3

We are having issues talking to another company. There mails are bouncing back with the error:

#< #5.0.0 X-Spam-Firewall; mail for airinuit.ca loops back to myself> #SMTP#

I have seen this message in relation to configuration issues with PostFix. My environment is Exchange 2010 with a Barracuda Spam & Virus appliance as our mail gateway.

When I looked up the MX record with nslookup I got 

> set type=mx
> domain.ca
Server:  mydc.domain.net
Address:  10.10.13.21

Non-authoritative answer:
airinuit.ca     MX preference = 10, mail exchanger = loopback.internic.ca

loopback.internic.ca    internet address = 127.0.0.1

I got the same results from the MXtoolbox. So I guess I understand why my mail gateway thinks it is supposed to send mail to itself. Internic.ca is a CA Registrar.

This does not make sense to me. Even less when I try to email them from my google account and I don't get a bounce back.

What does this mean? I don't think there is an issue on my side but I don't understand why this means.

Matt
  • 690
  • 6
  • 26
  • Do you happen to have the zone both internally and externally for the same domain? This could cause multiple MX records for the same domain, which points to diffrent servers. – xstnc Jun 24 '16 at 14:39
  • How about giving us the actual domain name so that we can check it for ourselves? Why would you omit/obfuscate the domain name? - http://meta.serverfault.com/questions/963/what-information-should-i-include-or-obfuscate-in-my-posts – joeqwerty Jun 24 '16 at 14:41
  • Because its not mine. While the MX is public the potential extra attention could be unwarranted. I wasnt sure of any implications. Does not really matter I suppose. I have edited it in. I had stated that this is verified externally but it is possible I am wrong. – Matt Jun 24 '16 at 14:41
  • You're welcome homestarrunner – Matt Jun 24 '16 at 14:44
  • Mail sendt from the outside actually gets delivered for this domain to the mailboxes under it? – xstnc Jun 24 '16 at 14:45
  • @xstnc I have not been able to get a confirmation reply or verbal acknowledgement as of yet. When I look at something like [this](https://www.robtex.com/en/advisory/dns/ca/internic/loopback/) that states this is used by other domains made me more curious. – Matt Jun 24 '16 at 14:46
  • I would be surprised if it actually does! Please update the post if/when you get the confirmation. – xstnc Jun 24 '16 at 14:47
  • As would I and will do. – Matt Jun 24 '16 at 14:47
  • 1
    OK, I see the same result. I have no idea why they're doing that with their MX record. Possibly they don't want to receive email at that domain and rather than simply not having an MX record in their DNS zone they've chosen to loopback the MX record via localhost/127.0.0.1. It's a mystery to me. It may be because of the A record fallback mechanism and they don't want to deal with a bunch of SMTP connections to the host that is designated as the A record for their domain. – joeqwerty Jun 24 '16 at 14:47
  • Ok. I am not crazy then... this should not work. – Matt Jun 24 '16 at 14:54
  • @joeqwerty I just a little bit of an idiot. It looks like the .ca domain redirects to the .com domain that company also owns (for its main site). Mail is handled by .com and not .ca it seems. That MX record like you said is likely to stop mail. I have not got the company to confirm but I found more information expanding my log search on my Barracuda. – Matt Jun 24 '16 at 15:01
  • @Matt: Not idiotic at all. It's an out of the ordinary and unorthodox thing to do on their part. Asking why is definitely question worthy. They could have easily designated their .com email host as the MX record for their .ca domain. My guess is they don't want to receive email at all for the .ca domain and that's why they configured the MX record the way they did. – joeqwerty Jun 24 '16 at 15:06
  • @xstnc I just got the bounce back from google mail with a similar error message. Only took 24hrs. – Matt Jun 24 '16 at 18:19
  • Had a feeling! I see that you found the answer too :) nice! – xstnc Jun 24 '16 at 20:48

1 Answers1

4

That remote domain has an MX record pointing to the loopback address 127.0.0.1 which is either a misconfiguration by the owner of that domain or it's by design.

We don't know of any really good reasons to do so: Under what circumstances (if any) should an MX record point to localhost?

Either way that makes it impossible to deliver email to them. There is nothing wrong with your own mailserver.

Community
  • 1
HBruijn
  • 72,524
  • 21
  • 127
  • 192
  • Yeah. I didnt think it was my issue. I know now what the issue is. This domain does not handle their mail. The company owns the .ca equivalent of their .com domain. The latter which accepts mail.Thanks for the edit. I didn't see that question. Mine seems like a dupe now anyway. – Matt Jun 24 '16 at 15:04