| View previous topic :: View next topic |
| Author |
Message |
drkstorm
Tux's lil' helper
Joined: 22 Apr 2004
Posts: 118
|
 Posted: Fri Mar 11, 2005 6:57 am Post subject: Reverse DNS failure? |
 |
|
I have postfix all setup, just like the gentoo guide, and it works perfectly for sending mail to everything except AOL
I get the following message in my postfix logs: http://postmaster.info.aol.com/errors/421dnsnr.html
That page says: "Unfortunately we were unable to resolve Reverse DNS for the IP address you entered"
I thought I had bind setup correctly since my website works and e-mail works, is there something additional to setup reverse lookups? |
|
| Back to top |
|
 |
commonloon
Tux's lil' helper
Joined: 13 Apr 2004
Posts: 133
Location: Marin, CA
|
| Posted: Fri Mar 11, 2005 7:21 am Post subject: |
|
|
Do you have a reverse zone setup in bind? Are you behind a firewall?
Its been a while since I did it (I'm using djbdns now), but a quick google reveals:
http://www.unixpages.com/disp/18.html
_________________
Calling fly fishing a hobbie is like calling brain surgery a job. |
|
| Back to top |
|
|
drkstorm
Tux's lil' helper
Joined: 22 Apr 2004
Posts: 118
|
| Posted: Fri Mar 11, 2005 7:37 am Post subject: |
|
|
i am behind a firewall, but i have port 53 open, "query-source address * port 53;" un-commented in the named.conf, also, I have a reverse lookup file:
| Code: |
less /etc/bind/pri/209.120.197
$TTL 3D
@ IN SOA ns.domain1.net. root.domain1.net. (
200407010 ; Serial
8H ; Refresh
2H ; Retry
4W ; Expire
1D ) ; Minimum
IN NS ns.domain1.net.
1 IN PTR ns.domain1.net.
2 IN PTR ns.domain2.com.
3 IN PTR domain1.net.
4 IN PTR domain12.com.
|
|
|
| Back to top |
|
|
commonloon
Tux's lil' helper
Joined: 13 Apr 2004
Posts: 133
Location: Marin, CA
|
| Posted: Fri Mar 11, 2005 7:52 am Post subject: |
|
|
I tried the AOL link on my own mail server...
| Code: |
Success! It appears you have Reverse DNS. Please note the following points:
* If the senders domain is the only domain sending mail from a specific IP address, we recommend that the reverse DNS entry (PTR Record) match the domain name (A Record), but we do not require it.
* AOL does require that all connecting Mail Transfer Agents have established reverse DNS, regardless of whether it matches the domain.
* Reverse DNS must be in the form of a fully-qualified domain name reverse DNSes containing in-addr.arpa are not acceptable, as these are merely placeholders for a valid PTR record. Reverse DNSes consisting only of IP addresses are also not acceptable, as they do not correctly establish the relationship between domain and IP address.
|
Interesting... Did you try this on your ip? You might also try verifying that 53 udp (perhaps tcp as well) is open from the outside using for example nmap and dig, etc.
_________________
Calling fly fishing a hobbie is like calling brain surgery a job. |
|
| Back to top |
|
|
drkstorm
Tux's lil' helper
Joined: 22 Apr 2004
Posts: 118
|
| Posted: Sat Mar 12, 2005 9:32 pm Post subject: |
|
|
| can you post your config... i cant for the life of me figure out why everything except AOL's reverse DNS works... any ideas? |
|
| Back to top |
|
|
commonloon
Tux's lil' helper
Joined: 13 Apr 2004
Posts: 133
Location: Marin, CA
|
| Posted: Wed Mar 16, 2005 4:00 am Post subject: |
|
|
I'm using djbdns so the config is much different that a bind config. Have you tried from an outside box, i.e., with an outside dns server:
| Code: |
export SERVER=mail.yourdomain.com
dig -x `dig $SERVER +short` +short
|
Where mail.yourdomain.com is whatever the MX record for your mail server is. FYI, dig is part of bind-tools I believe.
_________________
Calling fly fishing a hobbie is like calling brain surgery a job. |
|
| Back to top |
|
|
|
Networking & Security
