rDNS and Delegation to me

Discussion in 'Server Operation' started by mmidgett, Jul 19, 2012.

  1. mmidgett

    mmidgett Member

    Our colocation center just delegated the rDNS to our name servers. We are running Ubuntu 10.04LTS and Bind. I am not sure exactly what to do as they told us to name the rDNS file domain.tld.8.0.192.in-addr.arpa

    Where would this file go and should I not use the ispconfig control panel to a the dns pointers? Also how would I make sure that the info got passed to my secondary name server

    I see zone records in /etc/bind/ and they start with pri.domain.tld

    I found this and it kinda gives me some light but I do not want to break my working dns

    http://etwiki.cpanel.net/twiki/bin/view/11_25/WHMDocs/RdnsForBind
     
  2. falko

    falko Super Moderator ISPConfig Developer

    Do you have the ISPConfig 3 Manual? This is described in chapter 4.8.2.1.
     
  3. mmidgett

    mmidgett Member

    I do have the original on the computer at home. I knew this morning that I should have left the lid open on the laptop so I could logmein to it. Thank I will read this and see if I can figure it out.
     
  4. mmidgett

    mmidgett Member

    I got the zone setup as described in the manual and I also have the ptrs setup as

    130 <----last octate
    domain.tld. <----canonical name

    But I am getting denied errors on the PTRs can you tell me what I need to edit in bind to allow this to happen?
     
  5. falko

    falko Super Moderator ISPConfig Developer

    What's the exact error message? Can you post the zone file?

    Are there any named errors in your syslog?
     
  6. mmidgett

    mmidgett Member

    I found that my default configuration of bind did not allow recursive lookups. I had to add a option to allow that in my named.config.options.

    Another propblem has come up. All mail is be sent from my last IP address. I have 10 IP's configured and it wants to send from the last. If I used the smpd_bind_address it breaks my amavis configuration. So I tried to use the inet_addresses and that binds the listening service only to one IP. What I need help is the sending from my mail server to the outside world.

    The major problem is now my spf records are not working http://www.openspf.org/Why?s=mfrom;id=[email protected];ip=216.249.106.147;r=mail.trickhosting.biz
     
    Last edited: Jul 21, 2012
  7. mmidgett

    mmidgett Member

    I had this mail server working for 3 months now and that now I have setup the rDNS everything is not working. The RDNS is working and showing the pointer of 135.static.w3fc.com from address XXX.XXX.XXX.135

    I'm thinking that I can use smtp_bind if I add this acl to the amavis conf

    @inet_acl = qw( 127.0.0.1 xxx.xxx.xxx.xxx );

    That way amavis will listen on my external IP
     
  8. mmidgett

    mmidgett Member

    The above post seemed to have done it. Now postfix listens on all interfaces and only send out on one IP. Amavis is listening on the default port and now on my external address as will as the internal.

    Here is the named.conf.options that I had to modify to allow recursive lookups. I know that I have allowed my server to be an OPEN name server, This is just temporary until I can get a detailed ACL setup for it. What is in bold is what I added.


    options {
    directory "/var/cache/bind";

    // If there is a firewall between you and nameservers you want
    // to talk to, you may need to fix the firewall to allow multiple
    // ports to talk. See http://www.kb.cert.org/vuls/id/800113

    // If your ISP provided one or more IP addresses for stable
    // nameservers, you probably want to use them as forwarders.
    // Uncomment the following block, and insert the addresses replacing
    // the all-0's placeholder.

    // forwarders {
    // 0.0.0.0;
    // };

    allow-query { any; };
    allow-recursion { any; };
    allow-query-cache { any; };



    auth-nxdomain no; # conform to RFC1035
    listen-on-v6 { any; };
     

Share This Page