I'm having a go-round with my isp. I have a send only postfix server on my 'node, and have it set to reject connections with no reverse hostname. At home, I'm on Road Runner cable (and have been for 10 years), and this last week I started being blocked from sending email because my home ip address has no reverse dns entry. I've tried on several dns servers from my local machine and from my node.and get the same servfail response:

linpear:~# nslookup 184.90.253.228
;; Got SERVFAIL reply from 75.127.97.7, trying next server
;; Got SERVFAIL reply from 75.127.97.7, trying next server
Server:         75.127.97.6
Address:        75.127.97.6#53

So- my question- where does the rdns entry come from? )Again- this isn't a Linode problem).

_________________
--
Chris Bryant

The owner of that subnet (roadrunner) is responsible for it.

A simple way around it would be an ssh tunnel

This is very handy for troubleshooting this sort of thing:

dig -x 184.90.253.228 +trace

Looks specific to your IP; my reverse DNS on the same set of nameservers (dns*.rr.com) is fine. -rt

_________________

/* TODO: need to add signature to posts */

Thanks- hoopycat, I'm not sure what this is telling me-

chris@Phoenix-mepis:~$ dig -x 184.90.253.228 +trace

; <<>> DiG 9.7.3 <<>> -x 184.90.253.228 +trace
;; global options: +cmd
.                       257777  IN      NS      b.root-servers.net.
.                       257777  IN      NS      d.root-servers.net.
.                       257777  IN      NS      j.root-servers.net.
.                       257777  IN      NS      a.root-servers.net.
.                       257777  IN      NS      f.root-servers.net.
.                       257777  IN      NS      h.root-servers.net.
.                       257777  IN      NS      m.root-servers.net.
.                       257777  IN      NS      e.root-servers.net.
.                       257777  IN      NS      g.root-servers.net.
.                       257777  IN      NS      l.root-servers.net.
.                       257777  IN      NS      k.root-servers.net.
.                       257777  IN      NS      i.root-servers.net.
.                       257777  IN      NS      c.root-servers.net.
;; Received 228 bytes from 65.32.5.111#53(65.32.5.111) in 12 ms

in-addr.arpa.           172800  IN      NS      d.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      f.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      e.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      c.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      a.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      b.in-addr-servers.arpa.
;; Received 421 bytes from 192.5.5.241#53(f.root-servers.net) in 68 ms

184.in-addr.arpa.       86400   IN      NS      w.arin.net.
184.in-addr.arpa.       86400   IN      NS      y.arin.net.
184.in-addr.arpa.       86400   IN      NS      r.arin.net.
184.in-addr.arpa.       86400   IN      NS      t.arin.net.
184.in-addr.arpa.       86400   IN      NS      z.arin.net.
184.in-addr.arpa.       86400   IN      NS      x.arin.net.
184.in-addr.arpa.       86400   IN      NS      u.arin.net.
184.in-addr.arpa.       86400   IN      NS      v.arin.net.
;; Received 181 bytes from 199.212.0.73#53(a.in-addr-servers.arpa) in 55 ms

90.184.in-addr.arpa.    86400   IN      NS      DNS3.RR.COM.
90.184.in-addr.arpa.    86400   IN      NS      DNS5.RR.COM.
90.184.in-addr.arpa.    86400   IN      NS      DNS2.RR.COM.
90.184.in-addr.arpa.    86400   IN      NS      DNS1.RR.COM.
90.184.in-addr.arpa.    86400   IN      NS      DNS6.RR.COM.
;; Received 146 bytes from 199.212.0.63#53(z.arin.net) in 56 ms

;; Received 45 bytes from 76.85.249.142#53(DNS6.RR.COM) in 61 ms

chris@Phoenix-mepis:~$ 

I just wasn't sure about the interaction of their dhcp server (I'm on a dynamic ip at home) and which name server was providing the rdns entry.

_________________
--

Chris Bryant

It tells you that 184.90.*.* is handled by the five nameservers listed at the end there, and DNS6.RR.COM knows nothing about your particular IP.

DHCP doesn't directly impact this, although if you got a new IP address recently, it's possible the new one just doesn't have reverse DNS configured.

Good luck!

_________________

/* TODO: need to add signature to posts */

The postfix check for missing reverse hostname is useful only because it is somewhat common for ISP's to supply IP addresses with no rDNS entry. That check really only makes sense for incoming mail. Assuming you are using SASL, you should probably have a permit_sasl_authenticated entry above any DNS checks.