HELP: Reverse (PTR) lookup problems on domain name.

John Coutts administrator at yellowhead.com
Wed Mar 15 23:06:40 UTC 2000 

Newer mail servers do a reverse lookup on the sending IP address to confirm 
that the return address domain is a real domain. This is to combat spammers who 
use do not use a mail forwarder but send direct using a false return address. 

Reverse lookups are different from forward lookups. They are normally done one 
octet at a time to get to the "C" class network. A query on the first octet 
will tell the DNS who has the authority for that network. A query sent to that 
network will tell you who has the authority for the "B" class network, and a 
query sent to that network will tell you who has the authority for the "C" 
class network. When the DNS for the receiving mail server queries your sending 
IP address, whoever has the authority for that "C" class network will respond 
with whatever name they have assigned to that address. Sub "C" class network 
reverse lookups require special attention.

J.A. Coutts
Systems Engineer
Edsonet/TravPro
************** REPLY SEPARATER **************
In article <F148C821ACB6D111AB4000A0249BC4CD5D1A91 at mail.lanacom.com>, 
drh at backweb.com says...
>
>We have experiencing a reverse lookup problem that is preventing our mail
>server from delivering messages into particular domains which perform
>reverse lookups on the address of the incoming mail server.
>
>The problem (we suspect) stems from the fact that PTR queries on
>"backweb.com" in addition to our mailserver "mail.backweb.com" is failing as
>the following nslookup output demonstrates:
>
>---
>Default Server:  ns.backweb.com
>Address:  209.167.90.10
>
>> set qt=ptr
>> backweb.com
>Server:  ns.backweb.com
>Address:  209.167.90.10
>
>*** No domain name pointer (PTR) records available for backweb.com
>
>> mail.backweb.com
>Server:  ns.backweb.com
>Address:  209.167.90.10
>
>*** No domain name pointer (PTR) records available for mail.backweb.com
>---
>
>To clarify, our nameserver, ns.backweb.com only resolves forward DNS
>lookups. All reverse lookups are handled by our ISP. If I attempt to perform
>a reverse lookup on the IP address of "mail.backweb.com", 206.251.15.130,
>the reply is handled properly:
>
>---
>> 206.251.15.130
>Server:  ns.backweb.com
>Address:  209.167.90.10
>
>130.15.251.206.in-addr.arpa     name = mail.backweb.com
>15.251.206.in-addr.arpa nameserver = name.roc.gblx.net
>15.251.206.in-addr.arpa nameserver = name.phx.gblx.net
>15.251.206.in-addr.arpa nameserver = name.iad.gblx.net
>name.roc.gblx.net       internet address = 209.130.187.10
>name.phx.gblx.net       internet address = 206.165.6.10
>name.iad.gblx.net       internet address = 204.152.166.155
>--
>
>If anyone could provide me with some clues as to why reverse lookups on
>"mail.backweb.com" and "backweb.com" are failing, I would most appreciative.
>Are we missing a switch somewhere in BIND that enables this option?
>
>The output I'm expecting when performing a PTR lookup on our backweb.com
>domain is something similar to what I see if I perform the same query on
>another domain, such as symantec.com:
>
>> symantec.com
>Server:  ns.backweb.com
>Address:  209.167.90.10
>
>symantec.com
>        origin = ns1.symantec.com
>        mail addr = domain.symantec.com
>        serial = 2000031301
>        refresh = 10800 (3 hours)
>        retry   = 3600 (1 hour)
>        expire  = 604800 (7 days)
>        minimum ttl = 21600 (6 hours)
>
>Again, thank you for any help anyone may be able to offer.
>.drh
>
>--
>Dan Herold 
>(drh at backweb.com)
>
>
>
>

More information about the bind-users mailing list