dnsbl.net.au

dnsbl.net.au	Helping you block invalid E-mail

Frequently Asked Questions

Q Why am I required to have a reverse DNS on my mail server?

A There are many reasons, outlined in brief below. Consult your local internet professional for more help.

Mail Server/DNS Requirement for ISPs

Reynolds Technology, and many other ISP's have mail systems which utilize DNS lookups to validate mail from incoming email servers.

This AntiSpam and AntiVirus technique requires email administrators and ISPs to properly configure server names and IP addresses.

If your email server is misconfigured in either the host name or IP address in DNS, mail will be rejected.

Next steps:

Contact your local technical support people, or your ISP to ask them what this all means.

Review system email logs, to determine rejected email log information.

Work with your email administrator to insure that your email server host name is properly registered in DNS. (eg: mail.xyz.com)

Work with your ISP to insure that the email server IP address is properly listed in both DNS and reverse DNS.

Use "nslookup" to validate the settings of your server and IP addresses.

Check both name-to-IP and IP-to-name settings.

Consult with widely available reference texts on how to properly configure your email server and DNS setting.

Validate your changes - If the mail is now accepted servers, your DNS settings are properly configured.

Please note: Reynolds Technology does not provide support for external email administrators or ISPs in the proper configuration of their systems.

Reverse DNS entries for MX records

RFC1912 section 2.1 says you should have a reverse DNS for all your mail servers. It is strongly urged that you have them, as many mailservers will not accept mail from mailservers with no reverse DNS entry.

   Every Internet-reachable host should have a name.  The consequences
   of this are becoming more and more obvious.  Many services available
   on the Internet will not talk to you if you aren't correctly
   registered in the DNS.

   Make sure your PTR and A records match.  For every IP address, there
   should be a matching PTR record in the in-addr.arpa domain.  If a
   host is multi-homed, (more than one IP address) make sure that all IP
   addresses have a corresponding PTR record (not just the first one).
   Failure to have matching PTR and A records can cause loss of Internet
   services similar to not being registered in the DNS at all.  Also,
   PTR records must point back to a valid A record, not a alias defined
   by a CNAME.  It is highly recommended that you use some software
   which automates this checking, or generate your DNS data from a
   database which automatically creates consistent data.

What are reverse (PTR) records? Why do I need them?

Fight Spam With the DNS, Not the CIA Jul 08, 2003 By John Fitzgibbon

Lyris Mail Shield, Reject no hostname

Reject messages sent from machines with no Internet hostname

When a host attempts to send mail into a MailServer, said MailServer can check the TCP/IP address of the connecting host, to see if that TCP/IP address has a host name on the Internet.

This is commonly known as a "reverse DNS lookup"

Internet mail standards require that mail servers have a reverse DNS host entry. It is a common practice to refuse email from connecting mail servers who do not meet this requirement.

However, some mail servers have improperly configured DNS, and have not set up their DNS servers for "reverse DNS lookups", and so will be rejected.

Sites that send junk mail often do not set up reverse DNS lookups, as the hostname this gives and provides investigators with information about the sender of the junk mail. We recommend that this feature be enabled.

dnsbl.net.au abuse [at] dnsbl [dot] net [dot] au