• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Reverse DNS Problem

R

reicherb

Platinum Member
I'm hosting serveral domains from the same IP address. Because of this reverse DNS doesn't resolve back to the same domain as e-mails being sent and a few providers such as Comcast are blocking messages as spam. Is there anything short of binding multiple public addresses to the server that can be done to resolve this?

Thanks.
 
The domain in question is jcbrooks.net
The mail server is server1.skateblade.net

Using dnsstuff.com I get the following result when running a reverse dns report.

Location: United States [City: Owosso, Michigan]

Preparation:
The reverse DNS entry for an IP is found by reversing the IP, adding it to "in-addr.arpa", and looking up the PTR record.
So, the reverse DNS entry for 69.41.7.240 is found by looking up the PTR record for
240.7.41.69.in-addr.arpa.
All DNS requests start by asking the root servers, and they let us know what to do next.
See How Reverse DNS Lookups Work for more information.

How I am searching:
Asking f.root-servers.net for 240.7.41.69.in-addr.arpa PTR record:
f.root-servers.net says to go to epazote.arin.net. (zone: 69.in-addr.arpa.)
Asking epazote.arin.net. for 240.7.41.69.in-addr.arpa PTR record:
epazote.arin.net [192.41.162.32] says to go to ns1.michonline.net. (zone: 7.41.69.in-addr.arpa.)
Asking ns1.michonline.net. for 240.7.41.69.in-addr.arpa PTR record: Reports server1.skateblade.net. [from 69.41.0.4]

Answer:
69.41.7.240 PTR record: server1.skateblade.net. [TTL 604800s] [A=69.41.7.240]

To see the reverse DNS traversal, to make sure that all DNS servers are reporting the correct results, you can Click Here.


Does that look right? If not can you help me understand what I need to ask my ISP to do? FWIW: I use zonedit to manage the DNS for this domain so maybe it's something I can do.

Thanks for the help.
 
Are you sure that's the problem? I've never seen where an ISP would reject email just because your RDNS name doesn't match some of email domains you host. You typically only need one "valid" RDNS listing, even if you host multiple email domains.
Click to expand...
He does not have the one valid one, and I have had bounced mail due to nonexistent in-addr-arpa info. I asked the ISP (sttl.qwest.net in my example) to add the proper record, and now I get a domain from the IP. The mail quit bouncing off the server that wanted it too.
EDIT!
I did get results with a second search, OP. Your mail should not get bounced, but the server may reject mail if it does not match the sending server because of the prevalence of spam coming from hijacked servers.
 
I usually use the related http://dnsreport.com for a quick check of this stuff.

Although unlikely to help, it's easy to fix the few things that aren't quite right:
a) Add an abuse@xxxx.xxx email address for each of your domains.
b) Add an SPF record for each of your domains
Microsoft's Sender ID Framework SPF Record Wizard.
This simple statement, in a TXT record in your public DNS records, will work:
"v=spf1 a mx ptr -all"

Frankly, I don't see why your email would be rejected by Comcast. My earlier link gave an email address to write to so you can get "de-blacklisted" by them.
 
Comcast is among those those handfull of large ISPs that enforce full reverse DNS filtering.

While in an ideal world all MX records are resolved to their proper hosts to cut down SPAM and illegal mail relaying, the reality is that too many legitimate mail senders don't have this set up correctly, as illustrated by this thread. Case in point, the last time I flipped on full reverse DNS filtering on my corporate SPAM gateway, it look less that 24-hours for VP's in suits to miss enough critical mail to threaten my job if I ever did it again.

Blacklisting is another issue entirely. For an ISP to black list a mail sender for failing Reverse DNS resolution is absurd.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top