The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Rogue MX record causing 'lowest numbered MX record points to local host' error

Discussion in 'E-mail Discussions' started by kidrobot, Sep 10, 2013.

  1. kidrobot

    kidrobot Member

    Joined:
    Sep 9, 2013
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    We switched one of our cPanel domains (let's call it example.com) to a dedicated IP because we needed to serve the site as https.

    Since the change, emails sent from the server to @example.com addresses are no longer delivered.

    Mail is handled by netregistry.net.au so WHM/cPanel is configured to use Remote Mail Exchange with MX records like so:

    example.com. 3600 IN MX 10 mx.netregistry.net.
    example.com. 3600 IN MX 20 mx4.netregistry.net.

    The error in the EXIM logs for the failed messages is 'lowest numbered MX record points to local host'.

    If we do a 'dig example.com mx' on the server, the reason for this becomes clear as the following MX records are returned.

    ;; ANSWER SECTION:
    example.com. 3600 IN MX 0 example.com.
    example.com. 3600 IN MX 10 mx.netregistry.net.
    example.com. 3600 IN MX 20 mx4.netregistry.net.

    We are using WHM to manage the DNS for the domain and there is no MX 0 record.

    If we run 'dig example.com mx' on any other machine, it returns the correct MX records.

    How can we find out where the rogue MX is coming from?

    Happy to PM someone the actual domain if that helps.
     
  2. simonas

    simonas Well-Known Member

    Joined:
    Apr 21, 2013
    Messages:
    141
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Lithuania
    cPanel Access Level:
    Root Administrator
    Hey,

    You could try requesting nameserver directly:

    dig @{ns1.example.com} {example.com} {TYPE}

    First try your server IP. If your server returns lowest MX, check /var/named/ .db files directly, maybe record is in the other zone file.

    Also, old results may still be cached, i use Global DNS Propagation Checker - What's My DNS? to see global DNS record propagation.
     
  3. kidrobot

    kidrobot Member

    Joined:
    Sep 9, 2013
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thanks for those suggestions.

    I tried each one but none of them return the MX 0 record.

    All of them return the correct mx and mx4 netregistry records. :(
     
  4. simonas

    simonas Well-Known Member

    Joined:
    Apr 21, 2013
    Messages:
    141
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Lithuania
    cPanel Access Level:
    Root Administrator
    If you don't specify nameserver, it will use your ISP provided nameserver (If you have not overridden them).
    Usually ISP's nameservers are latest to receive updates, try using google's public DNS (8.8.8.8 , 8.8.4.4).

    Also when sending test emails, they get returned? What error message is displayed?
     
  5. quietFinn

    quietFinn Well-Known Member

    Joined:
    Feb 4, 2006
    Messages:
    998
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Finland
    cPanel Access Level:
    Root Administrator

    Go to WHM-> DNS Functions -> Edit DNS Zone, selct example.com to edit.
    See that the MX records are correct.
    Under "Email Routing for ..."
    select "Automatically Detect Configuration" and click "Save".

    On the next page it should say:
    "REMOTE MAIL EXCHANGER: This server will NOT serve as a mail exchanger for example.com's mail.: This configuration has been automatically detected based on your mx entries."

    Does it?


    Also you can check file:
    /etc/localdomains
    example.com should NOT be in that file, instead it should be in:
    /etc/remotedomains
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Yes, check to ensure the domain name exists in the following file:

    /etc/remotedomains

    It should be populated in this file automatically when using "Edit DNS Zone", but it's worth double checking that it exists in the correct file.

    Thank you.
     
  7. kidrobot

    kidrobot Member

    Joined:
    Sep 9, 2013
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thanks for all your tips.

    I have doublechecked all of these things many times.

    Can confirm that DNS is configured for Remote Mail Exchanger, 'cat /etc/remotedomains' displays the domain name and 'cat /etc/localdomains' does not.

    Also a 'dig 8.8.8.8 example.com mx' on the server still shows the errant MX 0 record causing the localhost issue.

    For completeness, the error is like so:

    2013-09-11 06:51:39 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1VJUuR-0007DI-Fz
    2013-09-11 06:51:39 1VJUuR-0007DI-Fz lowest numbered MX record points to local host: example.com
    2013-09-11 06:51:39 1VJUuR-0007DI-Fz == foo@example.com R=lookuphost defer (-1): lowest numbered MX record points to local host
    2013-09-11 06:51:39 1VJUuR-0007DI-Fz Frozen

    The nameservers are also on this server with the ns1.example.com being the same IP as the main example.com.

    Could this be the issue?

    Is there any way to escalate this to a formal help ticket?
     
  8. kidrobot

    kidrobot Member

    Joined:
    Sep 9, 2013
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    We finally figured out the problem.

    The first item in our /etc/resolv.conf was the IP of the server.

    Once we removed that and updated the file as follows, the 'dig example.com mx' returned the correct MX records and mail began being delivered again.

    8.8.8.8
    4.4.4.4

    It's not clear how the IP got there to begin with.

    Perhaps it was automagically inserted when nameservers were assigned from the WHM console?
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    The /etc/resolv.conf file is only altered by WHM during the initial setup wizard or via:

    "WHM Home » Networking Setup » Resolver Configuration"

    Thank you.
     
Loading...

Share This Page