Reverse DNS lookup problems

  • Thread starter Thread starter J. Bryan Wehrenberg
  • Start date Start date
J

J. Bryan Wehrenberg

As most people have, I am getting some of my email rejected because I have
no reverse DNS lookup for my mailserver. I have contacted my ISP about
setting this up for me since they are the owner and authority for this IP
range but I'm having a little trouble setting it up. I am using a firewall
so the errors returned by the rejecting email servers report that there is
no reverse DNS lookup for the address of my firewall, not my mailserver.
For example, my firewall is at say XXX.XXX.XXX.2 but my mail server is on a
different address say XXX.XXX.XXX.3. If I have my ISP set the reverse DNS
of my mailserver, say MAILSERVER.MYDOMAIN.COM to XXX.XXX.XXX.2, which is my
firewall, it will do a reverse lookup and find the correct domain name of
MAILSERVER.MYDOMAIN.COM. But if it then does a regular DNS lookup for that
domain name it will resolve to it's correct address of XXX.XXX.XXX.3, which
is different from the reverse lookup.

So my question is this: a) is there a way to fix this and b) do I need to
worry about it hoping the accepting mailserver doesn't do both kinds of
lookups and compares the two? Obviously it will need to do the regular DNS
lookup to send mail to me but does it do that to recieve mail or just the
reverse DNS lookup?

Help is always apprecaited even if unrewarded,
Big Bry
 
J. Bryan Wehrenberg said:
As most people have, I am getting some of my email rejected because I have
no reverse DNS lookup for my mailserver. I have contacted my ISP about
setting this up for me since they are the owner and authority for this IP
range but I'm having a little trouble setting it up. I am using a firewall
so the errors returned by the rejecting email servers report that there is
no reverse DNS lookup for the address of my firewall, not my mailserver.
Click to expand...

You will have to get the MAILSERVER to use the same name as the
reverse of the firewall -- note this name might have NOTHING to do with
the "real" name of that server or the email addresses. It's easy to
understand
if you realize that one email server might service hundreds of "companies",
i.e., DNS zones/names.
 
The problem with all these xxx.xxx.xxx.xxx examples is that it makes helping
you very difficult.

Let's assume that you PUBLIC IP 1.2.3.4. Let's then assume that you host
your own DNS server for your Domain.
1.2.3.4 is bound to your "Firewall". Inside your LAN, you are using PRIVATE
IP Addresses. You are then Port-Fowarding/NATting through your firewall. I
then assume that the DNS server is also behind the firewall.

If the above assumptions are correct, then what you'd do is simply create a
PTR in your DNS for 1.2.3.4 and map it to MAILSERVER.MYDOMAIN.COM. Since you
are authoritative for the zone, whoever is "reversing" you will come to your
DNS server for the reverse and your DNS server will tell it whatever you put
in there

You said you asked your ISP to "reverse delegate" that IP to you. What was
the outcome of the request?

--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
www.akomolafe.com
www.iyaburo.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
 
Back
Top