DDOS, switching servers and no emails.. a little help please

Hi all,

My web host got hit hard with a DDOS attack last Friday morning and I have not been able to properly receive emails since then. I have a number of clients that I resell websites and email accounts to and their emails are not working properly either.

My sites were transferred to a new server about 40 hours ago but emails still don't seem to be working properly.

If you could visit my sites and post here letting me know if you could view them or not and send me and a coworker an email (blank if you wish) I would greatly appreciate it. Later today I will get my host to check out the results on this thread.

Here are the sites in question:
www.conneriver.com
www.mfngov.ca
www.mfnselfgovernment.com
www.mhrnl.com
www.amalijek.com

My email address is [email protected]
My coworker's email is [email protected]

Thanks!
Rene

Looks good from here.

-Zeke

Did you email me or pfoster?

Thanks!

Rene

All the websites are ok for me.

I emailed you.

-Zeke

Thanks. Never got it.

Rene

sent an email at 10:59 AM

Still none.

Anybody have any suggestions? MX entries? My nameserver has changed and I pointed my domains to the new one almost 2 days ago. I'm lost now and about to pull out my hair! My host is trying to help, but so far I am having no joy.

Anybody???

Thanks for the help so far.

Rene

http://www.dnsreport.com/tools/mail.ch?domain=rene%40conneriver.com

and check out the mail section of http://www.dnsreport.com/tools/dnsreport.ch?domain=conneriver.com

Looking through the second link nothing seems to seriously out of whack. What exactly is the first link saying though???

I've forwarded the urls to my host for their perusal. I just got off the phone with them and they seem to know nothing when questioned live.

Thanks again!

I'm looking for some more testing sites out there to see if I can figure out what is going on.

Rene

I think that first link I posted may actually be broken itself.

I have just done a manual SMTP session to your address.

Looking up the MX record:
Code:

---

[root@dipsy /root]# dig mx conneriver.com

; <<>> DiG 9.2.1 <<>> mx conneriver.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7484
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3

;; QUESTION SECTION:
;conneriver.com.                        IN      MX

;; ANSWER SECTION:
conneriver.com.         14400   IN      MX      0 conneriver.com.

;; AUTHORITY SECTION:
conneriver.com.         86400   IN      NS      ns1.rdns15.net.
conneriver.com.         86400   IN      NS      ns2.rdns15.net.

;; ADDITIONAL SECTION:
conneriver.com.         14400   IN      A       205.234.216.91
ns1.rdns15.net.         172800  IN      A       205.234.216.91
ns2.rdns15.net.         172800  IN      A       205.234.216.92

---

and sending a message:
Code:

---

[root@dipsy /root]# telnet 205.234.216.91 25
Trying 205.234.216.91...
Connected to 205.234.216.91.
Escape character is '^]'.
220-blazecast15.rdns15.net ESMTP Exim 4.63 #1 Thu, 01 Feb 2007 12:35:51 -0600
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
HELO dipsy.norman.cx
250 blazecast15.rdns15.net Hello dipsy.norman.cx [81.187.229.66]
MAIL FROM:<[email protected]>
250 OK
RCPT TO:<[email protected]>
250 Accepted
DATA
354 Enter message, ending with "." on a line by itself
Test message, manual SMTP
.
250 OK id=1HCgoP-0005dW-1q
QUIT
221 blazecast15.rdns15.net closing connection
Connection closed by foreign host.

---

So your mail server is definitely accepting messages for you, even if they aren't getting to you.

Thanks again for that. I definitely am not receiving the messages. My host keeps upping the length of time that it takes for the DNS information to propagate. Now they are saying 72 hours. I changed the information about 48 hours ago now. Do you think that the Nameserver propagation might be the problem?

I have a linux firewall (SmoothWall) between me and the internet. How would I flush the DNS cache on that box?

Rene (off to Google)

Ok, I think I am narrowing it down... I just tried mail2web.com and my inbox is full of messages. Outlook express doesn't see them and isn't downloading them.

Also, when I log into my webmail from my webhost that inbox is all but empty.

Rene

Smoothwall Flushed, no luck.
Local PC flushed, no luck.... but whats this, after about 5 minutes all of my emails get downloaded.

Hopefully this is the end of this. I guess I can't be mad at my host anymore.

Thanks (yet again) for the help. I've got the emails now!

Rene

Quote:
Outlook express doesn't see them and isn't downloading them.

Well, I can't comment on your webmail, but I'd ditch Outlook Express and use Mozilla Thunderbird, personally.