I use 1and1 for my personal and business websites as well as for our clients. We’ve had a client recently that was not receiving emails from one of their colleagues and of course the other company’s IT person said it was our problem. Having been an email administrator for many years I always like to look into the bounced back messages, smtp connection info, email headers, and more to track down a problem. This particular issue was perplexing because there where not many posts on the net about it. When someone was trying to send an email to a domain hosted at 1and1 it sent this error after the RCPT TO line:
421 invalid sender domain, possibly misconfigured
I tested at http://www.wormly.com/test_smtp_server (which is a great site btw) to get test the error.
So I sent an email to 1and1 support to see if they could help. This was the very speedy response:
The circumstances you have just described is caused by a RFC-non-compliant configuration of the despatcher-domain. The MX-Server
of the domain has no registered A-record, but merely a CNAME-record this is why the e-mail is rejected by our e-mail servers.You can find some general information about this topic here:
http://www.faqs.org/rfcs/rfc2181.html
To provide the e-mail delivery as fast as possible again, we kindly advise you to inscribe the target domain of the CNAME-record as MX-record. For further information, please contact the provider of the despatcher-domain.
Looks like the 1and1 is blocking any non RFC compliant domains. In the rfc spec above it says:
10.3. MX and NS records
The domain name used as the value of a NS resource record, or part of
the value of a MX resource record must not be an alias.
…Additional section processing does not include CNAME records, let alone the address records that may be associated with the canonical name derived from the alias.
So if you are a DNS admin or setup DNS for clients make sure to have the MX record for your domains be A records (they directly resolve to an ip) not CNAME records. So far I have had to email a couple of hosting companies related to this issue. I applaud 1and1 for locking down their email servers even more to thwart spam, but it would have been nice to have had a link or faq on their site explaining what was going on. Thus the reason for this lengthy blog post.
Some other posts on the web about this issues:
- http://discussions.apple.com/thread.jspa?messageID=9892913
- http://forums.devshed.com/dns-36/dns-cname-a-records-issues-628838.html
Useful links to test out DNS and MX records:
It seems they aren’t the only ones to be tightening up their email systems at the moment. GMail now require you to verify all accounts via SMS and YMail want you to type a captcha in to send your first email.
Pingback: Twitter Trackbacks for 1&1 tightens up Email spam rules | Jeremy Heslop [jheslop.com] on Topsy.com
1&1 not only offering cheaper domain names as well as safer email accounts. That’s cooler.
Thanks for publishing this.
1and1 reputation as a difficult ISP is safe. I am fairly sure that if everyone implemented the RFCs to the letter lots of other stuff would stop working too. Not a great idea!
More and more companies are trying to clamp down on spam which is a good thing – in theory. I find the problem with automated programs spotting spam is that they flag non spam as being spam.
I’ve also found this with some blogs where after a comment a message will apeear saying my comment seems spammy, although it isn’t at all.
I haven’t heard of them until I stumbled upon this post. So I’m gonna probably give them a try seeing how much I hate spam. I’m more of a namecheap guy and I’m happy with them. But there’s no harm in trying 1and1 right?
I was looking for a good webhosting already and perhaps I’ve found it. I am not sure whether they provide setup for WordPress or not but I will have to email them, they’ve got some cheap prices as compared to some other services I checked.
Hi there i was just surfing the net and came across your site, i hate spam,I will use 1and1 for my personal and business websites as well as for our clients, i am so glad i came across your site, many thanks Anthony.
To be honest, it’s about time. Until recently, 1 and 1 has an atrocious record for spam filtering.
@Mark – they don’t have a WordPress config tool but they do provide the MySQL server backends with a simple to use GUI configurator. All you need to do is upload your WP files and connect to the db that you create.
I think 1&1 did a great job on that part, that is, to protect their clients and servers as well, from getting attacked by spam. Security is very important, although sometimes, due to tight security some things don’t just work your way. But in the end, you will be thankful for this network security practice.
It is better to be protected than feel sorry for being not. I believe that 1 and 1 is an effective tool to make sure of spam protection.
Security is very important, although sometimes, due to tight security some things don’t just work your way. But in the end, you will be thankful for this network security practice.