Hotmail sending email to A record not MX records

domain-name-system email mx-record g-suite

I have my website hosted at one location, on a server that also accepts email, and I use Google Apps for mail as my email provider. I've had no problems in the last 18 months, and no reports of email being lost.

This week however, someone using Hotmail has tried emailing me. 25-50% of the emails they send are returned to them, with a "550 relay not permitted" message.

My MX records are correct, and checking the Exim logs on my web server I see that Hotmail is trying to send emails to the A record, because this server can accept email. This appears to be a known problem with Hotmail.

As I can't disable the webserver from accepting mail from Hotmail (since other people use the web server as their email hosting), is there a solution?


Solution 1:

Hotmail fails to use proper DNS rules. Hotmail will always try to deliver to the domain's A-record first and will ignore MX-records. If the domain A-record accepts a connection (eg. it runs a mailserver) it will try to deliver the email, which in most cases will not be an issue if the webserver and mail server are the same box.

However, if an domain uses a different mailserver Hotmail will still try to deliver mail to the domain's A-record. If the machine gives a 550 Relay denied Hotmail will fail to deliver the mail. It does NOT try the domain's MX-record.

THe only work around is to firewall port 25, so Hotmail is unable to connect to your port 25. If that fails hotmail will try to resolve the MX-records.

This has been an issue for years, but Hotmail is ignorant.

Solution 2:

Are you sure that your MX records themselves work consistently?

If for some reason Hotmail can't look up your MX records but can look up your A records, they'll try the latter.

Solution 3:

I highly recommend Google's CheckMX tool.

I've always wondered why some e-mails sent through Hotmail bounced, but this tool showed me an open port 25 on my Web server was what confused Hotmail. So even though it's Hotmail who is to blame, I closed the port and had no issues ever since.

Solution 4:

We had this problem too, with Hotmail ignoring MX records. But it seems that the failure was inconsistent. The servers listed below sometimes show up in our logs showing successful delivery, and other times show up in errors returned to senders.

  • blu0-omc2-s9.blu0.hotmail.com [65.55.111.84]
  • blu0-omc1-s12.blu0.hotmail.com[65.55.116.23]
  • bay0-omc4-s24.bay0.hotmail.com[65.54.190.226]
  • blu0-omc4-s25.blu0.hotmail.com[65.55.111.164]

We have solved the problems. They were due to a DNS server which was often not responding. (though it was at a large web hosting company). When we started using our own DNS service, the problem went away, and we have not seen any errors for a month now.

The 'accepted' answer above is incorrect: Hotmail does make correct use of MX records.

Related

Raid array missing after reboot
HELPP Unable to find a medium containing a live file system attempt interactive netboot from a url yes no [duplicate]
How can I disable popup notifications?
How do I get "user locale names folders"
Fingerprint option is not shown in lenovo thinkpad e14
How to remove http headers from curl response?
How to compare time in if condition?
How To Stop My Mouse Acting Like A Superkey
Can we just have one function with variadic templates?
Intellij "go to > implementation/declaration" navigation feature not working
Load audiodata into AudioBufferSourceNode from <audio/> element via createMediaElementSource?
Python error when trying to get dict item [duplicate]