Linode Forum :: Where does rdns entry originate?

Linode Forum https://forum.linode.com/

Where does rdns entry originate? https://forum.linode.com/viewtopic.php?f=19&t=8522	Page 1 of 1

Author:	bryantrv [ Sun Mar 04, 2012 5:35 pm ]
Post subject:	Where does rdns entry originate?
I'm having a go-round with my isp. I have a send only postfix server on my 'node, and have it set to reject connections with no reverse hostname. At home, I'm on Road Runner cable (and have been for 10 years), and this last week I started being blocked from sending email because my home ip address has no reverse dns entry. I've tried on several dns servers from my local machine and from my node.and get the same servfail response: Code: linpear:~# nslookup 184.90.253.228 ;; Got SERVFAIL reply from 75.127.97.7, trying next server ;; Got SERVFAIL reply from 75.127.97.7, trying next server Server: 75.127.97.6 Address: 75.127.97.6#53 So- my question- where does the rdns entry come from? )Again- this isn't a Linode problem).

Author:	glg [ Sun Mar 04, 2012 6:41 pm ]
Post subject:	Re: Where does rdns entry originate?
bryantrv wrote: I'm having a go-round with my isp. I have a send only postfix server on my 'node, and have it set to reject connections with no reverse hostname. At home, I'm on Road Runner cable (and have been for 10 years), and this last week I started being blocked from sending email because my home ip address has no reverse dns entry. I've tried on several dns servers from my local machine and from my node.and get the same servfail response: Code: linpear:~# nslookup 184.90.253.228 ;; Got SERVFAIL reply from 75.127.97.7, trying next server ;; Got SERVFAIL reply from 75.127.97.7, trying next server Server: 75.127.97.6 Address: 75.127.97.6#53 So- my question- where does the rdns entry come from? )Again- this isn't a Linode problem). The owner of that subnet (roadrunner) is responsible for it. A simple way around it would be an ssh tunnel

Author:	hoopycat [ Sun Mar 04, 2012 6:55 pm ]
Post subject:
This is very handy for troubleshooting this sort of thing: Code: dig -x 184.90.253.228 +trace Looks specific to your IP; my reverse DNS on the same set of nameservers (dns*.rr.com) is fine. -rt

Author:

bryantrv [ Sun Mar 04, 2012 7:56 pm ]

Post subject:

Thanks- hoopycat, I'm not sure what this is telling me-

Code:

chris@Phoenix-mepis:~$ dig -x 184.90.253.228 +trace

; <<>> DiG 9.7.3 <<>> -x 184.90.253.228 +trace
;; global options: +cmd
.                       257777  IN      NS      b.root-servers.net.
.                       257777  IN      NS      d.root-servers.net.
.                       257777  IN      NS      j.root-servers.net.
.                       257777  IN      NS      a.root-servers.net.
.                       257777  IN      NS      f.root-servers.net.
.                       257777  IN      NS      h.root-servers.net.
.                       257777  IN      NS      m.root-servers.net.
.                       257777  IN      NS      e.root-servers.net.
.                       257777  IN      NS      g.root-servers.net.
.                       257777  IN      NS      l.root-servers.net.
.                       257777  IN      NS      k.root-servers.net.
.                       257777  IN      NS      i.root-servers.net.
.                       257777  IN      NS      c.root-servers.net.
;; Received 228 bytes from 65.32.5.111#53(65.32.5.111) in 12 ms

in-addr.arpa.           172800  IN      NS      d.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      f.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      e.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      c.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      a.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      b.in-addr-servers.arpa.
;; Received 421 bytes from 192.5.5.241#53(f.root-servers.net) in 68 ms

184.in-addr.arpa.       86400   IN      NS      w.arin.net.
184.in-addr.arpa.       86400   IN      NS      y.arin.net.
184.in-addr.arpa.       86400   IN      NS      r.arin.net.
184.in-addr.arpa.       86400   IN      NS      t.arin.net.
184.in-addr.arpa.       86400   IN      NS      z.arin.net.
184.in-addr.arpa.       86400   IN      NS      x.arin.net.
184.in-addr.arpa.       86400   IN      NS      u.arin.net.
184.in-addr.arpa.       86400   IN      NS      v.arin.net.
;; Received 181 bytes from 199.212.0.73#53(a.in-addr-servers.arpa) in 55 ms

90.184.in-addr.arpa.    86400   IN      NS      DNS3.RR.COM.
90.184.in-addr.arpa.    86400   IN      NS      DNS5.RR.COM.
90.184.in-addr.arpa.    86400   IN      NS      DNS2.RR.COM.
90.184.in-addr.arpa.    86400   IN      NS      DNS1.RR.COM.
90.184.in-addr.arpa.    86400   IN      NS      DNS6.RR.COM.
;; Received 146 bytes from 199.212.0.63#53(z.arin.net) in 56 ms

;; Received 45 bytes from 76.85.249.142#53(DNS6.RR.COM) in 61 ms

chris@Phoenix-mepis:~$

I just wasn't sure about the interaction of their dhcp server (I'm on a dynamic ip at home) and which name server was providing the rdns entry.

Author:	hoopycat [ Sun Mar 04, 2012 9:37 pm ]
Post subject:
It tells you that 184.90.. is handled by the five nameservers listed at the end there, and DNS6.RR.COM knows nothing about your particular IP. DHCP doesn't directly impact this, although if you got a new IP address recently, it's possible the new one just doesn't have reverse DNS configured. Good luck!

Author:	Stever [ Mon Mar 05, 2012 11:23 am ]
Post subject:
The postfix check for missing reverse hostname is useful only because it is somewhat common for ISP's to supply IP addresses with no rDNS entry. That check really only makes sense for incoming mail. Assuming you are using SASL, you should probably have a permit_sasl_authenticated entry above any DNS checks.

Page 1 of 1	All times are UTC-04:00
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/