Any way to figure out why some e-mail disappears on its way to me?

Does anybody know of a way to trace an e-mail’s progress through servers, perhaps like a traceroute for the path an e-mail has taken, to find out where a problem with e-mail delivery is occurring? I know the headers tell you how a message got to you, but that’s not much use when you aren’t getting the messages.

Details:

I run a Linux server that is connected to the Internet via a cable modem with a static IP address. I handle my own DNS and e-mail, so the Linux box runs its own name server (BIND) and e-mail server (sendmail). It has a few domain names: one main domain name and a few others.

A few months back, my ISP changed my static IP address after several years of having the same address. I had to update everything so all of my domain names would point to the new IP address. It seemed to mostly work, but I recently discovered that since then, e-mail from some places to my main domain has been dropped.

For instance, e-mail from Hotmail never comes through at all. Eventually the recipient gets a message like this:

And eventually, of course, the delivery fails altogether. Mail from Yahoo also seems to fail. Messages from most places, including Gmail, come through okay.

This is growing incredibly frustrating. I found out my ISP (Cox Communications) had a record for my main domain name that pointed to my old IP address in some of their name servers, when they really weren’t supposed to have any records for my domains at all; any requests should have been forwarded to my machine or should have been served with cached information from my server. So they appear to have fixed that problem, but I still can’t get mail from Hotmail.

I don’t know where the problem is – my domain’s nameserver settings (i.e., what you see when you run a whois on the domain)? My name server settings? My ISP?

If anybody has any ideas, I would greatly appreciate any help. My primary domain is hplx.net, if that helps.

You may not like this, but many ISP mail systems blacklist systems with IP addresses that are in address blocks assigned to DSL and cable modems. They also often block port 25 for their customers.

I’m not sure what you mean. Could you expand?

The primary source for spam email is infected PC on residential ISPs. Since all the PCs within the ISPs address space should use the ISPs mail server, many people feel justified blocking all emails to and from the address space that corresponds to residential internet use. If your assigned static IP address still sits in the dynamic IP range of your ISP, some mail servers that use some Address Range Block Lists may stop delivery to your domains.

However, it is more likely that you still have some DNS issues. The “Message Delayed” that the sender receives back tells us that one of the routing mail servers cannot connect to the primary or secondary MX record for your domain, and has held up the message until it can. This is how SMTP works. The “delayed message” headers should tell you both the recipient domain name and the IP address that it resolves to. Check to see that these are correct. If they point to the old ip address, you have a DNS issue. You may be running BIND, but it may not actually be authoritative over the whole internet. Check with your Domain Name provider to see who is the actual authoritative Name server, and ensure that you have correct info all round. Check your primary and secondary MX records as well. If the IP address in the “delayed message” header is correct, then some IP port/address filtering may be occurring between the sending SMTP server and the receiving one. This will be hard to sort out, and you may need to use a Trusted Relay - an email relay server that both you and other ISPs trust to relay messages - I use DynDNS Mailhop for outgoing email, but you can use it as a secondary mail server and trusted relay for incoming email as well. However, this does actually cost money(but not much - it is good value).

ETA: just did a nslookup on hplx.net. I got no MX records and no domain Authority back, just an IP address. Check your DNS

Si