Packet length limit preventing UDP DNS Reply for Earthlink Mail.

[waldadam]

My users are unable to send email to earthlink customers because apparently earthlink does an RDNS lookup or something. I enabled the access to port 1033 and 53, but the packets still get dropped because the packet lengths exceed the configured limit. Where / how do I change this limit?

Jul 08 2004 07:31:52: %PIX-4-410001: Dropped UDP DNS reply from outside:207.69.188.197/53 to inside:132.5.50.50/1033; packet length 621 bytes exceeds configured limit of 512 bytes

IP address: 207.69.188.197
Host name: scratchy.earthlink.net

TraceRoute to 207.69.188.197 [scratchy.earthlink.net]

 

[Lou0686]

Did your ISP set a reverse lookup (RDNS) for your server?

If not, systems that perform reverse lookups (This is getting popular) will not accept mail from you.

Reverse lookup is how they very that your mail actually came from you.

Lou

 

[waldadam]

Yes, we do have an RDNS entry, and the it appears that the requests are coming in. But the firewall is blocking them due to the packet length exceeding 512 bytes ????

 

[waldadam]

I got it working. I just need to change the fixup dns maximum length