0

Hi !

When I send a mail to some specific address

I receive this problem :

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

......
550 5.7.1 Client host rejected: cannot find your reverse hostname,
    [83.212.248.x] (in reply to RCPT TO command)

I found on internet that the problem comes from an impossibility to perform the Reverse DNS to the ip address 83.212.248.x

I have a DNS server [83.212.248.y] that is supposed to "reverse" (I think) solve 83.212.248.x.

I got some help and the told me to add the following to /etc/bind/named.conf

zone "0/25.248.212.83.in-addr.arpa" {
        type master;
        file "/etc/bind/efa.rev";
};

and to create the file efa.rev :

$ORIGIN 0/25.248.212.83.in-addr.arpa.
$TTL 86400

@ IN SOA dns1efa.efa.gr. root.dns1.efa.gr. (
      2009091001
      86400
      7200
      2419200
      3600 )

@   IN  NS  dns1efa.efa.gr.

6   IN  PTR mail.efa.gr.

I did that and ran bind9 restart. But it still doesn't work.
I'm slowly getting crazy and it won't be reversible :) could you help me please ?

Thank you very much

Vince

Edited by mike_2000_17: Fixed formatting

2
Contributors
3
Replies
4
Views
8 Years
Discussion Span
Last Post by sknake
0

Could you post the actual IP address you are trying to reverse? There are many things to look at here and it is difficult without knowing the actual IP address. I need to know the outbound IP of your mailserver and the IP of your DNS server.

0

Could you post the actual IP address you are trying to reverse? There are many things to look at here and it is difficult without knowing the actual IP address. I need to know the outbound IP of your mailserver and the IP of your DNS server.

Hi ! the IP adress I am trying to reverse is 83.212.248.6 (the mail server). 83.212.248.2 (the DNS server)
Thank you !

0

Everything looks good. All of your glues are in place, everything resolves, all glues match finals IP addresses... I'm not quite sure what the issue might be. The *only* thing I could think of is that your reverse DNS uses a cname. Most people don't get that CNAME "workaround" for DNS you have working :P

The only thing that I could think that might be the issue is the fact that your reverse DNS uses a CNAME record. I'm sure you're well aware that your MX record must point to a hostname that is resolved with an A record. Example

Your current setup:

sk@sk:~$ dig efa.gr MX

; <<>> DiG 9.4.0 <<>> efa.gr MX
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26827
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; QUESTION SECTION:
;efa.gr.                                IN      MX

;; ANSWER SECTION:
efa.gr.                 10575   IN      MX      1 mail.efa.gr.

;; AUTHORITY SECTION:
efa.gr.                 9912    IN      NS      dns1efa.efa.gr.

;; ADDITIONAL SECTION:
mail.efa.gr.            10392   IN      A       83.212.248.6
dns1efa.efa.gr.         9912    IN      A       83.212.248.2

sk@sk:~$ dig mail.efa.gr @83.212.248.2 A

; <<>> DiG 9.4.0 <<>> mail.efa.gr @83.212.248.2 A
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31661
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;mail.efa.gr.                   IN      A

;; ANSWER SECTION:
mail.efa.gr.            10800   IN      [B][U]A[/U][/B]       83.212.248.6

In this case you have MX->A->resolved which is the way its supposed to be. I'm guessing someone has a resolver that is set to ignore CNAME records altogether when dealing with email.

RFC2821 recommends against mixing MX with CNAME records but i'm not sure if it mentions how to handle reverse DNS with CNAME records.

What I think the problem is:

sk@sk:~$ dig -x 83.212.248.6 +trace

; <<>> DiG 9.4.0 <<>> -x 83.212.248.6 +trace
;; global options:  printcmd
.                       3600000 IN      NS      M.ROOT-SERVERS.NET.
.                       3600000 IN      NS      K.ROOT-SERVERS.NET.
.                       3600000 IN      NS      L.ROOT-SERVERS.NET.
.                       3600000 IN      NS      C.ROOT-SERVERS.NET.
.                       3600000 IN      NS      I.ROOT-SERVERS.NET.
.                       3600000 IN      NS      E.ROOT-SERVERS.NET.
.                       3600000 IN      NS      D.ROOT-SERVERS.NET.
.                       3600000 IN      NS      B.ROOT-SERVERS.NET.
.                       3600000 IN      NS      H.ROOT-SERVERS.NET.
.                       3600000 IN      NS      J.ROOT-SERVERS.NET.
.                       3600000 IN      NS      A.ROOT-SERVERS.NET.
.                       3600000 IN      NS      G.ROOT-SERVERS.NET.
.                       3600000 IN      NS      F.ROOT-SERVERS.NET.
;; Received 452 bytes from 72.16.178.119#53(72.16.178.119) in 3 ms

83.in-addr.arpa.        86400   IN      NS      ns3.nic.fr.
83.in-addr.arpa.        86400   IN      NS      sec1.apnic.net.
83.in-addr.arpa.        86400   IN      NS      sec3.apnic.net.
83.in-addr.arpa.        86400   IN      NS      sunic.sunet.se.
83.in-addr.arpa.        86400   IN      NS      ns-pri.ripe.net.
83.in-addr.arpa.        86400   IN      NS      tinnie.arin.net.
;; Received 209 bytes from 2001:500:1::803f:235#53(H.ROOT-SERVERS.NET) in 241 ms

248.212.83.in-addr.arpa. 172800 IN      NS      foo.grnet.gr.
248.212.83.in-addr.arpa. 172800 IN      NS      nic.grnet.gr.
248.212.83.in-addr.arpa. 172800 IN      NS      volcano1.grnet.gr.
;; Received 133 bytes from 2001:610:240:0:53::3#53(ns-pri.ripe.net) in 163 ms

6.248.212.83.in-addr.arpa. 86400 IN     [B]CNAME   6.0/25.248.212.83.in-addr.arpa.[/B]
0/25.248.212.83.in-addr.arpa. 86400 IN  NS      dns1efa.efa.gr.
;; Received 108 bytes from 194.177.210.210#53(nic.grnet.gr) in 163 ms

The resolution may stop here for a "dumb resolver" or stop because it hit a CNAME.

I would have your ISP also include a PTR record in addition to the CNAME record, or remove the CNAME record and have your ISP do the reverse DNS for this IP address entirely.

Bottom line -- have your ISP reverse that IP.

[edit]
FYI - I would consider this a problem with the remote mail server. They likely have an odd DNS server or anal settings implemented on their end. Your ISP could give you the "nobody else has these problems" but I would just stand by this is a problem for a certain mailserver and there is nothing we can do about it.

I see nothing wrong with your setup.
[/edit]

Edited by sknake: n/a

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.