Verizon problems - what else is new

Mark_Andrews at isc.org Mark_Andrews at isc.org
Tue Jan 13 22:19:04 UTC 2004


> Verizon has implemented something new.
> 
> My client tells me that Verizon tells them:
> 
> <snip>
> Now, I don't totally understand all this, but what they're saying is 
> that 
> when they try to authenticate the domain that is sending the email 
> (which 
> should be raq41.provincetowndesign.com) the PTR record's IP Address is 
> 65.58.240.193...and dnssys.com reports a different IP Address (or 
> something 
> like that).
> </snip>

% dig9 -x 65.58.240.193 +short
193.128-255.240.58.65.in-addr.arpa.
www.dnssys.com.
% dig9 +short www.dnssys.com
65.58.240.155
% 

	The reverse and forward records do not match.

	If you start with the IP address.  Lookup the PTR to get a
	name.  Look up the addresses of that name.  If the original
	address in not is the set of addresses returned in the final
	lookup there is a mis-match.

	Some sites refuse to accept mail from IP addresses where
	the above test fails in the mistaken belief that it stops
	spam.

	All it really indicates is a inconsistancy in the DNS.

> I've checked our forward/reverse DNS.
> 
> The email is coming from raq41.provincetowndesign.com.  Dig gives us 
> 65.58.240.200.
> 
> But doing dig on 200.240.58.65.in-addr.arpa and doing nslookup on 
> 65.58.240.200 gives us a cname and a ptr, and only the cname appears to 
> be for the exact IP#.

	Try "dig -x 65.58.240.200 ptr".  BIND 8 (and older) digs default
	to type "*" (any) with -x and "*" queries do not result in the
	CNAME being followed.  If you change the query type to "ptr" it
	will be followed.  Dig from BIND 9 defaults to "ptr".

	The CNAME you are seeing is that from a RFC 2317 style delegation.

% dig9 -x 65.58.240.200 +short
200.128-255.240.58.65.in-addr.arpa.
raq41.provincetowndesign.com.
% dig9 +short raq41.provincetowndesign.com
65.58.240.200
% 

> I'm guessing my upstream (who does reverse dns for me) is doing 
> something wrong, but I can't tell what.
> 
> If you have a moment, please do some lookups and let me know what you 
> think.
> 
> Thanks.
> 
> Jeff
> -- 
> Jeff Lasman, nobaloney.net, P. O. Box 52672, Riverside, CA  92517 US
> Professional Internet Services & Support / Consulting / Colocation
> Our blists address used on lists is for list email only
> Phone +1 909 324-9706, or see: "http://www.nobaloney.net/contactus.html"
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org


More information about the bind-users mailing list