[wplug] Reverse DNS - PTR Record
Ken Rambler
ken at ramblernet.com
Mon May 23 15:37:04 EDT 2005
Thanks Brandon. I made them aware of the error, they now report it has been corrected.
--
RamblerNet WebMail (http://www.RamblerNet.com)
---------- Original Message -----------
From: "Poyner, Brandon" <bpoyner at ccac.edu>
To: "General user list" <wplug at wplug.org>
Sent: Mon, 23 May 2005 08:46:20 -0400
Subject: RE: [wplug] Reverse DNS - PTR Record
> It seems to me that Comcast created a PTR record that doesn't match your
> A record.
>
> $ dig -x 70.89.224.37
> ...
> ;; ANSWER SECTION:
> 37.224.89.70.in-addr.arpa. 55m22s IN PTR
> 70-89-224-37-ns.ramblernet.com.
>
> That should be "IN PTR ns.ramblernet.com." but instead they've made the
> hostname 70-89-224-37-ns.
>
> As for the A record, that's something only you have control over. I
> guess you could change your end to match their PTR record but that would
> be silly.
>
> Brandon Poyner
> Network Engineer III
> CCAC - College Office
> 412-237-3086
>
> -----Original Message-----
> From: wplug-bounces+bpoyner=ccac.edu at wplug.org
> [mailto:wplug-bounces+bpoyner=ccac.edu at wplug.org] On Behalf Of Ken
> Rambler
> Sent: Friday, May 20, 2005 6:19 PM
> To: 'General user list'
> Subject: RE: [wplug] Reverse DNS - PTR Record
>
> Comcast changed the PTR record but did not create an A record.
>
> Their support is lacking, does anyone have an example of what this
> should be so I can explain to Comcast?
>
> -----Original Message-----
> From: wplug-bounces+ken=ramblernet.com at wplug.org
> [mailto:wplug-bounces+ken=ramblernet.com at wplug.org] On Behalf Of Poyner,
> Brandon
> Sent: Friday, May 20, 2005 1:17 PM
> To: General user list
> Subject: RE: [wplug] Reverse DNS - PTR Record
>
> Bill is right. If you weren't given an entire class C network (/24 or
> less) and you still want to be responsible for reverse DNS requests ask
> Comcast for classless delegation.
>
> Brandon Poyner
> Network Engineer III
> CCAC - College Office
> 412-237-3086
>
> -----Original Message-----
> From: wplug-bounces+bpoyner=ccac.edu at wplug.org
> [mailto:wplug-bounces+bpoyner=ccac.edu at wplug.org] On Behalf Of Bill
> Moran
> Sent: Friday, May 20, 2005 12:43 PM
> To: General user list
> Subject: Re: [wplug] Reverse DNS - PTR Record
>
> "Ken Rambler" <ken at ramblernet.com> wrote:
>
> > I'm not sure exactly how to ask this question, so I apologize in
> > advance.
> >
> > My question is related to the PTR record and reverse DNS of a public
> IP
> > address.
> >
> > We operate a mail server and our own DNS server. The public business
> IP
> > (static) address is provided by our ISP, which is Comcast. The reverse
>
> > DNS points back to their name, i.e.:
> >
> > Asking NS1.COMCASTBUSINESS.NET. for xx.xxx.xx.xx.in-addr.arpa PTR
> > record: Reports xx-xx-xxx-xx-pa.hfc.comcastbusiness.net
> > Now the question: Shouldn't the reverse point back to our server name?
>
> > Is this something we could override by adding an entry into our zone
> > file?
>
> Yes and no.
>
> You could easily enter a PTR record in your DNS, however, that doesn't
> mean the rest of the Internet will know to look for it there.
>
> DNS is all about delegation, and the PTR information for your IP address
> is delegated to Comcast, just like all the other PTR records on that
> same subnet.
>
> You have two choices:
> 1) Have Comcast enter the correct information in their DNS for your
> IP.
> 2) Have Comcast delegate that PTR record to your nameserver.
>
> If you only have 1 IP, #1 will likely be easier. But either way, your
> ISP has the option of doing #1 or #2.
>
> > The reason I question this is that our mail looks to be forged when
> the
> > server domain name does not match the reverse dns of our IP address.
>
> Are you talking about this:
>
> Received: from ns.ramblernet.com
> (70-89-224-37-Ken-Rambler-pa.hfc.comcastbusiness.net
> [70.89.224.37] (may be forged))
>
> The fact that the HELO announcement doesn't match the PTR record is not
> a valid test for forgery. In fact, it won't match in most cases. The
> important thing is that ns.ramblernet.com _does_ resolve to
> 70.89.224.37, and it does.
>
> Unfortunately, however, Comcast gave you a PTR record that does not have
> a valid A record, i.e.:
>
> bash-2.05b$ host 70-89-224-37-Ken-Rambler-pa.hfc.comcastbusiness.net
> Host 70-89-224-37-Ken-Rambler-pa.hfc.comcastbusiness.net not found:
> 3(NXDOMAIN)
>
> Comcast has screwed up here. There should not be PTR names that don't
> have a corresponding A record.
>
> I'm not familiar enough with sendmail to know exactly what it uses as a
> criteria for adding the "may be forged" line, but I know that a lot of
> servers will bounce your mail if your PTR record returns an unknown
> hostname. I'd jump on Comcast to get that fixed, at least.
>
> --
> Bill Moran
> Potential Technologies
> http://www.potentialtech.com
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
>
> --
------- End of Original Message -------
--
This message has been scanned for viruses and
dangerous content by Ramblernet's MailScanner,
and is believed to be clean.
More information about the wplug
mailing list