.001 ms  154.018 ms
> > 153.998 ms
> > 10  po1-ar1-bn1-dh.equitel.com.bd (103.9.186.66)  133.732 ms  133.706 ms
> > 133.751 ms
> > 11  103.9.186.130 (103.9.186.130)  134.851 ms  134.988 ms  135.118 ms
> > 12  cp1.btraccl.net (103.9.185.227)  155.304 ms  155.304 ms  155.294 ms
> >
> > $ dig btraccl.net a
> >
> > ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-25.P1.el5_11.4 <<>> btraccl.net a
> > ;; global options:  printcmd
> > ;; Got answer:
> >
> > btraccl.net.        14400    IN    A    103.9.185.227
> >
> >
> > Airtel path:
> >
> > 7  9498.hkg.equinix.com (119.27.63.26)  153.907 ms  151.835 ms  152.576
> ms
> > 8  182.79.234.238 (182.79.234.238)  217.081 ms 182.79.234.201
> > (182.79.234.201)  218.547 ms 182.79.247.178 (182.79.247.178)  218.766 ms
> > 9  aes-static-190.137.144.59.airtel.in (59.144.137.190)  270.817 ms
> > 265.320 ms  264.935 ms
> > 10  103.7.249.110 (103.7.249.110)  249.120 ms  248.193 ms  247.767 ms
> > 11  103.9.186.66 (103.9.186.66)  267.391 ms  265.746 ms  265.328 ms
> > 12  103.9.186.130 (103.9.186.130)  273.015 ms  271.443 ms  271.502 ms
> > 13  103.9.185.229 (103.9.185.229)  264.746 ms  263.285 ms  263.443 ms
> >
> > $ dig btraccl.net a
> >
> > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.5 <<>> btraccl.net a
> > ;; global options: +cmd
> > ;; connection timed out; no servers could be reached
> >
> > This is going to be hard for you to sort directly though - you'll need
> > to ask your upstream (Equitel Communication Ltd) to talk to Fiber at Home
> > <mailto:Fiber at Home>
> > who get transit from Airtel.
> >
> > The way to check this is to ask Equitel to shutdown their link to
> > Fiber at Home <mailto:Fiber at Home> for a short period, let BGP reroute you
> > exclusively onto the
> > BSCCL link (Equitel's other upstream), and then check your DNS from
> > various spots around the globe again.
> >
> >
> > Note, I could be wrong, but this symptom was exactly what I saw a few
> > months back, and it took the operator concerned almost 2 months of
> > frustration to sort. Turns out Airtel were filtering DNS on their link -
> > it took quite a bit of escalation to sort, and no reasoning was offered
> > by Airtel either. (Maybe someone from Airtel is on the list here and can
> > help?)
> >
> > philip
> > --
> >
> > Jasim Alam wrote on 23/12/2015 08:53 :
> >> Hi,
> >>
> >> From  last couple of day mail sent from yahoo mail to my domain
> >> (btraccl.net) are being bounced back, please see the forwarded mail.
> >> Yahoo saying they can't find my A or MX record. But mxtoolbox and google
> >> tool saying there is nothing wrong with my dns configuration
> >>
> >> http://mxtoolbox.com/domain/btraccl.net/
> >> https://toolbox.googleapps.com/apps/dig/#A/btraccl.net
> >> https://toolbox.googleapps.com/apps/dig/#MX/btraccl.net
> >>
> >> After further digging , I found that from some location my dns is
> >> resolved from some location from some not.
> >>
> >> https://www.whatsmydns.net/#A/btraccl.net
> >> https://dnschecker.org/#A/btraccl.net
> >>
> >
> https://www.nexcess.net/resources/tools/global-dns-checker/?h=btraccl.net&t=A
> >>
> >>
> >> Same for online port scanners, some online port scanner can open my dns
> >> server's port 53 some can't.
> >>
> >>
> >
> --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> >>
> >>                              [Port Scan]
> >>
> >> # from local network
> >>
> >> nmap 103.9.185.229
> >>
> >> Starting Nmap 6.47 ( http://nmap.org <http://nmap.org/>) at 2015-12-22
> > 12:02 BDT
> >> Nmap scan report for 103.9.185.229
> >> Host is up (0.0054s latency).
> >> Not shown: 993 closed ports
> >> PORT STATE SERVICE
> >> 22/tcp open ssh
> >> 25/tcp open smtp
> >> 53/tcp open domain
> >> 80/tcp open http
> >> 465/tcp open smtps
> >> 587/tcp open submission
> >> 3306/tcp open mysql
> >>
> >> Nmap done: 1 IP address (1 host up) scanned in 1.66 seconds
> >>
> >>
> >> #
> >>
> >
> https://pentest-tools.com/network-vulnerability-scanning/tcp-port-scanner-online-nmap
> >>
> >> Starting Nmap 6.00 ( http://nmap.org <http://nmap.org/>) at 2015-12-22
> > 08:14 EET
> >> Initiating Ping Scan at 08:14
> >> Scanning 103.9.185.229 [4 ports]
> >> Completed Ping Scan at 08:14, 0.26s elapsed (1 total hosts)
> >> Initiating SYN Stealth Scan at 08:14
> >> Scanning 103.9.185.229 [100 ports]
> >> Discovered open port 3306/tcp on 103.9.185.229
> >> Discovered open port 53/tcp on 103.9.185.229
> >> Discovered open port 465/tcp on 103.9.185.229
> >> Discovered open port 25/tcp on 103.9.185.229
> >> Discovered open port 587/tcp on 103.9.185.229
> >> Discovered open port 22/tcp on 103.9.185.229
> >> Completed SYN Stealth Scan at 08:14, 1.66s elapsed (100 total ports)
> >>
> >>
> >>
> >> http://www.ipfingerprints.com/portscan.php
> >>
> >> 103.9.185.229 53/tcp open  domain
> >> 103.9.185.230 53/tcp open  domain
> >>
> >>
> >> http://ports.my-addr.com/check-all-open-ports-online.php
> >>
> >> 103.9.185.229:53 = success
> >> 103.9.185.230:53 = success
> >>
> >>
> >>
> >
> http://mxtoolbox.com/SuperTool.aspx?action=scan%3a103.9.185.229&run=toolpage
> >> 53dnsOpen266
> >>
> >>
> >
> http://mxtoolbox.com/SuperTool.aspx?action=scan%3a103.9.185.230&run=toolpage
> >> 53dnsOpen281
> >>
> >>
> >>
> >> http://ping.eu/port-chk/
> >>
> >> 103.9.185.229:53 port is closed
> >> 103.9.185.230:53 port is closed
> >> 103.9.185.229:465 port is open
> >> 103.9.185.229:25 port is open
> >> 103.9.185.229:587 port is open
> >> 103.9.185.229:3306 port is open
> >>
> >> ...............................................
> >>
> >> all else port seems open
> >>
> >>
> >>
> >> http://www.t1shopper.com/tools/port-scan/
> >>
> >> 103.9.185.229 isn't responding on port 53 (domain).
> >> 103.9.185.230 isn't responding on port 53 (domain).
> >> 103.9.185.229 is responding on port 25 (smtp).
> >> ............................................................
> >> same here
> >>
> >>
> >>
> >> http://www.yougetsignal.com/tools/open-ports/
> >>
> >> Port 53 is closed on 103.9.185.229.
> >> Port 53 is closed on 103.9.185.230.
> >> Port 25 is open on 103.9.185.229.
> >> ----------------------------------
> >> same here
> >>
> >>
> >
> --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> >>
> >>
> >> This put me in nowhere as there are no host/network acl to filter the
> >> dns traffic. ISP/IIG/ITC telling me the same.
> >>
> >> Is this is any global routing issue ? Have anyone experienced  such
> >> scenarios ? Please suggest me any solution of this.
> >>
> >>
> >>
> >> Regards,
> >> Jasim
> >>
> >>
> >>
> >>
> >
> --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> >>
> >> On Monday, December 21, 2015 10:17 AM, "MAILER-DAEMON at yahoo.com
> > <mailto:MAILER-DAEMON at yahoo.com>"
> >> <MAILER-DAEMON at yahoo.com <mailto:MAILER-DAEMON at yahoo.com>> wrote:
> >>
> >>
> >> Sorry, we were unable to deliver your message to the following address.
> >>
> >> <jasim.alam at btraccl.net <mailto:jasim.alam at btraccl.net>
> > <mailto:jasim.alam at btraccl.net <mailto:jasim.alam at btraccl.net>>>:
> >> No MX or A records for btraccl.net
> >>
> >> --- Below this line is a copy of the message.
> >>
> >> Received: from [66.196.81.174] by nm26.bullet.mail.bf1.yahoo.com with
> >> NNFMP; 21 Dec 2015 03:53:35 -0000
> >> Received: from [98.139.212.217] by tm20.bullet.mail.bf1.yahoo.com with
> >> NNFMP; 21 Dec 2015 03:53:35 -0000
> >> Received: from [127.0.0.1] by omp1026.mail.bf1.yahoo.com with NNFMP; 21
> >> Dec 2015 03:53:35 -0000
> >> X-Yahoo-Newman-Property: ymail-3
> >> X-Yahoo-Newman-Id: 458777.42486.bm at omp1026.mail.bf1.yahoo.com
> > <mailto:458777.42486.bm at omp1026.mail.bf1.yahoo.com>
> >> <mailto:458777.42486.bm at omp1026.mail.bf1.yahoo.com
> > <mailto:458777.42486.bm at omp1026.mail.bf1.yahoo.com>>
> >> X-YMail-OSG:
> > eRLkhAUVM1m0iGywFxEWTqIClC9kpx9qep2H3h87A5pXx7u2nChv7ojlOA3fPfM
> >>
> >
> roCPBlSiUKcgA3RcgQ2Sb1reTx.PrLKmpH02eJy73Zct1QKep.znfHg.M.fuVcGtxASr_UG41vkF
> >>
> >
> TePG24o6oWYfOzaDxvKbrj6gZ8X7_2892LrZbcwH7vWLaLewvUoweKlWtHw7T5vldvDwwosWu33Q
> >>
> >
> iX0k0PBAKx._HtbJMxEiPRsl7dRjhRI54UbfnzIx5xSx0xtWyzVDVMKtTXOIA1Czwu2JqRyIvEUJ
> >>
> >
> Yjd_FnOcPsHQsrTsZUvQk89pYEBgilMhVoMTnsbwm4g4MYjK7vMAOH0XJnxvkNuFnhUWAjKVb80F
> >>
> >
> UF.jXDoD.E5oO0XsZorFAu9MCtya54XZP0cE4TypHxan7xEpUmVkoTJaY8gUFjoHeOknqjWdwQbw
> >>
> >
> 4Xs2d2I0FAIwlU72IygsYzTRrW39ZI8KOmcIGD7I28pI3A.LlPqTuFsfePx1nCFr4xH70qljrBW6
> >> g7bA0fpB7t3eafXRVCtsc7h5b
> >> Received: by 66.196.80.121; Mon, 21 Dec 2015 03:53:35 +0000
> >> Date: Mon, 21 Dec 2015 03:53:34 +0000 (UTC)
> >> From: Jasim Alam <jasim21 at ymail.com <mailto:jasim21 at ymail.com>
> > <mailto:jasim21 at ymail.com <mailto:jasim21 at ymail.com>>>
> >> Reply-To: Jasim Alam <jasim21 at ymail.com <mailto:jasim21 at ymail.com>
> > <mailto:jasim21 at ymail.com <mailto:jasim21 at ymail.com>>>
> >> To: Jasim Alam <jasim.alam at btraccl.net <mailto:jasim.alam at btraccl.net>
> > <mailto:jasim.alam at btraccl.net <mailto:jasim.alam at btraccl.net>>>
> >> Message-ID:
> >> <1702908944.1561022.1450670014437.JavaMail.yahoo at mail.yahoo.com
> > <mailto:1702908944.1561022.1450670014437.JavaMail.yahoo at mail.yahoo.com>
> >> <mailto:1702908944.1561022.1450670014437.JavaMail.yahoo at mail.yahoo.com
> > <mailto:1702908944.1561022.1450670014437.JavaMail.yahoo at mail.yahoo.com
> >>>
> >> Subject: test mail
> >> MIME-Version: 1.0
> >> Content-Type: multipart/alternative;
> >>    boundary="----=_Part_1561021_133957058.1450670014436"
> >> References:
> >> <1702908944.1561022.1450670014437.JavaMail.yahoo.ref at mail.yahoo.com
> > <mailto:
> 1702908944.1561022.1450670014437.JavaMail.yahoo.ref at mail.yahoo.com>
> >
> >>
> > <mailto:
> 1702908944.1561022.1450670014437.JavaMail.yahoo.ref at mail.yahoo.com
> > <mailto:
> 1702908944.1561022.1450670014437.JavaMail.yahoo.ref at mail.yahoo.com>>>
> >> Content-Length: 513
> >>
> >> ------=_Part_1561021_133957058.1450670014436
> >> Content-Type: text/plain; charset=UTF-8
> >> Content-Transfer-Encoding: 7bit
> >>
> >> test mail
> >> ------=_Part_1561021_133957058.1450670014436
> >> Content-Type: text/html; charset=UTF-8
> >> Content-Transfer-Encoding: 7bit
> >>
> >> <html><head></head><body><div style="color:#000; background-color:#fff;
> >> font-family:garamond, new york, times, serif;font-size:13px"><div
> >> id="yui_3_16_0_1_1450669984207_2646" dir="ltr">test
> >> mail</div></div></body></html>
> >> ------=_Part_1561021_133957058.1450670014436--
> >
> >>
> >>
> >>
> >>
> >> _______________________________________________
> >> nog mailing list
> >> nog at bdnog.org <mailto:nog at bdnog.org>
> >> http://mailman.bdnog.org/mailman/listinfo/nog
> >
> >>
> >
> >
> _______________________________________________
> nog mailing list
> nog at bdnog.org
> http://mailman.bdnog.org/mailman/listinfo/nog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.bdnog.org/pipermail/nog/attachments/20151230/acbe2c9d/attachment-0001.html>


More information about the nog mailing list