[wplug] Reverse DNS - PTR Record

Ken Rambler ken at ramblernet.com
Mon May 23 15:37:04 EDT 2005


Thanks Brandon. I made them aware of the error, they now report it has been corrected.

--
RamblerNet WebMail (http://www.RamblerNet.com)


---------- Original Message -----------
From: "Poyner, Brandon" <bpoyner at ccac.edu>
To: "General user list" <wplug at wplug.org>
Sent: Mon, 23 May 2005 08:46:20 -0400
Subject: RE: [wplug] Reverse DNS - PTR Record

> It seems to me that Comcast created a PTR record that doesn't match your
> A record.
> 
> $ dig -x 70.89.224.37
> ...
> ;; ANSWER SECTION:
> 37.224.89.70.in-addr.arpa.  55m22s IN PTR
> 70-89-224-37-ns.ramblernet.com.
> 
> That should be "IN PTR ns.ramblernet.com." but instead they've made the
> hostname 70-89-224-37-ns.
> 
> As for the A record, that's something only you have control over.  I
> guess you could change your end to match their PTR record but that would
> be silly.
> 
> Brandon Poyner
> Network Engineer III
> CCAC - College Office
> 412-237-3086
> 
> -----Original Message-----
> From: wplug-bounces+bpoyner=ccac.edu at wplug.org
> [mailto:wplug-bounces+bpoyner=ccac.edu at wplug.org] On Behalf Of Ken
> Rambler
> Sent: Friday, May 20, 2005 6:19 PM
> To: 'General user list'
> Subject: RE: [wplug] Reverse DNS - PTR Record
> 
> Comcast changed the PTR record but did not create an A record.
> 
> Their support is lacking, does anyone have an example of what this
> should be so I can explain to Comcast?
> 
> -----Original Message-----
> From: wplug-bounces+ken=ramblernet.com at wplug.org
> [mailto:wplug-bounces+ken=ramblernet.com at wplug.org] On Behalf Of Poyner,
> Brandon
> Sent: Friday, May 20, 2005 1:17 PM
> To: General user list
> Subject: RE: [wplug] Reverse DNS - PTR Record
> 
> Bill is right.  If you weren't given an entire class C network (/24 or
> less) and you still want to be responsible for reverse DNS requests ask
> Comcast for classless delegation.
> 
> Brandon Poyner
> Network Engineer III
> CCAC - College Office
> 412-237-3086
> 
> -----Original Message-----
> From: wplug-bounces+bpoyner=ccac.edu at wplug.org
> [mailto:wplug-bounces+bpoyner=ccac.edu at wplug.org] On Behalf Of Bill
> Moran
> Sent: Friday, May 20, 2005 12:43 PM
> To: General user list
> Subject: Re: [wplug] Reverse DNS - PTR Record
> 
> "Ken Rambler" <ken at ramblernet.com> wrote:
> 
> > I'm not sure exactly how to ask this question, so I apologize in 
> > advance.
> > 
> > My question is related to the PTR record and reverse DNS of a public
> IP
> > address.
> > 
> > We operate a mail server and our own DNS server. The public business
> IP
> > (static) address is provided by our ISP, which is Comcast. The reverse
> 
> > DNS points back to their name, i.e.:
> > 
> > Asking NS1.COMCASTBUSINESS.NET. for xx.xxx.xx.xx.in-addr.arpa PTR
> > record: Reports xx-xx-xxx-xx-pa.hfc.comcastbusiness.net
> > Now the question: Shouldn't the reverse point back to our server name?
> 
> > Is this something we could override by adding an entry into our zone 
> > file?
> 
> Yes and no.
> 
> You could easily enter a PTR record in your DNS, however, that doesn't
> mean the rest of the Internet will know to look for it there.
> 
> DNS is all about delegation, and the PTR information for your IP address
> is delegated to Comcast, just like all the other PTR records on that
> same subnet.
> 
> You have two choices:
> 1) Have Comcast enter the correct information in their DNS for your
>    IP.
> 2) Have Comcast delegate that PTR record to your nameserver.
> 
> If you only have 1 IP, #1 will likely be easier.  But either way, your
> ISP has the option of doing #1 or #2.
> 
> > The reason I question this is that our mail looks to be forged when
> the
> > server domain name does not match the reverse dns of our IP address.
> 
> Are you talking about this:
> 
> Received: from ns.ramblernet.com
> 	(70-89-224-37-Ken-Rambler-pa.hfc.comcastbusiness.net
> 	[70.89.224.37] (may be forged))
> 
> The fact that the HELO announcement doesn't match the PTR record is not
> a valid test for forgery.  In fact, it won't match in most cases.  The
> important thing is that ns.ramblernet.com _does_ resolve to
> 70.89.224.37, and it does.
> 
> Unfortunately, however, Comcast gave you a PTR record that does not have
> a valid A record, i.e.:
> 
> bash-2.05b$ host 70-89-224-37-Ken-Rambler-pa.hfc.comcastbusiness.net
> Host 70-89-224-37-Ken-Rambler-pa.hfc.comcastbusiness.net not found:
> 3(NXDOMAIN)
> 
> Comcast has screwed up here.  There should not be PTR names that don't
> have a corresponding A record.
> 
> I'm not familiar enough with sendmail to know exactly what it uses as a
> criteria for adding the "may be forged" line, but I know that a lot of
> servers will bounce your mail if your PTR record returns an unknown
> hostname.  I'd jump on Comcast to get that fixed, at least.
> 
> -- 
> Bill Moran
> Potential Technologies
> http://www.potentialtech.com
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug

> 
> -- 
------- End of Original Message -------


-- 
This message has been scanned for viruses and
dangerous content by Ramblernet's MailScanner,
 and is believed to be clean.



More information about the wplug mailing list