HELP: Reverse (PTR) lookup problems on domain name.
administrator at yellowhead.com
Wed Mar 15 23:06:40 UTC 2000
Newer mail servers do a reverse lookup on the sending IP address to confirm
that the return address domain is a real domain. This is to combat spammers who
use do not use a mail forwarder but send direct using a false return address.
Reverse lookups are different from forward lookups. They are normally done one
octet at a time to get to the "C" class network. A query on the first octet
will tell the DNS who has the authority for that network. A query sent to that
network will tell you who has the authority for the "B" class network, and a
query sent to that network will tell you who has the authority for the "C"
class network. When the DNS for the receiving mail server queries your sending
IP address, whoever has the authority for that "C" class network will respond
with whatever name they have assigned to that address. Sub "C" class network
reverse lookups require special attention.
************** REPLY SEPARATER **************
In article <F148C821ACB6D111AB4000A0249BC4CD5D1A91 at mail.lanacom.com>,
drh at backweb.com says...
>We have experiencing a reverse lookup problem that is preventing our mail
>server from delivering messages into particular domains which perform
>reverse lookups on the address of the incoming mail server.
>The problem (we suspect) stems from the fact that PTR queries on
>"backweb.com" in addition to our mailserver "mail.backweb.com" is failing as
>the following nslookup output demonstrates:
>Default Server: ns.backweb.com
>> set qt=ptr
>*** No domain name pointer (PTR) records available for backweb.com
>*** No domain name pointer (PTR) records available for mail.backweb.com
>To clarify, our nameserver, ns.backweb.com only resolves forward DNS
>lookups. All reverse lookups are handled by our ISP. If I attempt to perform
>a reverse lookup on the IP address of "mail.backweb.com", 22.214.171.124,
>the reply is handled properly:
>126.96.36.199.in-addr.arpa name = mail.backweb.com
>15.251.206.in-addr.arpa nameserver = name.roc.gblx.net
>15.251.206.in-addr.arpa nameserver = name.phx.gblx.net
>15.251.206.in-addr.arpa nameserver = name.iad.gblx.net
>name.roc.gblx.net internet address = 188.8.131.52
>name.phx.gblx.net internet address = 184.108.40.206
>name.iad.gblx.net internet address = 220.127.116.11
>If anyone could provide me with some clues as to why reverse lookups on
>"mail.backweb.com" and "backweb.com" are failing, I would most appreciative.
>Are we missing a switch somewhere in BIND that enables this option?
>The output I'm expecting when performing a PTR lookup on our backweb.com
>domain is something similar to what I see if I perform the same query on
>another domain, such as symantec.com:
> origin = ns1.symantec.com
> mail addr = domain.symantec.com
> serial = 2000031301
> refresh = 10800 (3 hours)
> retry = 3600 (1 hour)
> expire = 604800 (7 days)
> minimum ttl = 21600 (6 hours)
>Again, thank you for any help anyone may be able to offer.
>(drh at backweb.com)
More information about the bind-users