Topic: What to write in a reverse DNS ptr record?

[dmajwool]

Hi.
Some advice please, for my sme 7.0.

I've been searching for a solution why my mail to just one of my clients is being rejected by his ISP.  His ISP tells him that my rDNS is at fault.

At www.dnsstuff.com, my rDNS record is reported as

OK. The IPs of all of your mail server(s) have reverse DNS (PTR) entries. RFC1912 2.1 says you should have a reverse DNS for all your mail servers. It is strongly urged that you have them, as many mailservers will not accept mail from mailservers with no reverse DNS entry. Note that this information is cached, so if you changed it recently, it will not be reflected here (see the www.DNSstuff.com Reverse DNS Tool for the current data). The reverse DNS entries are:

1xx.1xx.2xx.217.in-addr.arpa mydomain.co.uk. [TTL=86400]

should I change this to
mail.mydomain.co.uk
or
servername.mydomain.co.uk ?


I also see the following warning from www.dnsstuff.com

WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.

mail.mydomain.co.uk claims to be non-existent host servername.mydomain.co.uk:
220 servername.mydomain..co.uk ESMTP

What can I do to clear this warning?

Many thanks

David.

[raem]

dmajwool

> should I change this to mail.mydomain.co.uk

The reverse DNS entry for your servers IP address should be changed to
mydomain.co.uk
although that is something you request your ISP to do.

[dmajwool]

Ray.

Thanks for that.  Since I posted the question we have done a lot of reading, and even more head scratching.  We are coming to the conclusion that our DNS is correct, and that there must be some other reason why just one of my customer's ISP is bouncing our mail.

You say the rDNS should be simply mydomain.co.uk

However, http://www.dnsstuff.com/info/revdns.htm  consistently uses the syntax host.example.com

I realise that dnsstuff.com are not authorative, but they do seem quite thorough

WARNING: One or more of your mailservers is claiming to be a host other than what it really is.....What can I do to clear this warning?

I created an A record for servername.mydomain.co.uk and the warning cleared.

I'll let you know what fixes our bouncing mail problem as soon as we get there.

David.

[byte]

220 servername.mydomain..co.uk ESMTP

[/quote]

I noticed you have 2 dots ..co.uk from your warning message ?!

[dmajwool]

I noticed you have 2 dots ..co.uk from your warning message ?!

Sorry, that's just a typo whilst obfuscating the real domain name.

David.

[byte]

Would this apply?

http://bugs.contribs.org/show_bug.cgi?id=1325

[raem]

dmajwool

I had reverse DNS issues in relation to being put on a blacklist, and had to get my ISP to set reverse DNS as my main domain name, in the form as suggested previously.
I was then able to get removed from the list.


> http://www.dnsstuff.com/info/revdns.htm  consistently uses the syntax host.example.com

They also use in the very first line the word "might":
"for example, it might turn 192.0.2.25 into host.example.com."


> I created an A record for servername.mydomain.co.uk and the warning cleared.

Does creating the A record change anything in regard to reverse DNS ? They also say further down:

Reverse DNS entries are set up with PTR records (whereas standard DNS uses A records), which look like "25.2.0.192.in-addr.arpa. PTR host.example.com" (whereas standard DNS would look like "host.example.com. A 192.0.2.25").

and

1. Your DNS servers (or your ISP's) MUST have the reverse DNS entries set up ("25.2.0.192.in-addr.arpa. PTR host.example.com").
2. AND your ISP or bandwidth provider MUST set up the reverse DNS on their end, so that DNS resolvers around the world will know that your DNS servers are the ones to go to when looking up the reverse DNS for your IP addresses.

[dmajwool]

Would this apply?
http://bugs.contribs.org/show_bug.cgi?id=1325

Thanks.  I found that discussion very helpful. I'm concluding that in order to avoid DNS related issues I need to make my domain records broader rather than minimal and strictly compliant.  That's why I added the additional A record.

Does creating the A record change anything in regard to reverse DNS ?

I don't think so.  It was related to my second question about the "host name in greeting" warning.

1. Your DNS servers (or your ISP's) MUST have the reverse DNS entries set up ("25.2.0.192.in-addr.arpa. PTR host.example.com").
2. AND your ISP or bandwidth provider MUST set up the reverse DNS on their end, so that DNS resolvers around the world will know that your DNS servers are the ones to go to when looking up the reverse DNS for your IP addresses.

So I must refer to the rDNS (held at my ISP) in my main DNS (held at my domain host)? Hmm. I'll think about that.

Thanks, David.

[skydivers]

dmajwool

> should I change this to mail.mydomain.co.uk

The reverse DNS entry for your servers IP address should be changed to
mydomain.co.uk
although that is something you request your ISP to do.

I also have to change the reverseDNS entry. Is it enough to change it to mydomain.be or is also possible to change it to servername.mydomain.be

[dmajwool]

I also have to change the reverseDNS entry. Is it enough to change it to mydomain.be or is also possible to change it to servername.mydomain.be

I think it will be sufficient to name your rDNS mydomain.be

It seems to me that the reverse DNS, when it is used at all,  is used for very basic authentication, and I don't think a remote host won't reject you based on the subdomain in your rDNS.

I started this thread trying to avoid further mail rejections to one ISP.  It turned out that the problem was in that ISP's user database, and not my rDNS.

HTH, David.

[skydivers]

I also have to change the reverseDNS entry. Is it enough to change it to mydomain.be or is also possible to change it to servername.mydomain.be

I think it will be sufficient to name your rDNS mydomain.be

It seems to me that the reverse DNS, when it is used at all,  is used for very basic authentication, and I don't think a remote host won't reject you based on the subdomain in your rDNS.

I started this thread trying to avoid further mail rejections to one ISP.  It turned out that the problem was in that ISP's user database, and not my rDNS.

HTH, David.

My ISP changed it to mail.mydomain.be still hotmail refuses the mails. Probably I am on one of their blacklists, but getting off these blacklists is not that simple.

[dmajwool]

We had a different problem with rejections by AOL because our external fixed IP was somewhere in the middle of a vast  "residential" subnet.  We fixed this by using our ISP's smtp server to deliver our mail rather than the SME.

In server-manager email panel, we set Address of Internet provider's mail server = smtp.easynet.co.uk

[skydivers]

We had a different problem with rejections by AOL because our external fixed IP was somewhere in the middle of a vast  "residential" subnet.  We fixed this by using our ISP's smtp server to deliver our mail rather than the SME.

In server-manager email panel, we set Address of Internet provider's mail server = smtp.easynet.co.uk

This is indeed what i am also planning to do.

Thanx