Prev Previous Post   Next Post Next
  #1  
Old 19th September 2007, 00:07
Ashaman074 Ashaman074 is offline
Junior Member
 
Join Date: May 2007
Posts: 27
Thanks: 0
Thanked 1 Time in 1 Post
Default DNS, rDNS, & PTR problems

Hi, I have been tinkering with the DNS settings on my server for the last few days trying to get things right, but I seem to have come to a standstill so I thought I would ask for some help...

Original problem - I cannot send Email to AOL. AOL has a diagnostic tool posted at http://postmaster.aol.com/tools/rdns.html for testing. When I run the test, I get:

Code:
DNS Server Response:
No PTR but got: 
75.255.167.12.in-addr.arpa. 171613 IN CNAME 75.72/29.255.167.12.in-addr.arpa.


Failure! Unfortunately we were unable to resolve Reverse DNS for the IP address you entered. Contact your ISP or e-mail administrator to modify these settings. Also please note the following points: 
AOL does require that all connecting Mail Transfer Agents have established reverse DNS, regardless of whether it matches the domain.

Reverse DNS must be in the form of a fully-qualified domain name. Reverse DNSes containing in-addr.arpa are not acceptable, as these are merely placeholders for a valid PTR record. Reverse DNSes consisting only of IP addresses are also not acceptable, as they do not correctly establish the relationship between domain and IP address.
OK, so for some reason it seems that my mail server is not being associated with the address.

I did a dig -x 12.167.255.xx and got:

Code:
; <<>> DiG 9.3.2 <<>> -x 12.167.255.xx
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32401
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;xx.255.167.12.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
xx.255.167.12.in-addr.arpa. 42424 IN	CNAME	xx.xx/xx.255.167.12.in-addr.arpa.

;; Query time: 21 msec
;; SERVER: 4.2.2.1#53(4.2.2.1)
;; WHEN: Tue Sep 18 15:56:07 2007
;; MSG SIZE  rcvd: 67
Which doesn't seem right to me, shouldn't I see a mail.domain.com type entry there? If so, where is this defined? I have been poking around in bind files and things look right to me - any pointers?

Secondly, and I don't know if this is a problem or not - but when I run a test at DNSstuff.com, I have the following warnings:

Code:
Fail - Missing (stealth) nameservers:

FAIL: You have one or more missing (stealth) nameservers. The following nameserver(s) are listed (at your nameservers) as nameservers for your domain, but are not listed at the parent nameservers (therefore, they may or may not get used, depending on whether your DNS servers return them in the authority section for other requests, per RFC2181 5.4.1). You need to make sure that these stealth nameservers are working; if they are not responding, you may have serious problems! The DNSreport will not query these servers, so you need to be very careful that they are working properly.

ns1.domain.net.
ns2.domain.net.
This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example). 

---
Fail - Missing nameservers 2:

ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are:
ns1.domain.com.
ns2.domain.com.

----

Fail - Stealth NS record leakage:

Your DNS servers leak stealth information in non-NS requests:

Stealth nameservers are leaked [ns2.domain.net.]!
Stealth nameservers are leaked [ns1.domain.net.]!

This can cause some serious problems (especially if there is a TTL discrepancy). If you must have stealth NS records (NS records listed at the authoritative DNS servers, but not the parent DNS servers), you should make sure that your DNS server does not leak the stealth NS records in response to other queries.
I am not sure what is causing the above errors either, or why it is .net in the first error but .com in the second. I do have both a domain.net and domain.com, but only ns1.domain.net exists, is there supposed to be one for each hosted domain?

I don't know if these are related to the first error or not, but since they were flagged on dnsstuff it seemed like it was worth checking out also!

Thanks!
Reply With Quote
Sponsored Links
 

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
DNS Configuration Problems VMartins Installation/Configuration 10 24th July 2007 15:40
Unable send receive emails vassilis3 Installation/Configuration 15 19th May 2007 15:34
No SPF record. beryl Installation/Configuration 6 17th May 2007 20:52
dns problems rayit General 2 24th August 2006 19:04
DNS, rDNS, NAT and vhosts, oh my! Hyakugei Installation/Configuration 2 19th May 2006 17:23


All times are GMT +2. The time now is 15:49.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.