Board index DNS

Reverse DNS Problem!

Reverse DNS Problem!

Post by Adam R. Scheblei » Fri, 06 Nov 1998 04:00:00



Here is my problem...  I run IMail 4.0.7 on Windows NT Server 4 w/SP3.  I
use Bind NT 4.9.7 on a seperate Windows NT Server w/SP3 machine running my
nameserver.  I have 2 domains parked (intentionally) on 1 IP address...
(integrityonline11.com & iol11.com).  I have it setup so that the iol11.com
is an alias to integrityonline11.com in my Imail 4.0.7 mailserver.  this
works great for most of the internet's mailservers.  However AOL started
doing reverse DNS lookups (i guess to combat spam) for all incoming mail.


found in DNS"  now, i realize they are doing a RNL on my ip address for my
mail server "iol11.com" (which is 209.67.47.7), and it comes up with
"mail.integrityonline11.com".

Now, i configured my reverse DNS file as follows...

...
7 IN PTR mail.integrityonline11.com
7 IN PTR mail.iol11.com
...

Can I do this?  does the BIND DNS allow multiple PTR records in the RNL file?

if not, how could I do this...

i realize i could use 2 IP's but my mailserver software doesn't support
that... they recommended what i did above...

so, i am at my wits end... please help!

Reg.

Adam <><

---

Integrity Online, America's Choice for Internet Integrity!

 
 
 
Top

Reverse DNS Problem!

Post by webmaste » Fri, 06 Nov 1998 04:00:00


    I was wondering about your comment reguarding the IMAIL server.  I am
running IMAIL 4.06 on a Windows NT Server 4 w/SP3.  I currently have 26 IP's
being used by that server.  Each IP is an individual domain.  Is this
limited by your license?  I know that even the unregistered version supports
multiple IP's.

Eric Rosenquist
LAN Administrator
InterNet of Lawton
http://www.lawtonok.net


-----Original Message-----


Date: Thursday, November 05, 1998 5:30 PM
Subject: Reverse DNS Problem!

Here is my problem...  I run IMail 4.0.7 on Windows NT Server 4 w/SP3.  I
use Bind NT 4.9.7 on a seperate Windows NT Server w/SP3 machine running my
nameserver.  I have 2 domains parked (intentionally) on 1 IP address...
(integrityonline11.com & iol11.com).  I have it setup so that the iol11.com
is an alias to integrityonline11.com in my Imail 4.0.7 mailserver.  this
works great for most of the internet's mailservers.  However AOL started
doing reverse DNS lookups (i guess to combat spam) for all incoming mail.


found in DNS"  now, i realize they are doing a RNL on my ip address for my
mail server "iol11.com" (which is 209.67.47.7), and it comes up with
"mail.integrityonline11.com".

Now, i configured my reverse DNS file as follows...

...
7 IN PTR mail.integrityonline11.com
7 IN PTR mail.iol11.com
...

Can I do this?  does the BIND DNS allow multiple PTR records in the RNL
file?

if not, how could I do this...

i realize i could use 2 IP's but my mailserver software doesn't support
that... they recommended what i did above...

so, i am at my wits end... please help!

Reg.

Adam <><

---

Integrity Online, America's Choice for Internet Integrity!


 
 
 
Top

Reverse DNS Problem!

Post by Markus Stump » Fri, 06 Nov 1998 04:00:00





> found in DNS"  now, i realize they are doing a RNL on my ip address for my
> mail server "iol11.com" (which is 209.67.47.7), and it comes up with
> "mail.integrityonline11.com".

> Now, i configured my reverse DNS file as follows...

> ...
> 7 IN PTR mail.integrityonline11.com
> 7 IN PTR mail.iol11.com

1) You are missing trailing "." at the end of the lines

An now to your problem:
2) the zone iol11.com is broken.
   dig ns iol11.com
        -> NS2.INTEGRITYONLINE11.COM
        -> NS1.INTEGRITYONLINE11.COM

        -> Connection refused

        -> reveals an answer, but the answer is not authoritative.
I assume this is the reason why  aol.com  does not acccept eMail from
users within domain  iol11.com

Check your logfiles for errors, correct them, reload the nameserver
and the problems should go away.

        \Maex

--
SpaceNet GmbH          |   http://www.Space.Net/   | In a world without

Frankfurter Ring 193a  |  Tel: +49 (89) 32356-0    | who needs
D-80807 Muenchen       |  Fax: +49 (89) 32356-299  |   Windows and Gates?

 
 
 
Top

Reverse DNS Problem!

Post by Barry Margoli » Sat, 07 Nov 1998 04:00:00




>An now to your problem:
>2) the zone iol11.com is broken.
>   dig ns iol11.com
>    -> NS2.INTEGRITYONLINE11.COM
>    -> NS1.INTEGRITYONLINE11.COM

>    -> Connection refused

>    -> reveals an answer, but the answer is not authoritative.
>I assume this is the reason why  aol.com  does not acccept eMail from
>users within domain  iol11.com

There's more trouble with this domain.  ns1.integrityonline11.com lists the
following NS records for it:

iol11.com.      86400   NS      ns.exodus.net.
iol11.com.      86400   NS      ns2.exodus.net.
iol11.com.      86400   NS      ns.nj.exodus.net.
iol11.com.      86400   NS      ns2.nj.exodus.net.

However, none of these servers know anything about the domain.

--

GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Don't bother cc'ing followups to me.

 
 
 
Top

1. New CIDR reverse delegation scheme (was: `Re: reverse dns problems')

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Well, RFC 2317 is about the best solution I've been able to come up
with as well that does reverse delegation on networks less than a /24
in a relatively nice way without breaking anything. Create a new zone
(it doesn't even have to be under in-addr.arpa, if some drainbead ISP
wants to put it somewhere else :)) and use CNAMEs to point into that
zone, then delegate the new zone while keeping authority for the /24
one.

Properly implemented (using $GENERATE and a good zone-naming scheme)
it isn't any more complex than standard classful reverse delegations
(given that the ISP has a block bigger than the /24 assigned). The
trick is to have the ISP and end-user agree on the zone name; apart
from that I can see no obvious problems.

The RFC (2317) mentions startaddr/masklength.xxx.xxx.xxx.in-addr.arpa
as an example naming scheme and recommends using another character
(e.g. a hyphen), and most people seems to settle with
startaddr-masklength.xxx.xxx.xxx.in-addr.arpa or (in some cases)
startaddr-endaddr.xxx.xxx.xxx.in-addr.arpa. Anything that doesn't
conflict with the standard in-addr.arpa scheme can be used.

Do you have any better suggestions that doesn't break reverse lookups
for the rest of the /24? Having to install CNAMEs for all IPs you
don't control and delegate them _back_ to the ISP certainly won't
work; how is the ISP supposed to properly delegate them? Asking for a
PTR but getting a CNAME pointing to one or more NS RRs which in turn
delegate authority towards a bunch of PTRs seems terribly far-fetched
and like it requires a lot of extra processing to me. Plus, it creates
a burden on BOTH the ISP and the end-user. That doesn't sound like a
good thing.

Michael Kj?rling


- --

Manager Wolf.COM -- Programmer -- Network Administrator
"We must be the change we wish to see" (Mahatma Gandhi)

^..^     Support the wolves in Norway -- go to     ^..^
 \/   http://home.no.net/ulvelist/protest_int.htm   \/

***** Please only send me emails which concern me *****

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7bdDiKqN7/Ypw4z4RAuPBAJ9YuHwS52B/ud5nuZow6v0bGvuqiACbBSH2
JYj/9+NLz8GNHQYa4OqEPPA=
=aGAY
-----END PGP SIGNATURE-----

2. Can one specify jobq and priority on submitted queries?

3. JPS.net & reverse DNS problems

4. many client PC cannot log on to server

5. Another reverse DNS problem on FreeBSD 4.7 (?)

6. cannot access "positioning"

7. Possible Reverse DNS problem

8. Bluetooth Wireless Pack with CF Slot

9. reverse DNS problem

10. Reverse DNS Problems

11. Reverse DNS problems

12. Reverse DNS Problem

13. yet another reverse dns problem...


All times are UTC
Board index