Tag Archive for reverse-dns

Reverse DNS lookup not resolving correctly

DataCorrupt asked:

I’ve been searching and searching for the answer and I can’t find it.

My problem is that all of my emails sent from my server are either going to spam folders or not being delivered. I am trying to apply for jobs, but I can’t do that if all of my emails are being sent to spam folders.

I have no idea how to fix this, and I can’t find answers.

I know that it is a reverse DNS issue because when it does the reverse DNS lookup it doesn’t find my domain name. I have a VPS through Corespace, the reverse lookup finds their propagation.com site. I don’t know how to adjust that, do I need to contact them to have the IP point to my domain, or because there are a lot of domains pointing to that IP do I need to change my smtp information to reflect that address.

I don’t know what to do.


I answered:

Your VPS provider will control the reverse DNS for your server, and so you will need to contact them to make any changes to it.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Cloudflare, reverse DNS and php mail ending up in spam folder

Joseph Szymborski asked:

I’ve been using Cloudflare to host my DNS, and PHPMailer to send e-mail through ZOHOs SMTP servers with great success, but have found that all my e-mails are hitting Gmail, Zoho and Hotmails spam folders.

When I disabled Cloudflare’s DNS hosting, and set-up my reverse DNS server, all my issues were resolved and mail wasn’t sent to the spam folder. Also, a host command changed from:

$ host noteafloat.com
noteafloat.com has address 108.162.197.82
noteafloat.com has address 108.162.196.82
noteafloat.com mail is handled by 10 mx.zohomail.com.
noteafloat.com mail is handled by 20 mx2.zohomail.com.

to

$ host noteafloat.com
noteafloat.com has address 192.73.238.17
noteafloat.com mail is handled by 20 mx2.zohomail.com.
noteafloat.com mail is handled by 10 mx.zohomail.com.

Now, while this is all well and good, I rather like the services Cloudflare offers, so I turned it back on after setting up my reverse DNS. When I test the e-mail again, it gets sent to spam, and if I turn Cloudflare off again, it’ll work again.

Am I forced to choose between using Cloudflare and having my mail sent to the spam folder? Please tell me there is a work around!


I answered:

When you have CloudFlare on, your reverse DNS doesn’t match your forward DNS:

$ host 192.73.238.17
17.238.73.192.in-addr.arpa domain name pointer noteafloat.com.

This is one of the many things that get checked to determine if a message may be spam.

This is easy to fix: Just make them match, and use an actual hostname. For instance, set the PTR for 192.73.238.17 to myservername.noteafloat.com (at Ramnode) and set the A record for myservername.noteafloat.com to 192.73.238.17 (at CloudFlare).


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Reverse DNS lookup doesn't match hostname

nikhil asked:

There’s a service on our local intranet that depends on the hostname mapping to the ip address, it is failing for a centos host inside of a virtual machine. I have set the virtual network adapter as bridged.

➜ ~ dig +short nikhil-vm
172.27.12.134 
➜ ~ dig +short -x 172.27.12.134 
ubuntu-server.xyz.com 

What can I do to fix this?


I answered:

Add a PTR record to your intranet’s DNS server(s) specifying the desired hostname for that IP address.

For instance, for a BIND zone 12.27.172.in-addr.arpa:

134     IN      PTR     nikhil-vm.intranet.invalid.

View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Reverse DNS Resolve for MX record

Bruno Vieira asked:

I’ve two servers running, one is a webserver and it’s A record on my (external) DNS provider is in the form of:

example.com in A XXX.XX.XXX.171

The other is a mailserver and it’s A record is in the form:

mail.example.com in A XXX.XX.XXX.170

and it’s mx record is in the form:

example.com in MX 10 mail.example.com

How should my DNS reverse (i.e. my ISP provider) resolve:

example.com or mail.example.com?

BTW, this is how my /etc/hosts file looks like:

127.0.0.1   mail.example.com mail example.com
::1     mail.example.com mail example.com

Thanks in advance for all the help


I answered:

Have both of them matched exactly. i.e.

171 IN PTR example.com.
170 IN PTR mail.example.com.

In fact you can just copy and paste that to your ISP; that’s exactly how it will look in their bind (DNS server) configuration.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Creating reverse DNS entries which resolve

Tiffany Walker asked:

Possible Duplicate:
Reverse DNS – how to correctly configure for SMTP delivery

I ran a DNS check and ended up with the following error:

FAIL: Found reverse DNS entries which don't resolves
IP-IP-IP-IP.HOST.DOMAIN.TLD → ???
All IP's reverse DNS entries should resolve back to IP address (MX record's name -> IP -> IP Reverse -> IP). Many mail servers are configured to reject e-mails from IPs with inconsistent reverse DNS configuration.

How do I properly configure and it so it goes to an IP?


I answered:

Contact the provider who assigned the IP address to you. Unless they have delegated reverse DNS to you, then they will have to set it for you.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

what's wrong with my Ubuntu 11.10 bind9 configuration?

John Bowlinger asked:

I’ve followed several tutorials on installing your own nameservers and I’m pretty much at my wit’s end, because I cannot get them to resolve. Note, the actual domain and ip address has been changed for privacy to example.com and 192.168.0.1. My named.conf.local file:

zone "example.com" {
    type master;
    file "/var/cache/bind/example.com.db";
};

zone "0.168.192.in_addr.arpa" {
  type master;
  file "/var/cache/bind/192.168.0.db";
};

My named.conf.options file:

options {
    forwarders {
       192.168.0.1;
     };

    auth-nxdomain no;    # conform to RFC1035
    listen-on-v6 { any; };
};

My resolv.conf file:

search example.com.
nameserver 192.168.0.1

My Forward DNS file:

ORIGIN example.com.
$TTL  86400
@    IN    SOA   ns1.example.com.    root.example.com. (
    2012083101  ; Serial
    604800  ; Refresh
    86400  ; Retry
    2419200  ; Expire
    3600 )  ; Negative Cache TTL

example.com. NS    ns1.example.com.
example.com. NS    ns2.example.com.
example.com. MX    10 mail.example.com.

@        IN  A  192.168.0.1
ns1.example.com       IN  A  192.168.0.1
ns2.example.com       IN  A  192.168.0.2
mail     IN  A  192.168.0.1
server1  IN  A  192.168.0.1

gateway    IN CNAME ns1.example.com.
headoffice IN CNAME server1.example.com.
smtp       IN CNAME mail.example.com.
pop        IN CNAME mail.example.com.
imap       IN CNAME mail.example.com.
www        IN CNAME server1.example.com.
sql        IN CNAME server1.example.com.

And my reverse DNS:

$ORIGIN 0.168.192.in-addr.arpa.
$TTL  86400
@  IN  SOA  ns1.example.com.  root.example.com. (
    2009013101  ; Serial
    604800  ; Refresh
    86400  ; Retry
    2419200  ; Expire
    3600 )  ; Negative Cache TTL

1    PTR mail.example.com.
1    PTR server1.example.com.
2    PTR ns1.example.com.

Yet, when I restart bind9 and do:

host ns1.example.com localhost

I get:

Using domain server:
Name: localhost
Address: 127.0.0.1#53
Aliases: 

Host ns1.example.com.example.com not found: 2(SERVFAIL)

Similarly, for:

host 192.168.0.1 localhost

I get:

;; connection timed out; no servers could be reached

Anybody know what’s going on? Btw, my domain name “www.example.com” that I’ve used in this question is being forwarded to my ISP’s nameservers. Would that affect my bind9 configuration? I want to learn how to do set up nameservers on my own for learning, so that is why I’m going through all this trouble.


I answered:

The problematic entries are here:

ns1.example.com       IN  A  192.168.0.1
ns2.example.com       IN  A  192.168.0.2

Your domain gets added to the end of each of these, if you haven’t terminated them with a period. To get it working, change them to:

ns1       IN  A  192.168.0.1
ns2       IN  A  192.168.0.2

You also need to make the change @Zoredache gave to fix your reverse DNS (but you wouldn’t have discovered that problem until later…)


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

PTR and A record must match?

somecallmemike asked:

RFC 1912 Section 2.1 states the following:

Make sure your PTR and A records match. For every IP address, there
should be a matching PTR record in the in-addr.arpa domain. If a
host is multi-homed, (more than one IP address) make sure that all IP
addresses have a corresponding PTR record (not just the first one).
Failure to have matching PTR and A records can cause loss of Internet
services similar to not being registered in the DNS at all. Also,
PTR records must point back to a valid A record, not a alias defined
by a CNAME. It is highly recommended that you use some software
which automates this checking, or generate your DNS data from a
database which automatically creates consistent data.

This does not make any sense to me, should an ISP keep matching A records for every PTR record? It seems to me that it’s only important if the IP address that the PTR record describes is hosting a service that is sensitive to DNS being mismatched (such as email hosting). In that case the forward zone would be configured under a domain name (examples follow the format ‘zone -> record’):

domain.tld -> mail IN A 1.2.3.4

And the PTR record would be configured to match:

3.2.1.in-addr.arpa -> 4 IN PTR mail.domain.tld.

Would there be any reason for the ISP to host a forward lookup for an IP address on their network like this?:

ispdomain.tld -> broadband-ip-1 IN A 1.2.3.4


I answered:

Matching the PTR and A records makes it possible to verify the claim made in the PTR record by automated means.

If the A record isn’t provided, one must go to the whois records to verify whether the PTR record accurately represents the entity in control of the IP address, a tedious manual process that’s difficult to automate and is often wrong or out of date.

This is important for security reasons in many contexts. One that I’m familiar with and will give you an example for is:


Let’s say you run a web site and post unique content, but you have discovered your content is being copied to other web sites, and worse, they’re ranking higher than you in the search engines!

After hours of staring at your logs wondering how in the world somebody slipped a bot past your defenses, you finally notice hundreds of requests from Googlebot. But when you eventually look up one of the IP addresses, you find it registered to Bulletproof Ukraine Web Hosting and not Google. You thought you were getting indexed but instead you got played.

How do you solve this problem? Easy, you compare the PTR record to the A record. Google even recommends this approach.

This can be automated in many Web programming languages (PHP is a notable exception; you cannot do this reliably in PHP) so that a Web app can check the IP address, see that the PTR is *.google.com and then uses the A record to confirm that *.google.com matches the same IP address. If there’s a mismatch somewhere, you have discovered a fake Googlebot.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.