Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: reverse DNS issue?

Hybrid View

  1. #1
    Join Date
    Feb 2008
    Location
    San Francisco
    Posts
    360
    Rep Power
    7

    Default reverse DNS issue? -> 25 Connection Timed Out? = emails stuck in queue

    For a couple of domains we send email to, we are unable to send and receive.
    The email errors say "connection timed out"
    And when I telnet it too says "connection timed out"
    I've spoken with the netadmins at these domains and they have told me I'm missing my reverse DNS for our mail server.

    How would I do this?

    CentOS 5.3 Bind

    ; <<>> DiG 9.3.4-P1 <<>> mail.domain.com any
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36617
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;mail.domain.com. IN ANY

    ;; ANSWER SECTION:
    mail.domain.com. 120 IN SOA ns1.domain.com. netadmin.netadmin.com. 1255040795 120 120 604800 38400
    mail.domain.com. 120 IN NS 192.168.1.248.mail.domain.com.
    mail.domain.com. 120 IN A 192.168.1.248
    mail.domain.com. 120 IN MX 10 mail.domain.com.

    ;; Query time: 0 msec
    ;; SERVER: 192.168.1.248#53(192.168.1.248)
    ;; WHEN: Thu Apr 29 11:37:34 2010
    ;; MSG SIZE rcvd: 157

    Thanks!
    Last edited by NoDoze; 05-06-2010 at 10:45 AM.

  2. #2
    Join Date
    Mar 2006
    Location
    Massachusetts
    Posts
    965
    Rep Power
    10

    Default

    Are you controlling the DNS records for your External (Internet facing) IP addresses? Often people let their ISP or some other 3rd party handle this. If it is through ISP/3rd party you need to have them setup the reverse DNS for you.

  3. #3
    Join Date
    Feb 2008
    Location
    San Francisco
    Posts
    360
    Rep Power
    7

    Default

    Hmmm...

    We have our own 'in-house' dns server.
    I setup a reverse dns on both the primary dns server for domain.com, and on our zimbra dns server mail.domain.com.... yes we have a split dns setup... but I'm clear how to test it...? The lookup dns info still reflects the same info... Am I missing something else...???

  4. #4
    Join Date
    Aug 2007
    Posts
    42
    Rep Power
    8

    Default

    KLOTH.NET - DIG - DNS lookup - find IP address

    Domain = zimbra server public ip
    Server = your zimbra dns server
    Query = you must select PTR (reverse DNS query)

    If you have an answer and the ip point to the MX Zimbra server name all right otherwise you must control your bind reverse DB and/or call your ISP and ask for reverse DNS delegation

  5. #5
    Join Date
    Feb 2008
    Location
    San Francisco
    Posts
    360
    Rep Power
    7

    Default

    ok, they show the ISP's domain info....
    I emailed the support at our ISP to see what they can do.

    How would this affect email?

    only two domains we can not send or receive email from.
    All the other emails works fine.

    Thanks.

  6. #6
    Join Date
    Mar 2006
    Location
    Massachusetts
    Posts
    965
    Rep Power
    10

    Default

    ok, they show the ISP's domain info....
    I emailed the support at our ISP to see what they can do.

    How would this affect email?

    only two domains we can not send or receive email from.
    All the other emails works fine.

    Thanks.
    Some email servers are configured to check reverse DNS as an extra security measure. It will affect email just as what you've seen; you won't be able to send to certain email servers that are checking this info. I'm not sure about those domains not being able to send to your domain. I always thought the checking was done only on the receiving end, but I could be wrong. It is advisable to get this fixed. If your ISP hosts the DNS they should have no problem setting up the reverse DNS for you; it is a standard thing.

  7. #7
    Join Date
    Feb 2008
    Location
    San Francisco
    Posts
    360
    Rep Power
    7

    Default

    ok....so the reverse DNS is working now... Both from the DNS server and the zimbra server the reverse DNS now shows up...


    [root@mail /]# nslookup 71.X.XX.XXX
    Server: 192.168.1.248
    Address: 192.168.1.248#53

    Non-authoritative answer:
    XXX.XX.X.71.in-addr.arpa name = mail.domain.com.

    Authoritative answers can be found from:
    XX.X.71.in-addr.arpa nameserver = ns1.xo.com.
    XX.X.71.in-addr.arpa nameserver = ns2.xo.com.
    XX.X.71.in-addr.arpa nameserver = ns3.xo.com.
    The changes were made on Friday, so any DNS propagation should be complete by now, right?

    However the emails are still hanging up in the queue with the Connection Timed Out on port 25 error thingy...

    Any ideas???

  8. #8
    Join Date
    Feb 2008
    Location
    San Francisco
    Posts
    360
    Rep Power
    7

    Default

    ok, I have a question...

    I have the RDNS setup with the public IP 71.X.XX.XX1 with the hostname of our name server ns1.domain.com.

    I also have the RDNS setup with the public IP 71.X.XX.XX2 with the hostname of our email server mail.domain.com

    However, when people send/recieve email they use user@domain.com
    So when the email is sent/recieved it's checking for an RDNS of domain.com, which technically lives on 71.X.XX.XX1 but isn't finding it cause the RDNS is for the server hostname, not the domain....

    So should the 71.X.XX.XX1 have an RDNS of the domain.com or ns1.domain.com? Cause they both reside on the same IP.

    Would this make a difference?

    If yes, then is there a way to have the two domains on one RDNS of 71.X.XX.XX1 ...?

    Thanks!

  9. #9
    Join Date
    Mar 2006
    Location
    Massachusetts
    Posts
    965
    Rep Power
    10

    Default

    The changes were made on Friday, so any DNS propagation should be complete by now, right?
    The are some web-sites that offer DNS tools for checking this type of thing. Might be worth checking from somewhere outside you public/private network.
    However, when people send/recieve email they use user@domain.com
    So when the email is sent/recieved it's checking for an RDNS of domain.com, which technically lives on 71.X.XX.XX1 but isn't finding it cause the RDNS is for the server hostname, not the domain....
    I don't think this is your problem. I could be wrong, but my understanding of how RDNS works with email servers is the receiving server is just checking to make sure the sending server IP address has a proper reverse DNS entry. It doesn't (shouldn't) care about the domain tied to the address.

    Could the whole reverse DNS thing be a "red herring", so to say, in your case? Again, not claiming to be an expert on DNS or anything, but I would think if you are trying to send email to an email server that is doing reverse DNS checking your server would still connect but the server on the receiving end would send back some type of error message saying something about reverse DNS. I'm not getting the thing about not being able to telnet to the email server. (You are trying to telnet to port 25, right?)

  10. #10
    Join Date
    Feb 2008
    Location
    San Francisco
    Posts
    360
    Rep Power
    7

    Default

    Hmmm... I have our rdns working correctly.

    We receive emails now, but they don't receive ours...?

    What else could be causing this???

Similar Threads

  1. local dns issue
    By chandu in forum Administrators
    Replies: 3
    Last Post: 06-25-2008, 08:48 AM
  2. Reverse DNS lookups with multiple Domain hosting.
    By carpicker in forum Installation
    Replies: 0
    Last Post: 04-23-2008, 01:14 PM
  3. dns issue with suse 10.2 and issue with bind
    By zjustin in forum Installation
    Replies: 11
    Last Post: 05-06-2007, 12:18 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •