Where does rdns entry originate?

I'm having a go-round with my isp. I have a send only postfix server on my 'node, and have it set to reject connections with no reverse hostname. At home, I'm on Road Runner cable (and have been for 10 years), and this last week I started being blocked from sending email because my home ip address has no reverse dns entry. I've tried on several dns servers from my local machine and from my node.and get the same servfail response:

linpear:~# nslookup 184.90.253.228
;; Got SERVFAIL reply from 75.127.97.7, trying next server
;; Got SERVFAIL reply from 75.127.97.7, trying next server
Server:         75.127.97.6
Address:        75.127.97.6#53

So- my question- where does the rdns entry come from? )Again- this isn't a Linode problem).

5 Replies

It tells you that 184.90.. is handled by the five nameservers listed at the end there, and DNS6.RR.COM knows nothing about your particular IP.

DHCP doesn't directly impact this, although if you got a new IP address recently, it's possible the new one just doesn't have reverse DNS configured.

Good luck!

This is very handy for troubleshooting this sort of thing:

dig -x 184.90.253.228 +trace

Looks specific to your IP; my reverse DNS on the same set of nameservers (dns*.rr.com) is fine. -rt

@bryantrv:

I'm having a go-round with my isp. I have a send only postfix server on my 'node, and have it set to reject connections with no reverse hostname. At home, I'm on Road Runner cable (and have been for 10 years), and this last week I started being blocked from sending email because my home ip address has no reverse dns entry. I've tried on several dns servers from my local machine and from my node.and get the same servfail response:

linpear:~# nslookup 184.90.253.228
;; Got SERVFAIL reply from 75.127.97.7, trying next server
;; Got SERVFAIL reply from 75.127.97.7, trying next server
Server:         75.127.97.6
Address:        75.127.97.6#53

So- my question- where does the rdns entry come from? )Again- this isn't a Linode problem).

The owner of that subnet (roadrunner) is responsible for it.

A simple way around it would be an ssh tunnel

Thanks- hoopycat, I'm not sure what this is telling me-

[email protected]:~$ dig -x 184.90.253.228 +trace

; <<>> DiG 9.7.3 <<>> -x 184.90.253.228 +trace
;; global options: +cmd
.                       257777  IN      NS      b.root-servers.net.
.                       257777  IN      NS      d.root-servers.net.
.                       257777  IN      NS      j.root-servers.net.
.                       257777  IN      NS      a.root-servers.net.
.                       257777  IN      NS      f.root-servers.net.
.                       257777  IN      NS      h.root-servers.net.
.                       257777  IN      NS      m.root-servers.net.
.                       257777  IN      NS      e.root-servers.net.
.                       257777  IN      NS      g.root-servers.net.
.                       257777  IN      NS      l.root-servers.net.
.                       257777  IN      NS      k.root-servers.net.
.                       257777  IN      NS      i.root-servers.net.
.                       257777  IN      NS      c.root-servers.net.
;; Received 228 bytes from 65.32.5.111#53(65.32.5.111) in 12 ms

in-addr.arpa.           172800  IN      NS      d.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      f.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      e.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      c.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      a.in-addr-servers.arpa.
in-addr.arpa.           172800  IN      NS      b.in-addr-servers.arpa.
;; Received 421 bytes from 192.5.5.241#53(f.root-servers.net) in 68 ms

184.in-addr.arpa.       86400   IN      NS      w.arin.net.
184.in-addr.arpa.       86400   IN      NS      y.arin.net.
184.in-addr.arpa.       86400   IN      NS      r.arin.net.
184.in-addr.arpa.       86400   IN      NS      t.arin.net.
184.in-addr.arpa.       86400   IN      NS      z.arin.net.
184.in-addr.arpa.       86400   IN      NS      x.arin.net.
184.in-addr.arpa.       86400   IN      NS      u.arin.net.
184.in-addr.arpa.       86400   IN      NS      v.arin.net.
;; Received 181 bytes from 199.212.0.73#53(a.in-addr-servers.arpa) in 55 ms

90.184.in-addr.arpa.    86400   IN      NS      DNS3.RR.COM.
90.184.in-addr.arpa.    86400   IN      NS      DNS5.RR.COM.
90.184.in-addr.arpa.    86400   IN      NS      DNS2.RR.COM.
90.184.in-addr.arpa.    86400   IN      NS      DNS1.RR.COM.
90.184.in-addr.arpa.    86400   IN      NS      DNS6.RR.COM.
;; Received 146 bytes from 199.212.0.63#53(z.arin.net) in 56 ms

;; Received 45 bytes from 76.85.249.142#53(DNS6.RR.COM) in 61 ms

[email protected]:~$ 

I just wasn't sure about the interaction of their dhcp server (I'm on a dynamic ip at home) and which name server was providing the rdns entry.

The postfix check for missing reverse hostname is useful only because it is somewhat common for ISP's to supply IP addresses with no rDNS entry. That check really only makes sense for incoming mail. Assuming you are using SASL, you should probably have a permitsaslauthenticated entry above any DNS checks.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct