July 6, 2005

Undelivered Mail Returned to Sender, Fixed!

When we announced Sandvox at WWDC last month, Dan and I put a signup form on Karelia's main page to gather email addresses for sending out announcements as we get closer to shipping. (The sheer quantity of signups and positive comments, by the way, has been tremendous. Thanks!)

As a matter of course, we send back a welcoming email to the person who signed up, along with an unsubscribe link and other information. Less than 1% of these bounced back as undeliverable, which I think is actually pretty good, but I started to notice things in the bounces that worried me. Things like,

Diagnostic-Code: X-Postfix; host fe.mail.saunalahti.fi[62.142.5.25] refused to talk to me: 554 : Client host rejected: No mail accepted from you

and

Diagnostic-Code: X-Postfix; host smtp3.parasun.net[204.174.18.100] said: 550 Administrative prohibition (in reply to RCPT TO command)

and

Diagnostic-Code: X-Postfix; host relay.verizon.net[206.46.232.11] said: 550 You are not permitted to send mail. Please visit http://www.verizon.net/whitelist to request removal. (in reply to MAIL FROM command)

didn't look like ordinary bounces. That last one was really annoying as Verizon's a pretty big ISP and I didn't want their mail relay to prevent us from talking to (potential) customers at their request.

Long story short, and here's where it gets stupidly technical, we recently changed our ISP from one DSL account inside SBC (nee PacBell) to another DSL account inside SBC. Although SBC was actually surprisingly good about switching over the account, they never updated their PTR (aka Reverse DNS) records to show that our IP addresses inside their IP block legitimately point back to our servers. This meant that Verizon and AlamedaNET and some other ISPs thought we were just a rogue zombie PC somewhere on SBC's DSL, sending spam willy-nilly. Apparently this is a big problem in the Windows-world.

Here's what I learned in straightening this out:

www.DNSstuff.com is an invaluable tool for tracking down DNS probblems. Use the Reverse DNS lookup form to see if your server's IP matches its hostname.

Whenever you have a problem with SBC DSL and have to call the 877 number, immediately ask for tier-two support. This gets you somebody "stateside" -- as they themselves say -- rather than somebody, I'm guessing in India, doing nothing more than reading from a rather limited number of choices on a screen. I'm not sure why, but asking for tier-two support was the only way I was able to break the loop of

"What version of Windows are you using, sir?"
"I'm not using Windows."
"Windows XP?"
"I'm not using Windows."
(pause) "Windows XP?"
"I'm running Mac OS X Tiger Server."
(pause) (pause) "Windows XP?"
"I'm running FreeBSD."
"Windows XP?"
"I'm not running Windows, I'm running Unix."
(pause) "Windows XP?"
"I need to speak with tier-two support."
"You want to speak with tier-two support?"
"Yes."
"Please hold."
There, see how that works?

Finally, once you get to tier-two support, insist that the problem can be solved and that you just need to speak to somebody in DNS support. After your fifth transfer you finally get to speak with a woman, probably sitting at a desk in Northern California, who understands every technical word you are saying and who then gives you the email address where you tell PacBell how you would like your PTR record(s) to look. You then send off your email and all is well.

(Update: It turns out that if I had just done a Google search on the issue and taken a leap of faith, instead of picking up the phone, I could have avoided a lot of hassle, 'cause, you know, Ameritech and PacBell are the same. Windows XP?)

So, if you had signed up and didn't receive a response from us initially, our apologies. I've gone through the bounces and resent out everything again this morning.

Posted by ttalbot at 2:15 PM | Comments (1)