reverse DNS issue?

[NoDoze]

I've covered all the posts about connection timed out errors on port 25 both in this forums and on google... Can someone help me figure out the cause of this? Its been a week long issue with no answers.

Why suddenly would this start occurring when nothing has changed on the server?

[NoDoze]

Here are the results of:
cat /etc/resolv.conf
cat /etc/hosts
dig yourdomain.com mx
dig yourdomain.conf any
host `hostname`

cat /etc/resolv.conf
search 192.168.1.190
nameserver 192.168.1.248

cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.1.248 mail.domain.com

dig domain.com mx

; <<>> DiG 9.3.4-P1 <<>> domain.com mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26112
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3

;; QUESTION SECTION:
;domain.com. IN MX

;; ANSWER SECTION:
domain.com. 120 IN MX 10 mail.domain.com.

;; AUTHORITY SECTION:
domain.com. 165010 IN NS ns1.domain.com.
domain.com. 165010 IN NS ns2.domain.com.

;; ADDITIONAL SECTION:
mail.domain.com. 120 IN A 192.168.1.248
ns1.domain.com. 120765 IN A 71.X.XX.180
ns2.domain.com. 122532 IN A 71.X.XX.181

;; Query time: 16 msec
;; SERVER: 192.168.1.248#53(192.168.1.248)
;; WHEN: Thu May 6 09:49:48 2010
;; MSG SIZE rcvd: 139

domain.com any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33103
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 3

;; QUESTION SECTION:
;domain.com. IN ANY

;; ANSWER SECTION:
domain.com. 78 IN MX 10 mail.domain.com.
domain.com. 164968 IN NS ns1.domain.com.
domain.com. 164968 IN NS ns2.domain.com.

;; AUTHORITY SECTION:
domain.com. 164968 IN NS ns2.domain.com.
domain.com. 164968 IN NS ns1.domain.com.

;; ADDITIONAL SECTION:
mail.domaincom. 120 IN A 192.168.1.248
ns1.domain.com. 120723 IN A 71.X.XX.180
ns2.domain.com. 122490 IN A 71.X.XX.181

;; Query time: 0 msec
;; SERVER: 192.168.1.248#53(192.168.1.248)
;; WHEN: Thu May 6 09:50:30 2010
;; MSG SIZE rcvd: 167

host `hostname`
mail.domain.com has address 192.168.1.248
mail.domain.com mail is handled by 10 mail.domain.com.

[soxfan]

You are having problems with just certain email domains / servers, right? How about a DNS issue or something like that? Also, could your server be on a blacklist?

[NoDoze]

I did a blacklist check, and it was all OK.

I tried telneting from a remote office to the email servers in question and was able to connect. The remote offices are with a different ISP. So it looks like maybe our ISP is blocking our IP or the email servers are blocking our IP...maybe? But I check with one of the domain's in question and thye said thay couldn't find anything wrong on their end....what else could it be?

[NoDoze]

But then again....
what are the odds that multiple domains have our IP blocked?
...that would lead me to believe it's something on our end, right?
ALL 5 of these domains that we're getting the same connection timed out error can't all be blocking our IP, or can they?

[soxfan]

But then again....
what are the odds that multiple domains have our IP blocked?

Well, if they were all using the same RBL or something like that then the odds would be very high. I know you said you checked if you were blacklisted, but are you sure?

...that would lead me to believe it's something on our end, right?

I think it points to some type of misconfiguration on your end, and all the remote email servers that you are having problems sending to are checking the same thing.

You say that you've been testing with telnet. Not that there's anything wrong that, but what actually happens when you try sending emails to these domains? Seems like there should be some type of message, either in your logs, the remote server logs, or in a "kick back" email message that would give some indication of why it is failing.

[NoDoze]

Well, when I send an email from our email server to the questionable domains, the email just hangs in the queue, and when you hover over it, it says, connection timed out 25. But receiving the email is ok.
Other than that, I don't get an email bounce back.

[soxfan]

This kind of sounds like it could be a network issue. Have you tried any tools like ping, traceroute, nmap, etc. to troubleshoot? Also, when you are doing your telnet tests are you trying to connect via host-name or IP address (or have you tried both)? If by name, have you verified that the IP it is resolving out to is correct? You said you were able to telnet from a remote site, so you could just check the IP there to compare.

[NoDoze]

Hmmm...ok....odd stuff...

I have APF running on the email server....Turned it off, able to telnet.
Recet default settings in the apf.conf file, restarted it, now able to telnet with APF on. ...about 4 of the domains that were bouncing back now are sending email through...

The other domains left now in the queue are aol.com and comcast.net...both now report rdns failure....

[soxfan]

I have APF running on the email server....Turned it off, able to telnet.
Recet default settings in the apf.conf file, restarted it, now able to telnet with APF on. ...about 4 of the domains that were bouncing back now are sending email through...

Hmm, that's strange. What's APF? Not recognizing the service / acronym off-hand. Just curious in case I ever run into this issue or see other posts here with similar problems. Glad you are able to get through to some of the domains now.

The other domains left now in the queue are aol.com and comcast.net...both now report rdns failure...

I'd recommend going out and searching on the Internet for on-line tools that will allow you to test your reverse DNS. That will get your system / network out of the mix and see how it looks out on the Internet.