March 20th, 2003, 08:59 AM
DNS Reverse lookup ... for email
I am trying to active Reverse Lookup security on my email server. However when my email server makes a Reverse Lookup query to my DNS server it fails. Basically the DNS server will only successfully respond to reverse lookup queries if the entry can be resolved locally on the box. How do you configure a DNS server to resolve queries of reverse lookups that are not local to the DNS server.
Obviously, its a common configuration because many people implement reverse lookup on their email server.
Any help would be appreciated.
March 20th, 2003, 10:22 PM
>> because many people implement reverse lookup on their email server
Not that many, really, perhaps just 20% of SMTP servers out there have a matching reverse DNS. Many big ISPs even have a broken reverse DNS on their MX records because most sysadmins are clueless in DNS.
>> However when my email server makes a Reverse Lookup query to my DNS server it fails
I don't quite understand you. Are you trying to say that the reverse DNS of your IP returns null?
>> I am trying to active Reverse Lookup security on my email server.
Just because your ISP assigned you a static IP doesn't mean you can be authoritative for such IP. In order to do that your ISP has do delegate the authority to you (I bet even you pay them $1000 they still won't do it because they are not allowed to).
Even you lease a class C block from your ISP there is still no guarantee that they can delegate that to you mainly because of their upstream policy.
If you really need reverse DNS for your IP go switch provider, I recommend SpeakEasy.net
March 21st, 2003, 08:18 AM
I guess I wasn't too clear in my first message.
The issue is that my DNS server does not return values for reverse lookup querries that are not local to my DNS server.
For example .. I can do a reverse lookup for my own domain and get a successfull response but if I do a reverse lookup for lets say yahoo.com is won't return the successful response. Now I can then go to some Internet DNS servers and do a reverse lookup for yahoo.com and it works.
Basically, I need to have my DNS server look elsewhere for reverse lookups if it is not local. It works for forward lookups .. what do I need to configure for it to work on reverse lookups.
March 22nd, 2003, 01:49 AM
>> I can do a reverse lookup for my own domain and get a successfull response
How to do it exactly? Any tools? Commands or what?
>> if I do a reverse lookup for lets say yahoo.com is won't return the successful response
Show us step-by-step how to do a reverse lookup
>> I need to have my DNS server
Define DNS server.
In addition, are you connected to the Internet thru a proxy or so?
What's in your /etc/hosts and /etc/resolv.conf file.