Reverse DNS: Is it necessary?
maximo at violadores.org
Sun Mar 18 20:41:35 UTC 2001
My ISP here in South Korea doesn't provide DNS reverse lookup. I tried
to contact the people in charge, but no luck.
here some info:
according to dig the person in charge is: dnsmaster at bora.net
I emailed that guy twice but no answer :(
fwhois 126.96.36.199 at whois.apnic.net shows another info :(
it shows hostmaster at apnic.net and hostmaster at nic.or.kr
fwhois 188.8.131.52 at whois.nic.or.kr even shows different info, but
I am not korean, and my system is not able to read korean.
The e-mail is cuestiong is ipadm at nic.bora.net
I would like to send to each of those guys an "official document" that
states how important is to have reverse dns lookup in hosts/clients.
is there any RFC for that? any links?
PD. I haven't contact my ISP directly, I doubt they speak a word of
On Sun, Mar 18, 2001 at 09:54:48AM -0500, Chip Old wrote:
> On Sat, 17 Mar 2001, Studio 51 wrote:
> > I asked my web host to fix the lack of reverse DNS for the domains
> > they host for me, they told me that thier nameservers don't support
> > reverse DNS. Is this considered a misconfiguration? It's a dedicated
> > host that will be running a spider program, so I would think that many
> > hosts would try to perform a reverse DNS lookup on the spider, which
> > will fail because of this. Are there any other areas this is likely to
> > affect?
> > I thought reverse DNS was a standard part of properly setting up a
> > nameserver, am I wrong?
> A "PTR" record corresponding to each "A" record is what makes reverse DNS
> lookups possible. You're right, it is a standard part of properly setting
> up a nameserver. However many DNS admins omit PTR records, either out of
> ignorance, or out of laziness, or out of the belief that it increases
> security. Whether the latter is true is hotly debated, but in any case it
> causes more problems than it solves.
> As for your Web host's statement that their nameservers don't support
> reverse DNS, are you sure that's exactly what they said? If so, they must
> have meant "We don't (for whatever reason - see above) use PTR records",
> because I'm not aware of any name server software that doesn't understasnd
> PTR records.
> Another possiblility is related to the way your hosting ISP does virtual
> hosting on his Web server. There is "IP based", in which every hosted Web
> site has a unique IP address even if on a shared Web server. This is very
> wastful of IP addresses, so these days most hosting services use "name
> based" hosting. In this scenario a virtual interface is configured on the
> shared Web server, and the IP address of that interface is shared by all
> sites hosted on the server. The Web server software knows which site's
> pages to serve up by the "Host" header in the http request.
> If the virtual hosting setup for your sites is name-based, then maybe what
> your ISP means is that your sites don't have unique IP addresses. That
> may be true, but hopefully there is a PTR record for the IP address shared
> by all name-based virtual hosts on that Web server.
> Anyway, without knowing the specifics of how your sites are hosted a lot
> of this is guesswork. If you had mentioned your domain names, a few
> seconds work with nslookup would have told us a lot.
> Chip Old (Francis E. Old) E-Mail: fold at bcpl.net
> Manager, BCPL Network Services Voice: 410-887-6180
> Manager, BCPL.NET Internet Services FAX: 410-887-2091
> 320 York Road
> Towson, Maryland 21204 U.S.A.
More information about the bind-users