Jump to content

[Solved] Reverse Dns For Stevie.heliohost.org


Recommended Posts

Posted

Mail from stevie goes from [65.19.143.2] with "helo=stevie.heliohost.org". The hostname stevie.heliohost.org resolves to 65.19.143.2 - that's good. But 65.19.143.2 has broken reverse DNS - that's bad, causes mail from stevie to be rejected by some recipient mailservers. I ran `dig +trace -x 65.19.143.2`, it showed that requests for reverse DNS for 65.19.143.2 are redirected (CNAME) to 2.subnet0.143.19.65.in-addr.arpa for which the nameservers are ns1.heliohost.org and ns2.heliohost.org. But currently ns1.heliohost.org and ns2.heliohost.org refuse requests for "2.subnet0.143.19.65.in-addr.arpa.". Please configure nameservers ns1.heliohost.org and ns2.heliohost.org to handle the zone subnet0.143.19.65.in-addr.arpa and to reply "stevie.heliohost.org" to TXT requests for 2.subnet0.143.19.65.in-addr.arpa.

Posted

I found additional details and edited my post above (ns1,ns2.heliohost.org configs need to be changed).

Posted

Thanks for pointing this out. I've noticed that some of the system owned domains have a tendency to disappear from DNS. I suspect it has something to do with some faulty cleanup script that deletes unowned domains or something like that. I have recreated the proper reverse DNS entries for Stevie. Just for future record it's actually a PTR type not TXT though. Let us know if you're still having issues sending or receiving mail.

Posted

Thanks. Please add a dot at the end of "stevie.heliohost.org" in the PTR. Currently (without the dot) 65.19.143.2 resolves to

stevie.heliohost.org.subnet0.143.19.65.in-addr.arpa.

Posted

Now 65.19.143.2 resovles to stevie.heliohost.org.subnet0.143.19.65.in-addr.arpa.

instead of stevie.heliohost.org. (because of lack of the dot after "org" in the zone file).

Posted

Can you post a link to the reverse dns test that is showing an error? Everything I can find says that it's working fine now.

Posted
Can you post a link to the reverse dns test that is showing an error? Everything I can find says that it's working fine now.
I use `host` and `dig` commands under FreeBSD:

 

~ $ host 65.19.143.2

2.143.19.65.in-addr.arpa is an alias for 2.subnet0.143.19.65.in-addr.arpa.

2.subnet0.143.19.65.in-addr.arpa domain name pointer stevie.heliohost.org.subnet0.143.19.65.in-addr.arpa.

~ $ dig -x 65.19.143.2

...

;; QUESTION SECTION:

;2.143.19.65.in-addr.arpa. IN PTR

 

;; ANSWER SECTION:

2.143.19.65.in-addr.arpa. 86174 IN CNAME 2.subnet0.143.19.65.in-addr.arpa.

2.subnet0.143.19.65.in-addr.arpa. 14174 IN PTR stevie.heliohost.org.subnet0.143.19.65.in-addr.arpa.

...

 

An example of web-tool:

http://dnsstuff.host...DNS=65.19.143.2

Posted

... causes mail from stevie to be rejected by some recipient mailservers.

Which mailservers aren't accepting mail from stevie then?

Posted
... causes mail from stevie to be rejected by some recipient mailservers.
Which mailservers aren't accepting mail from stevie then?

For example, @ukr.net, @ngs.ru, @meta.ua .

 

My mailserver accepts mail from stevie only because I wrote the clause in its config to accept if connection is encrypted (TLS). It's fairly uncommon logic. Usually one of spam checks is for FCRDNS: IP-address must resolve to a hostname, and the hostname must resove to the same IP-address. "stevie.heliohost.org.subnet0.143.19.65.in-addr.arpa." doesn't resolve. Usual logic is to reject on lack of DCRDNS. My server greylists mail from such suspicious hosts, but that's also fairly uncommon.

 

All what is needed is to add a dot after the "org" in the zone file.

Posted

So this is what we have now, and what every single reverse dns test says is working, and even mail servers that used to not accept mail from Stevie because he didn't have reverse dns configured and now accept mail from him:

2 14400 IN  PTR stevie.heliohost.org.subnet0.143.19.65.in-addr.arpa.

and you're saying you think it should be

2 14400 IN  PTR stevie.heliohost.org..subnet0.143.19.65.in-addr.arpa.

I don't understand why there would be a double period there? ..

Posted

This test says failed:

http://dnsstuff.host...e.heliohost.org

(the last test in the MX section).

 

The line in the zone file should be:

 

2 14400 IN PTR stevie.heliohost.org.

 

(with the dot after "org", but nothing after it).

Posted

http://dnsstuff.hostpro.ua/index.php?fDNSreport=stevie.heliohost.org

PASS
Reverse DNS entries for MX records
OK. The IPs of all of your mail server(s) have correct reverse DNS (PTR) entries. The reverse DNS entries are:

2.143.19.65.in-addr.arpa.	stevie.heliohost.org.	[TTL=86400]

 

Thanks for pointing that out. Now that I think about it more, I actually did type

2 14400 IN  PTR stevie.heliohost.org.

originally and WHM or cPanel or something appended the rest of that junk on there. I'm unsure why that happened, but I didn't notice it and the three or four reverse DNS tests I ran all said it was good now. Also, gmx.com/gmx.de used to not accept mail from Stevie, but started accepting mail with the previous PTR record. Since everything I tried was working I didn't really look very closely at the fact that WHM/cPanel was displaying something different from what I had originally typed.

 

Anyways, sorry for being a little thick and taking so long to understand. Let us know if you're still having problems.

  • Like 1
Guest
This topic is now closed to further replies.
×
×
  • Create New...